Upgrade to Pro — share decks privately, control downloads, hide ads and more …

255オクテットのドメインはツラみがある! / endless-work

Jun Watanabe
March 31, 2019
Technology
1
4.2k

255オクテットのドメインはツラみがある! / endless-work

Presented on PHPerKaigi 2019 https://phperkaigi.jp/

longest domain here!
Shorten :
http://bit.ly/endless_work

original :
https://workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.work/

Jun Watanabe

March 31, 2019
Tweet

More Decks by Jun Watanabe

See All by Jun Watanabe
リーグオブ情シス 第二回 / League of Infosys
rela1470
1
1k
Kyashでコーポレートエンジニアを初採用して7ヶ月が経ちましたがお元気ですか / ce-night-kyash
rela1470
4
2.5k
じこしょうかい2019 / rela1470-portfolio-2019
rela1470
0
170
ヤフーの1on1
rela1470
0
380
15分でわかる!WBMPビューアー実装から始めるPHPバイナリ超初心者入門 / php_wbmp
rela1470
1
1.9k
またブラウザアプリの時代が来る!?ORATTAが考えるこれからのゲーム開発戦略とは / oratta_webapp_pwa
rela1470
0
1.6k
API仕様書ってどう運用したらいいの? / api_doc
rela1470
0
1.1k
イマドキSaaSで静的解析 / codacy_codecov
rela1470
2
1.7k
おすすめの旅行スポット / recommended_tour
rela1470
0
140

Other Decks in Technology

See All in Technology
計測できるレガシーさを捉え、コード改善に対処する / phperkaigi2023
blue_goheimochi
0
230
Autonomous Database Cloud 技術詳細 / adb-s_technical_detail_jp
oracle4engineer
PRO
10
25k
関数型で表現するイベントソーシングの実装とその教育
tomohisa
0
200
WebGLやCanvasを使ったデータ可視化コンテンツ開発/nikkei-tech-talk5-3
nikkei_engineer_recruiting
0
150
Oracle Cloud Infrastructure:2023年3月度サービス・アップデート
oracle4engineer
PRO
0
160
ローコードで改革!End to Endテストの再定義!
odasho
0
230
AWS Lambda PHPのProduction利用を続ける僕がAWS App Runnerの可能性を探る
seike460
PRO
3
440
『登記所備付地図XMLデータ』に触れてみよう〜法務省が公開した大規模オープンデータとは一体何なのか〜 / What is moj map xml
sakaik
0
170
エンジニアのためのドキュメントライティング / Docs for Developers and Paragraph Writing
nttcom
4
690
プロ野球をデータモデリングしてみたら沼だった件 / Baseball ERD Modeling to be obsessed
gothedistance
1
110
Rector ではじめる "運用を止めない" PHP アップグレード
colopl
0
270
Secret sauce for improving developer experience: tackle flaky tests
line_developers
PRO
2
210

Featured

See All Featured
Faster Mobile Websites
deanohume
296
29k
10 Git Anti Patterns You Should be Aware of
lemiorhan
643
55k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
217
21k
Teambox: Starting and Learning
jrom
124
8k
Why You Should Never Use an ORM
jnunemaker
PRO
49
8k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
38
3.7k
Statistics for Hackers
jakevdp
785
210k
The World Runs on Bad Software
bkeepers
PRO
59
5.8k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
128
8.8k
Bash Introduction
62gerente
602
210k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
182
15k
Infographics Made Easy
chrislema
236
17k

Transcript

  1. 255จࣈͷ
    υϝΠϯ͸
    πϥΈ͕͋Δ!
    2019/03/31(Sun) PHPerKaigi 2019
    Jun [email protected]

    View Slide

  2. 15෼࿮ͳͷʹ
    εϥΠυ110ຕͳͷͰ
    ઌʹ·ͱΊ
    ɾ255จࣈ͡Όͳ͍(͝ΊΜ)
    ɾ64จࣈҎ্Ͱཁ஫ҙ!!!!

