Upgrade to Pro — share decks privately, control downloads, hide ads and more …

255オクテットのドメインはツラみがある! / endless-work

Jun Watanabe
March 31, 2019
Technology
1
4.9k

255オクテットのドメインはツラみがある! / endless-work

Presented on PHPerKaigi 2019 https://phperkaigi.jp/

longest domain here!
Shorten :
http://bit.ly/endless_work

original :
https://workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.work/

Jun Watanabe

March 31, 2019
Tweet

More Decks by Jun Watanabe

See All by Jun Watanabe
力技で実現するHR Driven Provisioningとアクセス制御の自動化 / kyash-hr-driven-provisioning
rela1470
0
120
10分(25分)でつくる社内Webツール / howto-oidc-webpage
rela1470
0
110
リーグオブ情シス 第二回 / League of Infosys
rela1470
1
1.3k
Kyashでコーポレートエンジニアを初採用して7ヶ月が経ちましたがお元気ですか / ce-night-kyash
rela1470
4
2.9k
じこしょうかい2019 / rela1470-portfolio-2019
rela1470
0
310
ヤフーの1on1
rela1470
0
450
15分でわかる!WBMPビューアー実装から始めるPHPバイナリ超初心者入門 / php_wbmp
rela1470
1
2.2k
またブラウザアプリの時代が来る!?ORATTAが考えるこれからのゲーム開発戦略とは / oratta_webapp_pwa
rela1470
0
1.8k
API仕様書ってどう運用したらいいの? / api_doc
rela1470
0
1.2k

Other Decks in Technology

See All in Technology
強いチームと開発生産性
onk
PRO
35
11k
CDCL による厳密解法を採用した MILP ソルバー
imai448
3
150
アプリエンジニアのためのGraphQL入門.pdf
spycwolf
0
100
【Startup CTO of the Year 2024 / Audience Award】アセンド取締役CTO 丹羽健
niwatakeru
0
1.3k
Making your applications cross-environment - OSCG 2024 NA
salaboy
0
190
開発生産性を上げながらビジネスも30倍成長させてきたチームの姿
kamina_zzz
2
1.7k
SREが投資するAIOps ~ペアーズにおけるLLM for Developerへの取り組み~
takumiogawa
1
440
安心してください、日本語使えますよ―Ubuntu日本語Remix提供休止に寄せて― 2024-11-17
nobutomurata
1
1k
『Firebase Dynamic Links終了に備える』 FlutterアプリでのAdjust導入とDeeplink最適化
techiro
0
130
ノーコードデータ分析ツールで体験する時系列データ分析超入門
negi111111
0
420
Lambda10周年!Lambdaは何をもたらしたか
smt7174
2
110
100 名超が参加した日経グループ横断の競技型 AWS 学習イベント「Nikkei Group AWS GameDay」の紹介/mediajaws202411
nikkei_engineer_recruiting
1
170

Featured

See All Featured
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
8.2k
Intergalactic Javascript Robots from Outer Space
tanoku
269
27k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.8k
Speed Design
sergeychernyshev
25
620
A better future with KSS
kneath
238
17k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
0
100
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
Fireside Chat
paigeccino
34
3k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
246
1.3M
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
25
1.8k
Typedesign – Prime Four
hannesfritz
40
2.4k

Transcript

  1. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  2. 15෼࿮ͳͷʹ εϥΠυ110ຕͳͷͰ ઌʹ·ͱΊ ɾ255จࣈ͡Όͳ͍(͝ΊΜ) ɾ64จࣈҎ্Ͱཁ஫ҙ!!!!

  3. υϝΠϯͬͯ ͍ͭͷ·ʹ͔ ૿͑ͯ·͢ΑͶ!

  4. Θͨͳ΂͸ 13ݸ΋ͬͯ·ͨ͠

  5. New gTLD ଓʑొ৔

  6. None

  7. yasero.dev ࣗ෼ͷମॏΛࡽ͢αΠτ

  8. ͱ͍͏͜ͱͰຊ୊…

  9. υϝΠϯͬͯ Ͳ͜·Ͱ௕͘Ͱ͖Δ͔ ஌ͬͯ·͔͢?

