idnits 2.17.1 draft-ietf-add-ddr-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 2 instances of lines with non-RFC2606-compliant FQDNs in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (8 July 2021) is 1022 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-12) exists of draft-ietf-dnsop-svcb-https-06 == Outdated reference: A later version (-18) exists of draft-ietf-tls-esni-12 == Outdated reference: A later version (-04) exists of draft-schwartz-svcb-dns-03 Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ADD T. Pauly 3 Internet-Draft E. Kinnear 4 Intended status: Standards Track Apple Inc. 5 Expires: 9 January 2022 C.A. Wood 6 Cloudflare 7 P. McManus 8 Fastly 9 T. Jensen 10 Microsoft 11 8 July 2021 13 Discovery of Designated Resolvers 14 draft-ietf-add-ddr-02 16 Abstract 18 This document defines Discovery of Designated Resolvers (DDR), a 19 mechanism for DNS clients to use DNS records to discover a resolver's 20 encrypted DNS configuration. This mechanism can be used to move from 21 unencrypted DNS to encrypted DNS when only the IP address of a 22 resolver is known. It can also be used to discover support for 23 encrypted DNS protocols when the name of an encrypted resolver is 24 known. This mechanism is designed to be limited to cases where 25 unencrypted resolvers and their designated resolvers are operated by 26 the same entity or cooperating entities. 28 Discussion Venues 30 This note is to be removed before publishing as an RFC. 32 Discussion of this document takes place on the Adaptive DNS Discovery 33 Working Group mailing list (add@ietf.org), which is archived at 34 https://mailarchive.ietf.org/arch/browse/add/. 36 Source for this draft and an issue tracker can be found at 37 https://github.com/ietf-wg-add/draft-ietf-add-ddr. 39 Status of This Memo 41 This Internet-Draft is submitted in full conformance with the 42 provisions of BCP 78 and BCP 79. 44 Internet-Drafts are working documents of the Internet Engineering 45 Task Force (IETF). Note that other groups may also distribute 46 working documents as Internet-Drafts. The list of current Internet- 47 Drafts is at https://datatracker.ietf.org/drafts/current/. 49 Internet-Drafts are draft documents valid for a maximum of six months 50 and may be updated, replaced, or obsoleted by other documents at any 51 time. It is inappropriate to use Internet-Drafts as reference 52 material or to cite them other than as "work in progress." 54 This Internet-Draft will expire on 9 January 2022. 56 Copyright Notice 58 Copyright (c) 2021 IETF Trust and the persons identified as the 59 document authors. All rights reserved. 61 This document is subject to BCP 78 and the IETF Trust's Legal 62 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 63 license-info) in effect on the date of publication of this document. 64 Please review these documents carefully, as they describe your rights 65 and restrictions with respect to this document. Code Components 66 extracted from this document must include Simplified BSD License text 67 as described in Section 4.e of the Trust Legal Provisions and are 68 provided without warranty as described in the Simplified BSD License. 70 Table of Contents 72 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 73 1.1. Specification of Requirements . . . . . . . . . . . . . . 3 74 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 75 3. DNS Service Binding Records . . . . . . . . . . . . . . . . . 4 76 4. Discovery Using Resolver IP Addresses . . . . . . . . . . . . 5 77 4.1. Authenticated Discovery . . . . . . . . . . . . . . . . . 6 78 4.2. Opportunistic Discovery . . . . . . . . . . . . . . . . . 6 79 5. Discovery Using Resolver Names . . . . . . . . . . . . . . . 7 80 6. Deployment Considerations . . . . . . . . . . . . . . . . . . 7 81 6.1. Caching Forwarders . . . . . . . . . . . . . . . . . . . 8 82 6.2. Certificate Management . . . . . . . . . . . . . . . . . 8 83 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 84 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 85 8.1. Special Use Domain Name "resolver.arpa" . . . . . . . . . 