    View Slide

  3. υϝΠϯͬͯ
    ͍ͭͷ·ʹ͔
    ૿͑ͯ·͢ΑͶ!

    View Slide

  4. Θͨͳ΂͸
    13ݸ΋ͬͯ·ͨ͠

    View Slide

  5. New gTLD
    ଓʑొ৔

    View Slide

  6. View Slide

  7. yasero.dev
    ࣗ෼ͷମॏΛࡽ͢αΠτ

    View Slide

  8. ͱ͍͏͜ͱͰຊ୊…

    View Slide

  9. υϝΠϯͬͯ
    Ͳ͜·Ͱ௕͘Ͱ͖Δ͔
    ஌ͬͯ·͔͢?

    View Slide

  10. 255จࣈͷ
    υϝΠϯ͸
    πϥΈ͕͋Δ!
    2019/03/31(Sun) PHPerKaigi 2019
    Jun [email protected]

    View Slide

  11. workworkworkworkworkwork.
    workworkworkworkworkworkw
    orkworkworkwork.workworkwo
    rkworkworkworkworkworkwork
    workworkworkworkworkwork.
    workworkworkworkworkworkw
    orkworkworkworkworkworkwor
    kworkwork.workworkworkwork
    workworkworkworkworkworkw
    orkworkworkworkwork.work

    View Slide

  12. workυϝΠϯ
    1ԁͰͨ͠

    View Slide

  13. View Slide

  14. ͋Γ͕ͱ͏
    ͍͟͝·͢!

    View Slide

  15. (དྷ೥΋͓ئ͍͠·͢)

    View Slide

  16. ͋Ε?

    View Slide

  17. 255จࣈͷ
    υϝΠϯ͸
    πϥΈ͕͋Δ!
    2019/03/31(Sun) PHPerKaigi 2019
    Jun [email protected]

    View Slide

  18. workworkworkworkworkwork.
    workworkworkworkworkworkw
    orkworkworkwork.workworkwo
    rkworkworkworkworkworkwork
    workworkworkworkworkwork.
    workworkworkworkworkworkw
    orkworkworkworkworkworkwor
    kworkwork.workworkworkwork
    workworkworkworkworkworkw
    orkworkworkworkwork.work

    View Slide

  19. ͦ͏ͳΜͰ͢

    View Slide

  20. 253จࣈ
    ͔͠ͳ͍ͧ

    View Slide

  21. ͓࿳ͼͱగਖ਼

    View Slide

  22. 255จࣈͷ
    υϝΠϯ͸
    πϥΈ͕͋Δ!
    2019/03/31(Sun) PHPerKaigi 2019
    Jun [email protected]

    View Slide

  23. 255ΦΫςοτͷ
    υϝΠϯ͸
    πϥΈ͕͋Δ!
    2019/03/31(Sun) PHPerKaigi 2019
    Jun [email protected]

    View Slide

  24. View Slide

  25. Ͳ͜Ͱఆٛ͞Ε͍ͯΔ͔

    View Slide

  26. RFC1035
    2.3.4. Size limits
    255 Octet

    View Slide

  27. 1 Octet
    8 bit
    1 Byte

    View Slide

  28. ༨ஊ
    1Byte = 8 Bit
    ʹͳͬͨͷ͸
    2008೥
    IEC 80000-13

    https://www.iso.org/standard/31898.html
    JIS͸ະൃߦ
    IECΛӾཡ͢Δʹ͸158 CHF (17,450ԁ)…

    View Slide

  29. ࠞཚ͠ͳ͍ͨΊʹ΋
    Octet
    Λ࢖͓͏!

