support resolving dns cabals (cabal://foo.com) about cabal-core HOT 10 CLOSED

Still working on getting a nice setup for the DNS resolution and caching. PR soon!

from cabal-core.

I will add a thought here.

DAT's support of /.well-known/dat allows things like hashbase.io to work, and supporting a well-known URL with cabal would allow similar services to exist and work with Cabal.

Unless you're using AWS route 53, dynamically allocating TXT records to a domain is not widely programmable, whereas checking the Host header in an HTTP server with wildcard DNS records is pretty simple.

I guess what I'm saying is, if you want a registration or pinning service to work, consider supporting a well-known URL as well.

from cabal-core.

try the cabal:// link to see if it's a hex key, using it if it is'
check the cache to see if we have an entry matching cabal:// and use the associated key if it's a hit
do a DNS request for a DNS TXT record matching CABALKEY

Sounds perfect! I'll make a go at a PR this weekend!

from cabal-core.

Since a cabal isn't a dat, maybe it makes sense (eventually) to have a CABALKEY TXT DNS entry instead.

from cabal-core.

Looking into this and how dat-link-resolve works a little more. Basically, it appears that it tries the following steps when resolving a link into a key. When one works it stops

1. Extract a key from the link: take the link and looks for a 64 digit hex string, if found anywhere in the link the hex string is returned as the key (source code)
2. Make a request to the link and check response headers: make an http request for the link, and check the response headers for 'hyperdrive-key' or 'dat-key' which should contain the key (source)
3. Make a request to the link and check response body: if a 64 digit hex string is found anywhere in the body, then the first instance is interpreted to be the key (source)
4. Resolve the key with dat-dns: Pass the link to dat-dns.resolve() and see if that resolves a key. (source) Looking at the dat-dns package, it looks like it first checks the DNS record associated with the link hostname or pathname and tries to find a dat-key TXT entry. (source) if that doesn't work it looks for a /.well_known/dat JSON on the host and parses the key from that (source).

I'm still parsing how we'd want to apply this to cabal. Right now, and to keep it simple to start we might want to do away with steps 2, 3 and part of 4.

Including the key in the /.well_known/cabal JSON, http response headers or response body doesn't really make sense for cabal as there might not be an HTTP server associated with the host being looked up. Instead we could try to extract a key from the link provided, and if that doesn't work do a DNS lookup and check for an answer matching cabal-key={key}.

The HTTP methods could optionally be added later if you think they make sense. If we wanted to include one to start, I'd recommend the /.well_known/cabal method as it still associated one host with one cabal which keeps things inline with how the DNS would work.

Thoughts?

from cabal-core.

@MarkBennett great analysis! i agree with your points.

so to summarize we want to

1. try the cabal:// link to see if it's a hex key, using it if it is
2. do a DNS request for a DNS TXT record matching CABALKEY

i don't want to make the process needlessly complex, but i do see some merit in maintaining a local cache of previous DNS lookups. so maybe we have an intermediate step between 1 and 2

1. try the cabal:// link to see if it's a hex key, using it if it is'
2. check the cache to see if we have an entry matching cabal://<domain> and use the associated key if it's a hit
3. do a DNS request for a DNS TXT record matching CABALKEY

from cabal-core.

from cabal-core.

That makes sense to me given that cabal isn't dat as you say.

from cabal-core.

@noffle I'm thinking I'll resolve the DNS using DNS-over-HTTPS for now as it's simple and secure. The only hitch is that it hits Google's DNS, though any DNS service could be used instead. This is also what dat-dns uses.

https://dns.google.com/resolve?name=markbennett.ca&type=16

Thoughts?

from cabal-core.

this is done, dat-dns has been PR'd dat-ecosystem-archive/dat-dns#15

from cabal-core.