9 86 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 87 9.1. Normative References . . . . . . . . . . . . . . . . . . 9 88 9.2. Informative References . . . . . . . . . . . . . . . . . 10 89 Appendix A. Rationale for using SVCB records . . . . . . . . . . 11 90 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 92 1. Introduction 94 When DNS clients wish to use encrypted DNS protocols such as DNS- 95 over-TLS (DoT) [RFC7858] or DNS-over-HTTPS (DoH) [RFC8484], they 96 require additional information beyond the IP address of the DNS 97 server, such as the resolver's hostname, non-standard ports, or URL 98 paths. However, common configuration mechanisms only provide the 99 resolver's IP address during configuration. Such mechanisms include 100 network provisioning protocols like DHCP [RFC2132] and IPv6 Router 101 Advertisement (RA) options [RFC8106], as well as manual 102 configuration. 104 This document defines two mechanisms for clients to discover 105 designated resolvers using DNS server Service Binding (SVCB, 106 [I-D.ietf-dnsop-svcb-https]) records: 108 1. When only an IP address of an Unencrypted Resolver is known, the 109 client queries a special use domain name to discover DNS SVCB 110 records associated with one or more Encrypted Resolvers the 111 Unencrypted Resolver has designated for use when support for DNS 112 encryption is requested (Section 4). 114 2. When the hostname of an Encrypted Resolver is known, the client 115 requests details by sending a query for a DNS SVCB record. This 116 can be used to discover alternate encrypted DNS protocols 117 supported by a known server, or to provide details if a resolver 118 name is provisioned by a network (Section 5). 120 Both of these approaches allow clients to confirm that a discovered 121 Encrypted Resolver is designated by the originally provisioned 122 resolver. "Designated" in this context means that the resolvers are 123 operated by the same entity or cooperating entities; for example, the 124 resolvers are accessible on the same IP address, or there is a 125 certificate that claims ownership over both resolvers. 127 1.1. Specification of Requirements 129 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 130 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 131 "OPTIONAL" in this document are to be interpreted as described in BCP 132 14 [RFC2119] [RFC8174] when, and only when, they appear in all 133 capitals, as shown here. 135 2. Terminology 137 This document defines the following terms: 139 DDR: Discovery of Designated Resolvers. Refers to the mechanisms 140 defined in this document. 142 Designated Resolver: A resolver, presumably an Encrypted Resolver, 143 designated by another resolver for use in its own place. This 144 designation can be authenticated with TLS certificates. 146 Encrypted Resolver: A DNS resolver using any encrypted DNS 147 transport. This includes current mechanisms such as DoH and DoT 148 as well as future mechanisms. 150 Unencrypted Resolver: A DNS resolver using TCP or UDP port 53. 152 3. DNS Service Binding Records 154 DNS resolvers can advertise one or more Designated Resolvers that may 155 offer support over encrypted channels and are controlled by the same 156 entity. 158 When a client discovers Designated Resolvers, it learns information 159 such as the supported protocols, ports, and server name to use in 160 certificate validation. This information is provided in Service 161 Binding (SVCB) records for DNS Servers, defined by 162 [I-D.schwartz-svcb-dns]. 164 The following is an example of an SVCB record describing a DoH server 165 discovered by querying for "_dns.example.net": 167 _dns.example.net 7200 IN SVCB 1 . ( 168 alpn=h2 dohpath=/dns-query{?dns} ) 170 The following is an example of an SVCB record describing a DoT server 171 discovered by querying for "_dns.example.net": 173 _dns.example.net 7200 IN SVCB 1 dot.example.net ( 174 alpn=dot port=8530 ) 176 If multiple Designated Resolvers are available, using one or more 177 encrypted DNS protocols, the resolver deployment can indicate a 178 preference using the priority fields in each SVCB record 179 [I-D.ietf-dnsop-svcb-https]. 