Upgrade to Pro — share decks privately, control downloads, hide ads and more …

255オクテットのドメインはツラみがある! / endless-work

Jun Watanabe
March 31, 2019
Technology
1
4.9k

255オクテットのドメインはツラみがある! / endless-work

Presented on PHPerKaigi 2019 https://phperkaigi.jp/

longest domain here!
Shorten :
http://bit.ly/endless_work

original :
https://workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.work/

Jun Watanabe

March 31, 2019
Tweet

More Decks by Jun Watanabe

See All by Jun Watanabe
力技で実現するHR Driven Provisioningとアクセス制御の自動化 / kyash-hr-driven-provisioning
rela1470
0
110
10分(25分)でつくる社内Webツール / howto-oidc-webpage
rela1470
0
100
リーグオブ情シス 第二回 / League of Infosys
rela1470
1
1.3k
Kyashでコーポレートエンジニアを初採用して7ヶ月が経ちましたがお元気ですか / ce-night-kyash
rela1470
4
2.9k
じこしょうかい2019 / rela1470-portfolio-2019
rela1470
0
300
ヤフーの1on1
rela1470
0
440
15分でわかる!WBMPビューアー実装から始めるPHPバイナリ超初心者入門 / php_wbmp
rela1470
1
2.2k
またブラウザアプリの時代が来る!?ORATTAが考えるこれからのゲーム開発戦略とは / oratta_webapp_pwa
rela1470
0
1.7k
API仕様書ってどう運用したらいいの? / api_doc
rela1470
0
1.2k

Other Decks in Technology

See All in Technology
Java x Spring Boot Warm up
kazu_kichi_67
2
480
omakaseしないための.rubocop.yml のつくりかた / How to Build Your .rubocop.yml to Avoid Omakase #kaigionrails
linkers_tech
3
680
プロダクト成長に対応するプラットフォーム戦略:Authleteによる共通認証基盤の移行事例 / Building an authentication platform using Authlete and AWS
kakehashi
1
150
バクラクにおける可観測性向上の取り組み
yuu26
3
400
「最高のチューニング」をしないために / hack@delta 24.10
fujiwara3
20
3.3k
オーティファイ会社紹介資料 / Autify Company Deck
autifyhq
9
120k
Gradle: The Build System That Loves To Hate You
aurimas
2
140
生成AIとAWS CDKで実現! 自社ブログレビューの効率化
ymae
2
310
AWSコンテナ本出版から3年経った今、もし改めて執筆し直すなら / If I revise our container book
iselegant
15
3.9k
顧客が本当に必要だったもの - パフォーマンス改善編 / Make what is needed
soudai
24
6.6k
CyberAgent 生成AI Deep Dive with Amazon Web Services / genai-aws
cyberagentdevelopers
PRO
1
470
20241031_AWS_生成AIハッカソン_GenMuck
tsumita
0
100

Featured

See All Featured
KATA
mclloyd
29
13k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
27
1.9k
Writing Fast Ruby
sferik
626
61k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
32
1.8k
Building Your Own Lightsaber
phodgson
102
6k
Thoughts on Productivity
jonyablonski
67
4.3k
Agile that works and the tools we love
rasmusluckow
327
21k
GitHub's CSS Performance
jonrohan
1030
460k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
3
370
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
13
1.9k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
504
140k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k

Transcript

  1. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  2. 15෼࿮ͳͷʹ εϥΠυ110ຕͳͷͰ ઌʹ·ͱΊ ɾ255จࣈ͡Όͳ͍(͝ΊΜ) ɾ64จࣈҎ্Ͱཁ஫ҙ!!!!

  3. υϝΠϯͬͯ ͍ͭͷ·ʹ͔ ૿͑ͯ·͢ΑͶ!