    View Slide

  30. ͞Βʹ༨ஊ
    URLશମͷ੍ݶ͸ͳ͍

    View Slide

  31. 100ສจࣈ·Ͱಈ࡞֬ೝࡁΈ
    https://qiita.com/nwtgck/items/e83473dc63386d2da3e5

    View Slide

  32. ؓ࿩ٳ୊

    View Slide

  33. υϝΠϯͷσʔλ಺໿

    View Slide

  34. work . work
    ↓ϥϕϧ
    ↑ ۠੾Γจࣈ
    ୈ2ϨϕϧυϝΠϯ ୈ1ϨϕϧυϝΠϯ

    View Slide

  35. DNSϝοηʔδ
    ࠓճͷυϝΠϯͷྫ

    View Slide

  36. ఆٛจࣈ௕
    ΦΫςοτ
    ϥϕϧจࣈྻ
    NBY
    ΦΫςοτ
    XPSLXPSLXPSLXPSLXPSLXPSL
    XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL
    XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL
    XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL
    XPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSLXPSL
    XPSL

    0DUFU 0DUFU

    workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkworkworkwor
    kworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkwor
    kworkworkworkwork.workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.work

    = 255 octet = 253จࣈ(υοτؚ)

    View Slide

  37. ϝʔϧΞυϨε͸?

    View Slide

  38. RFC5321
    4.5.3.1.3. Path
    256 Octet

    View Slide

  39. શମͰ࠷େ 256 Octet ·Ͱ
    (υοτ΍ΞοτϚʔΫ΋ؚΉ)
    υϝΠϯͰ
    255 Octet ࢖͏ͷͰ…

    View Slide

  40. υϝΠϯ͕࠷େ௕ͩͱ
    ࣮࣭ൃߦͰ͖ͳ͍
    @workworkworkworkworkwork.workworkworkworkwo
    rkworkworkworkworkwork.workworkworkworkworkw
    orkworkworkworkworkworkworkworkworkwork.work
    workworkworkworkworkworkworkworkworkworkwork
    workworkwork.workworkworkworkworkworkworkwor
    kworkworkworkworkworkworkwork.work
    ↑Ͱ256ΦΫςοτ(254จࣈ)

    View Slide

  41. ࣮ࡍʹӡ༻͍͖ͯ͠

    View Slide

  42. DNS

    View Slide

  43. View Slide

  44. ໊͓લυοτίϜ͞Μ
    ͦ΋ͦ΋ෳ਺ϥϕϧ͕
    ߟྀ͞Εͯͳ͍
    ϫΠϧυΧʔυͰͳΜͱ͔

    View Slide

  45. SLAର৅ͷαʔϏεΛ
    ࢖͍·͠ΐ͏

    View Slide

  46. Amazon
    Route 53

    View Slide

  47. IDCF Cloud
    DNS

    View Slide

  48. nginx

    View Slide

  49. vi nginx.conf
    ———-
    server {
    listen 80;
    server_name
    workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.workworkwor
    kworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkwor
    kworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkworkwor
    kworkworkworkwork.work;
    }
    ——————
    nginx -t
    nginx: [emerg] could not build server_names_hash, you should increase
    server_names_hash_bucket_size: 32
    nginx: configuration file /etc/nginx/nginx.conf test failed
    nginx.conf
    server_name͕௕͗͢Δ

    View Slide

  50. vi nginx.conf
    ———-
    http {
    server_names_hash_bucket_size 512;
    }
    bucketSize֦ு

    View Slide

  51. View Slide

  52. HTTPSԽ

    View Slide

  53. View Slide

  54. DNS name too long
    # /usr/local/certbot/certbot-auto certonly --webroot -w /work.work -
    d
    workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork.wo
    rkworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkw
    orkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkwork
    workworkworkworkworkworkworkworkworkworkwork.work
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator webroot, Installer None
    Obtaining a new certificate
    An unexpected error occurred:
    The request message was malformed :: Error creating new authz :: DNS
    name too long
    Please see the logfiles in /var/log/letsencrypt for more details.