181 To avoid name lookup deadlock, Designated Resolvers SHOULD follow the 182 guidance in Section 10 of [RFC8484] regarding the avoidance of DNS- 183 based references that block the completion of the TLS handshake. 185 This document focuses on discovering DoH and DoT Designated 186 Resolvers. Other protocols can also use the format defined by 187 [I-D.schwartz-svcb-dns]. However, if any protocol does not involve 188 some form of certificate validation, new validation mechanisms will 189 need to be defined to support validating designation as defined in 190 Section 4.1. 192 4. Discovery Using Resolver IP Addresses 194 When a DNS client is configured with an Unencrypted Resolver IP 195 address, it SHOULD query the resolver for SVCB records for 196 "dns://resolver.arpa" before making other queries. Specifically, the 197 client issues a query for "_dns.resolver.arpa" with the SVCB resource 198 record type (64) [I-D.ietf-dnsop-svcb-https]. 200 Because this query is for an SUDN, which no entity can claim 201 ownership over, the SVCB response MUST NOT use the "." value for the 202 SvcDomainName. Instead, the domain name used for DoT or used to 203 construct the DoH template MUST be provided. 205 The following is an example of an SVCB record describing a DoH server 206 discovered by querying for "_dns.resolver.arpa": 208 _dns.resolver.arpa 7200 IN SVCB 1 doh.example.net ( 209 alpn=h2 dohpath=/dns-query{?dns} ) 211 The following is an example of an SVCB record describing a DoT server 212 discovered by querying for "_dns.resolver.arpa": 214 _dns.resolver.arpa 7200 IN SVCB 1 dot.example.net ( 215 alpn=dot port=8530 ) 217 If the recursive resolver that receives this query has one or more 218 Designated Resolvers, it will return the corresponding SVCB records. 219 When responding to these special queries for "dns://resolver.arpa", 220 the recursive resolver SHOULD include the A and AAAA records for the 221 name of the Designated Resolver in the Additional Answers section. 222 This will allow the DNS client to make queries over an encrypted 223 connection without waiting to resolve the Encrypted Resolver name per 224 [I-D.ietf-dnsop-svcb-https]. If no A/AAAA records or SVCB IP address 225 hints are included, clients will be forced to delay use of the 226 Encrypted Resolver until an additional DNS lookup for the A and AAAA 227 records can be made to the Unencrypted Resolver (or some other 228 resolver the DNS client has been configured to use). 230 If the recursive resolver that receives this query has no Designated 231 Resolvers, it SHOULD return NODATA for queries to the "resolver.arpa" 232 SUDN. 234 4.1. Authenticated Discovery 236 In order to be considered an authenticated Designated Resolver, the 237 TLS certificate presented by the Encrypted Resolver MUST contain both 238 the domain name (from the SVCB answer) and the IP address of the 239 designating Unencrypted Resolver within the SubjectAlternativeName 240 certificate field. The client MUST check the SubjectAlternativeName 241 field for both the Unencrypted Resolver's IP address and the 242 advertised name of the Designated Resolver. If the certificate can 243 be validated, the client SHOULD use the discovered Designated 244 Resolver for any cases in which it would have otherwise used the 245 Unencrypted Resolver. If the Designated Resolver has a different IP 246 address than the Unencrypted Resolver and the TLS certificate does 247 not cover the Unencrypted Resolver address, the client MUST NOT use 248 the discovered Encrypted Resolver. Additionally, the client SHOULD 249 suppress any further queries for Designated Resolvers using this 250 Unencrypted Resolver for the length of time indicated by the SVCB 251 record's Time to Live (TTL). 253 If the Designated Resolver and the Unencrypted Resolver share an IP 254 address, clients MAY choose to opportunistically use the Encrypted 255 Resolver even without this certificate check (Section 4.2). 