  4. Θͨͳ΂͸ 13ݸ΋ͬͯ·ͨ͠

  5. New gTLD ଓʑొ৔

  6. None

  7. yasero.dev ࣗ෼ͷମॏΛࡽ͢αΠτ

  8. ͱ͍͏͜ͱͰຊ୊…

  9. υϝΠϯͬͯ Ͳ͜·Ͱ௕͘Ͱ͖Δ͔ ஌ͬͯ·͔͢?

  10. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  11. workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkwork.workworkwo rkworkworkworkworkworkwork workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkworkworkworkwor kworkwork.workworkworkwork workworkworkworkworkworkw orkworkworkworkwork.work

  12. workυϝΠϯ 1ԁͰͨ͠

  13. None

  14. ͋Γ͕ͱ͏ ͍͟͝·͢!

  15. (དྷ೥΋͓ئ͍͠·͢)

  16. ͋Ε?

  17. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  18. workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkwork.workworkwo rkworkworkworkworkworkwork workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkworkworkworkwor kworkwork.workworkworkwork workworkworkworkworkworkw orkworkworkworkwork.work

  19. ͦ͏ͳΜͰ͢

  20. 253จࣈ ͔͠ͳ͍ͧ

  21. ͓࿳ͼͱగਖ਼

  22. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  23. 255ΦΫςοτͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  24. None

  25. Ͳ͜Ͱఆٛ͞Ε͍ͯΔ͔

  26. RFC1035 2.3.4. Size limits 255 Octet

  27. 1 Octet 8 bit 1 Byte

  28. ༨ஊ 1Byte = 8 Bit ʹͳͬͨͷ͸ 2008೥ IEC 80000-13
 https://www.iso.org/standard/31898.html

    JIS͸ະൃߦ IECΛӾཡ͢Δʹ͸158 CHF (17,450ԁ)…

  29. ࠞཚ͠ͳ͍ͨΊʹ΋ Octet Λ࢖͓͏!

  30. ͞Βʹ༨ஊ URLશମͷ੍ݶ͸ͳ͍

  31. 100ສจࣈ·Ͱಈ࡞֬ೝࡁΈ https://qiita.com/nwtgck/items/e83473dc63386d2da3e5

  32. ؓ࿩ٳ୊

  33. υϝΠϯͷσʔλ಺໿

  34. work . work ↓ϥϕϧ ↑ ۠੾Γจࣈ ୈ2ϨϕϧυϝΠϯ ୈ1ϨϕϧυϝΠϯ

  35. DNSϝοηʔδ ࠓճͷυϝΠϯͷྫ

  36. ఆٛจࣈ௕ ΦΫςοτ ϥϕϧจࣈྻ NBY ΦΫςοτ  XPSLXPSLXPSLXPSLXPSLXPSL  XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL 

    XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL  XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL  XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL  XPSL  0DUFU 0DUFU   workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkworkworkwor kworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkwor kworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.work ↓ = 255 octet = 253จࣈ(υοτؚ)

  37. ϝʔϧΞυϨε͸?

  38. RFC5321 4.5.3.1.3. Path 256 Octet

  39. શମͰ࠷େ 256 Octet ·Ͱ (υοτ΍ΞοτϚʔΫ΋ؚΉ) υϝΠϯͰ 255 Octet ࢖͏ͷͰ…

  40. υϝΠϯ͕࠷େ௕ͩͱ ࣮࣭ൃߦͰ͖ͳ͍ @workworkworkworkworkwork.workworkworkworkwo rkworkworkworkworkwork.workworkworkworkworkw orkworkworkworkworkworkworkworkworkwork.work workworkworkworkworkworkworkworkworkworkwork workworkwork.workworkworkworkworkworkworkwor kworkworkworkworkworkworkwork.work ↑Ͱ256ΦΫςοτ(254จࣈ)