  10. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  11. workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkwork.workworkwo rkworkworkworkworkworkwork workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkworkworkworkwor kworkwork.workworkworkwork workworkworkworkworkworkw orkworkworkworkwork.work

  12. workυϝΠϯ 1ԁͰͨ͠

  13. None

  14. ͋Γ͕ͱ͏ ͍͟͝·͢!

  15. (དྷ೥΋͓ئ͍͠·͢)

  16. ͋Ε?

  17. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  18. workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkwork.workworkwo rkworkworkworkworkworkwork workworkworkworkworkwork. workworkworkworkworkworkw orkworkworkworkworkworkwor kworkwork.workworkworkwork workworkworkworkworkworkw orkworkworkworkwork.work

  19. ͦ͏ͳΜͰ͢

  20. 253จࣈ ͔͠ͳ͍ͧ

  21. ͓࿳ͼͱగਖ਼

  22. 255จࣈͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  23. 255ΦΫςοτͷ υϝΠϯ͸ πϥΈ͕͋Δ! 2019/03/31(Sun) PHPerKaigi 2019 Jun Watanabe@rela1470

  24. None

  25. Ͳ͜Ͱఆٛ͞Ε͍ͯΔ͔

  26. RFC1035 2.3.4. Size limits 255 Octet

  27. 1 Octet 8 bit 1 Byte

  28. ༨ஊ 1Byte = 8 Bit ʹͳͬͨͷ͸ 2008೥ IEC 80000-13
 https://www.iso.org/standard/31898.html

    JIS͸ະൃߦ IECΛӾཡ͢Δʹ͸158 CHF (17,450ԁ)…

  29. ࠞཚ͠ͳ͍ͨΊʹ΋ Octet Λ࢖͓͏!

  30. ͞Βʹ༨ஊ URLશମͷ੍ݶ͸ͳ͍

  31. 100ສจࣈ·Ͱಈ࡞֬ೝࡁΈ https://qiita.com/nwtgck/items/e83473dc63386d2da3e5

  32. ؓ࿩ٳ୊

  33. υϝΠϯͷσʔλ಺໿

  34. work . work ↓ϥϕϧ ↑ ۠੾Γจࣈ ୈ2ϨϕϧυϝΠϯ ୈ1ϨϕϧυϝΠϯ

  35. DNSϝοηʔδ ࠓճͷυϝΠϯͷྫ

  36. ఆٛจࣈ௕ ΦΫςοτ ϥϕϧจࣈྻ NBY ΦΫςοτ  XPSLXPSLXPSLXPSLXPSLXPSL  XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL 

    XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL  XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL  XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL  XPSL  0DUFU 0DUFU   workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkworkworkwor kworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkwor kworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.work ↓ = 255 octet = 253จࣈ(υοτؚ)

  37. ϝʔϧΞυϨε͸?

  38. RFC5321 4.5.3.1.3. Path 256 Octet

  39. શମͰ࠷େ 256 Octet ·Ͱ (υοτ΍ΞοτϚʔΫ΋ؚΉ) υϝΠϯͰ 255 Octet ࢖͏ͷͰ…

  40. υϝΠϯ͕࠷େ௕ͩͱ ࣮࣭ൃߦͰ͖ͳ͍ @workworkworkworkworkwork.workworkworkworkwo rkworkworkworkworkwork.workworkworkworkworkw orkworkworkworkworkworkworkworkworkwork.work workworkworkworkworkworkworkworkworkworkwork workworkwork.workworkworkworkworkworkworkwor kworkworkworkworkworkworkwork.work ↑Ͱ256ΦΫςοτ(254จࣈ)