257 If resolving the name of an Encrypted Resolver from an SVCB record 258 yields an IP address that was not presented in the Additional Answers 259 section or ipv4hint or ipv6hint fields of the original SVCB query, 260 the connection made to that IP address MUST pass the same TLS 261 certificate checks before being allowed to replace a previously known 262 and validated IP address for the same Encrypted Resolver name. 264 4.2. Opportunistic Discovery 266 There are situations where authenticated discovery of encrypted DNS 267 configuration over unencrypted DNS is not possible. This includes 268 Unencrypted Resolvers on non-public IP addresses such as those 269 defined in [RFC1918] whose identity cannot be confirmed using TLS 270 certificates. 272 Opportunistic Privacy is defined for DoT in Section 4.1 of [RFC7858] 273 as a mode in which clients do not validate the name of the resolver 274 presented in the certificate. A client MAY use information from the 275 SVCB record for "dns://resolver.arpa" with this "opportunistic" 276 approach (not validating the names presented in the 277 SubjectAlternativeName field of the certificate) as long as the IP 278 address of the Encrypted Resolver does not differ from the IP address 279 of the Unencrypted Resolver. This approach can be used for any 280 encrypted DNS protocol that uses TLS. 282 5. Discovery Using Resolver Names 284 A DNS client that already knows the name of an Encrypted Resolver can 285 use DDR to discover details about all supported encrypted DNS 286 protocols. This situation can arise if a client has been configured 287 to use a given Encrypted Resolver, or if a network provisioning 288 protocol (such as DHCP or IPv6 Router Advertisements) provides a name 289 for an Encrypted Resolver alongside the resolver IP address. 291 For these cases, the client simply sends a DNS SVCB query using the 292 known name of the resolver. This query can be issued to the named 293 Encrypted Resolver itself or to any other resolver. Unlike the case 294 of bootstrapping from an Unencrypted Resolver (Section 4), these 295 records SHOULD be available in the public DNS. 297 For example, if the client already knows about a DoT server 298 "resolver.example.com", it can issue an SVCB query for 299 "_dns.resolver.example.com" to discover if there are other encrypted 300 DNS protocols available. In the following example, the SVCB answers 301 indicate that "resolver.example.com" supports both DoH and DoT, and 302 that the DoH server indicates a higher priority than the DoT server. 304 _dns.resolver.example.com 7200 IN SVCB 1 . ( 305 alpn=h2 dohpath=/dns-query{?dns} ) 306 _dns.resolver.example.com 7200 IN SVCB 2 . ( 307 alpn=dot ) 309 Often, the various supported encrypted DNS protocols will be 310 accessible using the same hostname. In the example above, both DoH 311 and DoT use the name "resolver.example.com" for their TLS 312 certificates. If a deployment uses a different hostname for one 313 protocol, but still wants clients to treat both DNS servers as 314 designated, the TLS certificates MUST include both names in the 315 SubjectAlternativeName fields. Note that this name verification is 316 not related to the DNS resolver that provided the SVCB answer. 318 For example, being able to discover a Designated Resolver for a known 319 Encrypted Resolver is useful when a client has a DoT configuration 320 for "foo.resolver.example.com" but is on a network that blocks DoT 321 traffic. The client can still send a query to any other accessible 322 resolver (either the local network resolver or an accessible DoH 323 server) to discover if there is a designated DoH server for 324 "foo.resolver.example.com". 326 6. Deployment Considerations 328 Resolver deployments that support DDR are advised to consider the 329 following points. 331 6.1. Caching Forwarders 333 A DNS forwarder SHOULD NOT forward queries for "resolver.arpa" 334 upstream. This prevents a client from receiving an SVCB record that 335 will fail to authenticate because the forwarder's IP address is not 336 in the upstream resolver's Designated Resolver's TLS certificate SAN 337 field. A DNS forwarder which already acts as a completely blind 338 forwarder MAY choose to forward these queries when the operator 339 expects that this does not apply, either because the operator knows 340 the upstream resolver does have the forwarder's IP address in its TLS 341 certificate's SAN field or that the operator expects clients of the 342 unencrypted resolver to use the SVCB information opportunistically. 