    View Slide

  55. certbot͕230จࣈҎ্Λ
    ड͚෇͚ͳ͍

    View Slide

  56. ಺෦తʹJSONͷϝλ৘ใͰ
    25จࣈ࢖ͬͯ͠·͏ͨΊ
    letsencrypt/boulder.git/policy/[email protected]
    // TODO(#3237): Right now our schema for the authz table only allows
    255 characters
    // for identifiers, including JSON wrapping, which takes up 25
    characters. For
    // now, we only allow identifiers up to 230 characters in length.
    When we are
    // able to do a migration to update this table, we can allow DNS
    names up to
    // 253 characters in length.
    maxLabelLength = 63
    maxDNSIdentifierLength = 230
    `identifier` varchar(255) NOT NULL,
    {"type":"dns","value":"example.com"}
    https://community.letsencrypt.org/t/i-want-use-max-255-octet-domain/51279

    View Slide

  57. View Slide

  58. View Slide

  59. View Slide

  60. Let’s Encrypt
    ͕ବ໨ͳΒ…

    View Slide

  61. ී௨ͷ༗ྉSSLͳΒ
    ͍͚Μͷ͔

    View Slide

  62. # openssl req -new -key key.pem -out key.csr
    Common Name (eg, fully qualified host name)
    []:workworkworkworkworkwork.workworkworkworkworkworkworkworkworkwork
    .workworkworkworkworkworkworkworkworkworkworkworkworkworkwork.workwo
    rkworkworkworkworkworkworkworkworkworkworkworkworkwork.workworkworkw
    orkworkworkworkworkworkworkworkworkworkworkwork.work
    OpenSSLͰCSRൃߦ΍!

    View Slide

  63. string is too long,
    it needs to be less than
    64 bytes long

    View Slide

  64. OpenSSL͕ବ໨ͳΒ…

    View Slide

  65. Microsoft IIS

    View Slide

  66. CSRൃߦͰ͖·ͨ͠

    View Slide

  67. CoreSSL͞ΜͰਃ੥

    View Slide

  68. View Slide

  69. CSR͸ೝ͚ࣝͨ͠Ͳ
    αʔϏεଆͰ஄͔Εͨ

    View Slide

  70. ্Ґূ໌ہ
    Symantec
    Comodo
    GeoTrust
    ͷ੍ݶ
    https://knowledge.symantec.com/jp/support/ssl-certificates-support/index?page=content&actp=CROSSLINK&id=SO24065

    View Slide

  71. RFC 5280
    Appendix A.1
    ub-common-name-length
    INTEGER ::= 64
    ͪΐͬͱࣗ৴ͳ͍

    View Slide

  72. ͝ฦۚ
    ରԠ௖͖
    ͋Γ͕ͱ͏
    ͍͟͝·ͨ͠

    View Slide

  73. ແྉͰ230จࣈ·Ͱ͍͚Δ
    let's encrypt
    ٯʹ༏लઆ

    View Slide

  74. View Slide

  75. ࣗલ͕ବ໨ͳΒ...

    View Slide

  76. αʔόʔϨε΍!

    View Slide

  77. Firebase Hosting
    ແྉSSL+ແྉCDN(݄50GB·Ͱ)

    View Slide

  78. Firebase Hosting
    ແྉSSL+ແྉCDN(݄50GB·Ͱ)

    View Slide

  79. Firebase Hosting
    ແྉSSL+ແྉCDN(݄50GB·Ͱ)

    View Slide

  80. SSL͕͍ͭ·Ͱܦͬͯ΋
    ൓ө͞Εͳ͍

    View Slide

  81. UI΋յΕΔ

    View Slide

  82. ͦͯ͠2019೥

    View Slide

  83. υϝΠϯͷ௕͕͞
    ࠷େ64จࣈʹ੍ݶ͞ΕͯΔ…

    View Slide

  84. Firebase͕
    ବ໨ͳΒ
    Netlify΍!

    View Slide

  85. View Slide

  86. View Slide

  87. UI͸΋ͪΖΜյΕΔ

    View Slide

  88. ͔͠͠
    255 octet ͷ
    υϝΠϯ͸ొ࿥Ͱ͖ͨ
    (ͼͬ͘Γ)

    View Slide

  89. SSL͸…?

    View Slide

  90. DNS name too long

    View Slide

  91. Netlify
    ແྉSSL

    View Slide

  92. 230จࣈʹ཈͑ͨΒ
    ͍͚Δ΍Ζ!