  41. ࣮ࡍʹӡ༻͍͖ͯ͠

  42. DNS

  43. None

  44. ໊͓લυοτίϜ͞Μ ͦ΋ͦ΋ෳ਺ϥϕϧ͕ ߟྀ͞Εͯͳ͍ ϫΠϧυΧʔυͰͳΜͱ͔

  45. SLAର৅ͷαʔϏεΛ ࢖͍·͠ΐ͏

  46. Amazon Route 53

  47. IDCF Cloud DNS

  48. nginx

  49. vi nginx.conf ———- server { listen 80; server_name workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkwor kworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkwor

    kworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkwor kworkworkworkwork.work; } —————— nginx -t nginx: [emerg] could not build server_names_hash, you should increase server_names_hash_bucket_size: 32 nginx: configuration file /etc/nginx/nginx.conf test failed nginx.conf server_name͕௕͗͢Δ

  50. vi nginx.conf ———- http { server_names_hash_bucket_size 512; } bucketSize֦ு

  51. None

  52. HTTPSԽ

  53. None

  54. DNS name too long # /usr/local/certbot/certbot-auto certonly --webroot -w /work.work

    - d workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.wo rkworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkw orkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkwork workworkworkworkworkworkworkworkworkworkwork.work Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator webroot, Installer None Obtaining a new certificate An unexpected error occurred: The request message was malformed :: Error creating new authz :: DNS name too long Please see the logfiles in /var/log/letsencrypt for more details.

  55. certbot͕230จࣈҎ্Λ ड͚෇͚ͳ͍

  56. ಺෦తʹJSONͷϝλ৘ใͰ 25จࣈ࢖ͬͯ͠·͏ͨΊ letsencrypt/boulder.git/policy/pa.go@126 // TODO(#3237): Right now our schema for

    the authz table only allows 255 characters // for identifiers, including JSON wrapping, which takes up 25 characters. For // now, we only allow identifiers up to 230 characters in length. When we are // able to do a migration to update this table, we can allow DNS names up to // 253 characters in length. maxLabelLength = 63 maxDNSIdentifierLength = 230 `identifier` varchar(255) NOT NULL, {"type":"dns","value":"example.com"} https://community.letsencrypt.org/t/i-want-use-max-255-octet-domain/51279
  57. None
  58. None
  59. None

  60. Let’s Encrypt ͕ବ໨ͳΒ…

  61. ී௨ͷ༗ྉSSLͳΒ ͍͚Μͷ͔

  62. # openssl req -new -key key.pem -out key.csr Common Name

    (eg, fully qualified host name) []:workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork .workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workwo rkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkw orkworkworkworkworkworkworkworkworkworkworkwork.work OpenSSLͰCSRൃߦ΍!

  63. string is too long, it needs to be less than

    64 bytes long

  64. OpenSSL͕ବ໨ͳΒ…

  65. Microsoft IIS

  66. CSRൃߦͰ͖·ͨ͠

  67. CoreSSL͞ΜͰਃ੥

  68. None

  69. CSR͸ೝ͚ࣝͨ͠Ͳ αʔϏεଆͰ஄͔Εͨ

  70. ্Ґূ໌ہ Symantec Comodo GeoTrust ͷ੍ݶ https://knowledge.symantec.com/jp/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=SO24065

  71. RFC 5280 Appendix A.1 ub-common-name-length INTEGER ::= 64 ͪΐͬͱࣗ৴ͳ͍

  72. ͝ฦۚ ରԠ௖͖ ͋Γ͕ͱ͏ ͍͟͝·ͨ͠

  73. ແྉͰ230จࣈ·Ͱ͍͚Δ let's encrypt ٯʹ༏लઆ

  74. None

  75. ࣗલ͕ବ໨ͳΒ...

  76. αʔόʔϨε΍!