344 Operators who choose to forward queries for "resolver.arpa" upstream 345 should note that client behavior is never guaranteed and use of DDR 346 by a resolver does not communicate a requirement for clients to use 347 the SVCB record when it cannot be authenticated. 349 6.2. Certificate Management 351 Resolver owners that support authenticated discovery will need to 352 list valid referring IP addresses in their TLS certificates. This 353 may pose challenges for resolvers with a large number of referring IP 354 addresses. 356 7. Security Considerations 358 Since client can receive DNS SVCB answers over unencrypted DNS, on- 359 path attackers can prevent successful discovery by dropping SVCB 360 packets. Clients should be aware that it might not be possible to 361 distinguish between resolvers that do not have any Designated 362 Resolver and such an active attack. 364 While the IP address of the Unencrypted Resolver is often provisioned 365 over insecure mechanisms, it can also be provisioned securely, such 366 as via manual configuration, a VPN, or on a network with protections 367 like RA guard [RFC6105]. An attacker might try to direct Encrypted 368 DNS traffic to itself by causing the client to think that a 369 discovered Designated Resolver uses a different IP address from the 370 Unencrypted Resolver. Such an Encrypted Resolver might have a valid 371 certificate, but be operated by an attacker that is trying to observe 372 or modify user queries without the knowledge of the client or 373 network. 375 If the IP address of a Designated Resolver differs from that of an 376 Unencrypted Resolver, clients MUST validate that the IP address of 377 the Unencrypted Resolver is covered by the SubjectAlternativeName of 378 the Encrypted Resolver's TLS certificate (Section 4.1). 380 Opportunistic use of Encrypted Resolvers MUST be limited to cases 381 where the Unencrypted Resolver and Designated Resolver have the same 382 IP address (Section 4.2). 384 8. IANA Considerations 386 8.1. Special Use Domain Name "resolver.arpa" 388 This document calls for the creation of the "resolver.arpa" SUDN. 389 This will allow resolvers to respond to queries directed at 390 themselves rather than a specific domain name. While this document 391 uses "resolver.arpa" to return SVCB records indicating designated 392 encrypted capability, the name is generic enough to allow future 393 reuse for other purposes where the resolver wishes to provide 394 information about itself to the client. 396 The "resolver.arpa" SUDN is similar to "ipv4only.arpa" in that the 397 querying client is not interested in an answer from the authoritative 398 "arpa" name servers. The intent of the SUDN is to allow clients to 399 communicate with the Unencrypted Resolver much like "ipv4only.arpa" 400 allows for client-to-middlebox communication. For more context, see 401 the rationale behind "ipv4only.arpa" in [RFC8880]. 403 9. References 405 9.1. Normative References 407 [I-D.ietf-dnsop-svcb-https] 408 Schwartz, B., Bishop, M., and E. Nygren, "Service binding 409 and parameter specification via the DNS (DNS SVCB and 410 HTTPS RRs)", Work in Progress, Internet-Draft, draft-ietf- 411 dnsop-svcb-https-06, 16 June 2021, 412 . 415 [I-D.ietf-tls-esni] 416 Rescorla, E., Oku, K., Sullivan, N., and C. A. Wood, "TLS 417 Encrypted Client Hello", Work in Progress, Internet-Draft, 418 draft-ietf-tls-esni-12, 7 July 2021, 419 . 422 [I-D.schwartz-svcb-dns] 423 Schwartz, B., "Service Binding Mapping for DNS Servers", 424 Work in Progress, Internet-Draft, draft-schwartz-svcb-dns- 425 03, 19 April 2021, . 428 [RFC1918] Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G. 429 J., and E. Lear, "Address Allocation for Private 430 Internets", BCP 5, RFC 1918, DOI 10.17487/RFC1918, 431 February 1996, . 433 [RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., 434 and P. Hoffman, "Specification for DNS over Transport 435 Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May 436 2016, . 