  41. ࣮ࡍʹӡ༻͍͖ͯ͠

  42. DNS

  43. None

  44. ໊͓લυοτίϜ͞Μ ͦ΋ͦ΋ෳ਺ϥϕϧ͕ ߟྀ͞Εͯͳ͍ ϫΠϧυΧʔυͰͳΜͱ͔

  45. SLAର৅ͷαʔϏεΛ ࢖͍·͠ΐ͏

  46. Amazon Route 53

  47. IDCF Cloud DNS

  48. nginx

  49. vi nginx.conf ———- server { listen 80; server_name workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkwor kworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkwor

    kworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkwor kworkworkworkwork.work; } —————— nginx -t nginx: [emerg] could not build server_names_hash, you should increase server_names_hash_bucket_size: 32 nginx: configuration file /etc/nginx/nginx.conf test failed nginx.conf server_name͕௕͗͢Δ

  50. vi nginx.conf ———- http { server_names_hash_bucket_size 512; } bucketSize֦ு

  51. None

  52. HTTPSԽ

  53. None

  54. DNS name too long # /usr/local/certbot/certbot-auto certonly --webroot -w /work.work

    - d workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.wo rkworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkw orkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkwork workworkworkworkworkworkworkworkworkworkwork.work Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Obtaining a new certificate An unexpected error occurred: The request message was malformed :: Error creating new authz :: DNS name too long Please see the logfiles in /var/log/letsencrypt for more details.

  55. certbot͕230จࣈҎ্Λ ड͚෇͚ͳ͍

  56. ಺෦తʹJSONͷϝλ৘ใͰ 25จࣈ࢖ͬͯ͠·͏ͨΊ letsencrypt/boulder.git/policy/pa.go@126 // TODO(#3237): Right now our schema for

    the authz table only allows 255 characters // for identifiers, including JSON wrapping, which takes up 25 characters. For // now, we only allow identifiers up to 230 characters in length. When we are // able to do a migration to update this table, we can allow DNS names up to // 253 characters in length. maxLabelLength = 63 maxDNSIdentifierLength = 230 `identifier` varchar(255) NOT NULL, {"type":"dns","value":"example.com"} https://community.letsencrypt.org/t/i-want-use-max-255-octet-domain/51279
  57. None
  58. None
  59. None

  60. Let’s Encrypt ͕ବ໨ͳΒ…

  61. ී௨ͷ༗ྉSSLͳΒ ͍͚Μͷ͔

  62. # openssl req -new -key key.pem -out key.csr Common Name

    (eg, fully qualified host name) []:workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork .workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workwo rkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkw orkworkworkworkworkworkworkworkworkworkworkwork.work OpenSSLͰCSRൃߦ΍!

  63. string is too long, it needs to be less than

    64 bytes long

  64. OpenSSL͕ବ໨ͳΒ…

  65. Microsoft IIS

  66. CSRൃߦͰ͖·ͨ͠

  67. CoreSSL͞ΜͰਃ੥

  68. None

  69. CSR͸ೝ͚ࣝͨ͠Ͳ αʔϏεଆͰ஄͔Εͨ

  70. ্Ґূ໌ہ Symantec Comodo GeoTrust ͷ੍ݶ https://knowledge.symantec.com/jp/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=SO24065

  71. RFC 5280 Appendix A.1 ub-common-name-length INTEGER ::= 64 ͪΐͬͱࣗ৴ͳ͍

  72. ͝ฦۚ ରԠ௖͖ ͋Γ͕ͱ͏ ͍͟͝·ͨ͠

  73. ແྉͰ230จࣈ·Ͱ͍͚Δ let's encrypt ٯʹ༏लઆ

  74. None

  75. ࣗલ͕ବ໨ͳΒ...

  76. αʔόʔϨε΍!