  77. Firebase Hosting ແྉSSL+ແྉCDN(݄50GB·Ͱ)

  78. Firebase Hosting ແྉSSL+ແྉCDN(݄50GB·Ͱ)

  79. Firebase Hosting ແྉSSL+ແྉCDN(݄50GB·Ͱ)

  80. SSL͕͍ͭ·Ͱܦͬͯ΋ ൓ө͞Εͳ͍

  81. UI΋յΕΔ

  82. ͦͯ͠2019೥

  83. υϝΠϯͷ௕͕͞ ࠷େ64จࣈʹ੍ݶ͞ΕͯΔ…

  84. Firebase͕ ବ໨ͳΒ Netlify΍!

  85. None
  86. None

  87. UI͸΋ͪΖΜյΕΔ

  88. ͔͠͠ 255 octet ͷ υϝΠϯ͸ొ࿥Ͱ͖ͨ (ͼͬ͘Γ)

  89. SSL͸…?

  90. DNS name too long

  91. Netlify ແྉSSL

  92. 230จࣈʹ཈͑ͨΒ ͍͚Δ΍Ζ!

  93. CN was longer than 64 bytes

  94. None

  95. Firebase SSLରԠඞਢ 64 octet ·Ͱ Netlify SSL͸ 64 octet ·Ͱ

    httpͰ΋Α͚Ε͹ 255 octet ·Ͱ

  96. SSLରԠͷເ͸௵͑ͨ…

  97. None

  98. ACME v2 API ϫΠϧυΧʔυূ໌ॻ

  99. CN was longer than 64 bytes ./certbot-auto certonly —manual -d

    *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor kworkworkworkworkwork.work -m [email protected] --agree-tos --manual- public-ip --preferred-challenges dns-01 --server https://acme- v02.api.letsencrypt.org/directory An unexpected error occurred: The request message was malformed :: Error finalizing order :: issuing precertificate: CN was longer than 64 bytes

  100. cert-bot SAN ରԠ υϝΠϯෳ਺ࢦఆͰ͖Δ & ઌ಄ͷυϝΠϯ͕CNʹ

  101. workworkworkworkworkw orkworkworkworkworkwor kworkworkworkwork.work 65จࣈ

  102. workworkworkworkwork. work 25จࣈ

  103. ./certbot-auto certonly --manual -d workworkworkworkwork.work -d *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor kworkworkworkworkwork.work

    -m [email protected] --agree-tos --manual- public-ip --preferred-challenges dns-01 --server https://acme- v02.api.letsencrypt.org/directory

  104. Congratulations! ./certbot-auto certonly --manual -d workworkworkworkwork.work -d *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor

    kworkworkworkworkwork.work -m [email protected] --agree-tos --manual- public-ip --preferred-challenges dns-01 --server https://acme- v02.api.letsencrypt.org/directory IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/workworkworkworkwork.work/fullchain.pem
  105. None
  106. None

  107. https:// workworkworkworkworkwork.w orkworkworkworkworkworkwor kworkworkwork.workworkwork workworkworkworkworkworkw orkworkworkworkworkwork.wo rkworkworkworkworkworkwork workworkworkworkworkworkw orkwork.workworkworkworkwo rkworkworkworkworkworkwork

    workworkworkwork.work/

  108. http:// work.workworkworkworkworkw orkworkworkworkworkworkwor kworkworkwork.workworkwork workworkworkworkworkworkw orkworkworkworkworkwork.wo rkworkworkworkworkworkwork workworkworkworkworkworkw orkwork.workworkworkworkwo rkworkworkworkworkworkwork

    workworkworkwork.work/

  109. http:// workwork.workworkworkworkw orkworkworkworkworkworkwor kworkworkwork.workworkwork workworkworkworkworkworkw orkworkworkworkworkwork.wor kworkworkworkworkworkwork workworkworkworkworkworkw orkwork.workworkworkworkwor kworkworkworkworkworkwork

    workworkworkwork.work/public

  110. http://bit.ly/endless_work http://bit.ly/work_netlify http://bit.ly/work_githubpages Jun Watanabe@rela1470 https://rela.red/ https://yasero.dev/ Available for hire!