438 [RFC8484] Hoffman, P. and P. McManus, "DNS Queries over HTTPS 439 (DoH)", RFC 8484, DOI 10.17487/RFC8484, October 2018, 440 . 442 9.2. Informative References 444 [I-D.schinazi-httpbis-doh-preference-hints] 445 Schinazi, D., Sullivan, N., and J. Kipp, "DoH Preference 446 Hints for HTTP", Work in Progress, Internet-Draft, draft- 447 schinazi-httpbis-doh-preference-hints-02, 13 July 2020, 448 . 451 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 452 Requirement Levels", BCP 14, RFC 2119, 453 DOI 10.17487/RFC2119, March 1997, 454 . 456 [RFC2132] Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor 457 Extensions", RFC 2132, DOI 10.17487/RFC2132, March 1997, 458 . 460 [RFC5507] IAB, Faltstrom, P., Ed., Austein, R., Ed., and P. Koch, 461 Ed., "Design Choices When Expanding the DNS", RFC 5507, 462 DOI 10.17487/RFC5507, April 2009, 463 . 465 [RFC6105] Levy-Abegnoli, E., Van de Velde, G., Popoviciu, C., and J. 466 Mohacsi, "IPv6 Router Advertisement Guard", RFC 6105, 467 DOI 10.17487/RFC6105, February 2011, 468 . 470 [RFC8106] Jeong, J., Park, S., Beloeil, L., and S. Madanapalli, 471 "IPv6 Router Advertisement Options for DNS Configuration", 472 RFC 8106, DOI 10.17487/RFC8106, March 2017, 473 . 475 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 476 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 477 May 2017, . 479 [RFC8880] Cheshire, S. and D. Schinazi, "Special Use Domain Name 480 'ipv4only.arpa'", RFC 8880, DOI 10.17487/RFC8880, August 481 2020, . 483 Appendix A. Rationale for using SVCB records 485 This mechanism uses SVCB/HTTPS resource records 486 [I-D.ietf-dnsop-svcb-https] to communicate that a given domain 487 designates a particular Designated Resolver for clients to use in 488 place of an Unencrypted Resolver (using a SUDN) or another Encrypted 489 Resolver (using its domain name). 491 There are various other proposals for how to provide similar 492 functionality. There are several reasons that this mechanism has 493 chosen SVCB records: 495 * Discovering encrypted resolver using DNS records keeps client 496 logic for DNS self-contained and allows a DNS resolver operator to 497 define which resolver names and IP addresses are related to one 498 another. 500 * Using DNS records also does not rely on bootstrapping with higher- 501 level application operations (such as 502 [I-D.schinazi-httpbis-doh-preference-hints]). 504 * SVCB records are extensible and allow definition of parameter 505 keys. This makes them a superior mechanism for extensibility as 506 compared to approaches such as overloading TXT records. The same 507 keys can be used for discovering Designated Resolvers of different 508 transport types as well as those advertised by Unencrypted 509 Resolvers or another Encrypted Resolver. 511 * Clients and servers that are interested in privacy of names will 512 already need to support SVCB records in order to use Encrypted TLS 513 Client Hello [I-D.ietf-tls-esni]. Without encrypting names in 514 TLS, the value of encrypting DNS is reduced, so pairing the 515 solutions provides the largest benefit. 517 * Clients that support SVCB will generally send out three queries 518 when accessing web content on a dual-stack network: A, AAAA, and 519 HTTPS queries. Discovering a Designated Resolver as part of one 520 of these queries, without having to add yet another query, 521 minimizes the total number of queries clients send. While 522 [RFC5507] recommends adding new RRTypes for new functionality, 523 SVCB provides an extension mechanism that simplifies client 524 behavior. 526 Authors' Addresses 528 Tommy Pauly 529 Apple Inc. 530 One Apple Park Way 531 Cupertino, California 95014, 532 United States of America 534 Email: tpauly@apple.com 536 Eric Kinnear 537 Apple Inc. 538 One Apple Park Way 539 Cupertino, California 95014, 540 United States of America 542 Email: ekinnear@apple.com 544 Christopher A. Wood 545 Cloudflare 546 101 Townsend St 547 San Francisco, 548 United States of America 550 Email: caw@heapingbits.net 552 Patrick McManus 553 Fastly 555 Email: mcmanus@ducksong.com 557 Tommy Jensen 558 Microsoft 560 Email: tojens@microsoft.com