  77. Firebase Hosting ແྉSSL+ແྉCDN(݄50GB·Ͱ)

  78. Firebase Hosting ແྉSSL+ແྉCDN(݄50GB·Ͱ)

  79. Firebase Hosting ແྉSSL+ແྉCDN(݄50GB·Ͱ)

  80. SSL͕͍ͭ·Ͱܦͬͯ΋ ൓ө͞Εͳ͍

  81. UI΋յΕΔ

  82. ͦͯ͠2019೥

  83. υϝΠϯͷ௕͕͞ ࠷େ64จࣈʹ੍ݶ͞ΕͯΔ…

  84. Firebase͕ ବ໨ͳΒ Netlify΍!

  85. None
  86. None

  87. UI͸΋ͪΖΜյΕΔ

  88. ͔͠͠ 255 octet ͷ υϝΠϯ͸ొ࿥Ͱ͖ͨ (ͼͬ͘Γ)

  89. SSL͸…?

  90. DNS name too long

  91. Netlify ແྉSSL

  92. 230จࣈʹ཈͑ͨΒ ͍͚Δ΍Ζ!

  93. CN was longer than 64 bytes

  94. None

  95. Firebase SSLରԠඞਢ 64 octet ·Ͱ Netlify SSL͸ 64 octet ·Ͱ

    httpͰ΋Α͚Ε͹ 255 octet ·Ͱ

  96. SSLରԠͷເ͸௵͑ͨ…

  97. None

  98. ACME v2 API ϫΠϧυΧʔυূ໌ॻ

  99. CN was longer than 64 bytes ./certbot-auto certonly —manual -d

    *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor kworkworkworkworkwork.work -m [email protected] --agree-tos --manual- public-ip --preferred-challenges dns-01 --server https://acme- v02.api.letsencrypt.org/directory An unexpected error occurred: The request message was malformed :: Error finalizing order :: issuing precertificate: CN was longer than 64 bytes

  100. cert-bot SAN ରԠ υϝΠϯෳ਺ࢦఆͰ͖Δ & ઌ಄ͷυϝΠϯ͕CNʹ

  101. workworkworkworkworkw orkworkworkworkworkwor kworkworkworkwork.work 65จࣈ

  102. workworkworkworkwork. work 25จࣈ

  103. ./certbot-auto certonly --manual -d workworkworkworkwork.work -d *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor kworkworkworkworkwork.work

    -m [email protected] --agree-tos --manual- public-ip --preferred-challenges dns-01 --server https://acme- v02.api.letsencrypt.org/directory

  104. Congratulations! ./certbot-auto certonly --manual -d workworkworkworkwork.work -d *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor

    kworkworkworkworkwork.work -m [email protected] --agree-tos --manual- public-ip --preferred-challenges dns-01 --server https://acme- v02.api.letsencrypt.org/directory IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/workworkworkworkwork.work/fullchain.pem
  105. None
  106. None

  107. https:// workworkworkworkworkwork.w orkworkworkworkworkworkwor kworkworkwork.workworkwork workworkworkworkworkworkw orkworkworkworkworkwork.wo rkworkworkworkworkworkwork workworkworkworkworkworkw orkwork.workworkworkworkwo rkworkworkworkworkworkwork

    workworkworkwork.work/

  108. http:// work.workworkworkworkworkw orkworkworkworkworkworkwor kworkworkwork.workworkwork workworkworkworkworkworkw orkworkworkworkworkwork.wo rkworkworkworkworkworkwork workworkworkworkworkworkw orkwork.workworkworkworkwo rkworkworkworkworkworkwork

    workworkworkwork.work/

  109. http:// workwork.workworkworkworkw orkworkworkworkworkworkwor kworkworkwork.workworkwork workworkworkworkworkworkw orkworkworkworkworkwork.wor kworkworkworkworkworkwork workworkworkworkworkworkw orkwork.workworkworkworkwor kworkworkworkworkworkwork

    workworkworkwork.work/public

  110. http://bit.ly/endless_work http://bit.ly/work_netlify http://bit.ly/work_githubpages Jun Watanabe@rela1470 https://rela.red/ https://yasero.dev/ Available for hire!