    View Slide

  93. CN was longer than 64 bytes

    View Slide

  94. View Slide

  95. Firebase
    SSLରԠඞਢ
    64 octet ·Ͱ
    Netlify
    SSL͸ 64 octet ·Ͱ
    httpͰ΋Α͚Ε͹
    255 octet ·Ͱ

    View Slide

  96. SSLରԠͷເ͸௵͑ͨ…

    View Slide

  97. View Slide

  98. ACME v2 API
    ϫΠϧυΧʔυূ໌ॻ

    View Slide

  99. CN was longer than
    64 bytes
    ./certbot-auto certonly —manual -d
    *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw
    orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork
    workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor
    kworkworkworkworkwork.work -m [email protected] --agree-tos --manual-
    public-ip --preferred-challenges dns-01 --server https://acme-
    v02.api.letsencrypt.org/directory
    An unexpected error occurred:
    The request message was malformed :: Error finalizing order ::
    issuing precertificate: CN was longer than 64 bytes

    View Slide

  100. cert-bot
    SAN ରԠ
    υϝΠϯෳ਺ࢦఆͰ͖Δ
    &
    ઌ಄ͷυϝΠϯ͕CNʹ

    View Slide

  101. workworkworkworkworkw
    orkworkworkworkworkwor
    kworkworkworkwork.work
    65จࣈ

    View Slide

  102. workworkworkworkwork.
    work
    25จࣈ

    View Slide

  103. ./certbot-auto certonly --manual -d workworkworkworkwork.work -d
    *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw
    orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork
    workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor
    kworkworkworkworkwork.work -m [email protected] --agree-tos --manual-
    public-ip --preferred-challenges dns-01 --server https://acme-
    v02.api.letsencrypt.org/directory

    View Slide

  104. Congratulations!
    ./certbot-auto certonly --manual -d workworkworkworkwork.work -d
    *.workworkworkworkworkworkworkworkworkwork.workworkworkworkworkworkw
    orkworkworkworkworkworkworkworkwork.workworkworkworkworkworkworkwork
    workworkworkworkworkworkwork.workworkworkworkworkworkworkworkworkwor
    kworkworkworkworkwork.work -m [email protected] --agree-tos --manual-
    public-ip --preferred-challenges dns-01 --server https://acme-
    v02.api.letsencrypt.org/directory
    IMPORTANT NOTES:
    -
    Congratulations!
    Your certificate and chain have been saved at:
    /etc/letsencrypt/live/workworkworkworkwork.work/fullchain.pem

    View Slide

  105. View Slide

  106. View Slide

  107. https://
    workworkworkworkworkwork.w
    orkworkworkworkworkworkwor
    kworkworkwork.workworkwork
    workworkworkworkworkworkw
    orkworkworkworkworkwork.wo
    rkworkworkworkworkworkwork
    workworkworkworkworkworkw
    orkwork.workworkworkworkwo
    rkworkworkworkworkworkwork
    workworkworkwork.work/

    View Slide

  108. http://
    work.workworkworkworkworkw
    orkworkworkworkworkworkwor
    kworkworkwork.workworkwork
    workworkworkworkworkworkw
    orkworkworkworkworkwork.wo
    rkworkworkworkworkworkwork
    workworkworkworkworkworkw
    orkwork.workworkworkworkwo
    rkworkworkworkworkworkwork
    workworkworkwork.work/

    View Slide

  109. http://
    workwork.workworkworkworkw
    orkworkworkworkworkworkwor
    kworkworkwork.workworkwork
    workworkworkworkworkworkw
    orkworkworkworkworkwork.wor
    kworkworkworkworkworkwork
    workworkworkworkworkworkw
    orkwork.workworkworkworkwor
    kworkworkworkworkworkwork
    workworkworkwork.work/public

    View Slide

  110. http://bit.ly/endless_work
    http://bit.ly/work_netlify
    http://bit.ly/work_githubpages
    Jun [email protected]
    https://rela.red/
    https://yasero.dev/
    Available for hire!

    View Slide