Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns and split horizon DNS
Dan Wing <danwing@gmail.com> Wed, 08 December 2021 01:32 UTC
Return-Path: <danwing@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B33DA3A07B0 for <add@ietfa.amsl.com>; Tue, 7 Dec 2021 17:32:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KSXo_1H1xAbn for <add@ietfa.amsl.com>; Tue, 7 Dec 2021 17:32:13 -0800 (PST)
Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 875003A07AF for <add@ietf.org>; Tue, 7 Dec 2021 17:32:13 -0800 (PST)
Received: by mail-pg1-x52b.google.com with SMTP id f125so725431pgc.0 for <add@ietf.org>; Tue, 07 Dec 2021 17:32:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=jZwxKZ0gWNNrKBlfM1EFBJAMf7HuwEytDNEdKvvhVfU=; b=oVunXKDjbv7mXkQigXxXjInofnKKPNKTo62OJZgvBqNwnnw2IFMV1Qx/ppCSqxH+dl UPuiD2s5BDkmlrAV+X6gF9Q2Ii1pqinKqzDijuym+Busci7MNFakTA8+zEl7fUM4oEpM 6nqsh6Y8jbcBER/WyIpJp+Jn/R1oso2B2xwD1UT/I3P7rrdbg0xVCcRZHEyLxdjnrOQr g1fXwNiqtRo21nQNxr4xrUuo17ObTOCriNEDRH8neFKigHwZc3x9+O8kfYKgOaL0KwaK SM2SDhXC8G6zEKt4+FFkXBH+7fZphdruD4gPkz0BebTIUPuGk0SaodOrVFAnFEhf7azR 2vew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=jZwxKZ0gWNNrKBlfM1EFBJAMf7HuwEytDNEdKvvhVfU=; b=ARc+pHyh5ygoplwaTdFZ616ZPgHzll+ZFNJtdCLmRQTw4qUKcnLF+pqUERIhMABnMq lp6vGotdwV+rp9MZOCs7HsnXvImhnUaCy/x3hm8izAUv28LrzzQIXTCSyei4fc10Wi1e LhKKrHW3ElXWhh+cQ2YQy81bG7Dk0Ih36NSdTdywpmXO9fWYZMIVnPkOPcG7HlwVWd1s Ohc94QQ0ldgWUWJ4owpEII/iLDIDmox2WEo0aLI4nCoU9hB8ok2CAkhNrgHDkQNVbhtl Pa43ME316+1SFykPYeSSEeUKOs92BvQsyu+p2p92GCm0oN3wKA1O/S0z7sIhvDdbt50G mM8Q==
X-Gm-Message-State: AOAM530e12HPkBrUT9rgFDNO+XfAEnRPHQ0s4YZzsSj0DxErogSWT4g7 ztFB2gNjY8OvnIMUbwNB8cU=
X-Google-Smtp-Source: ABdhPJxGOJ368jkoL1QwuqKLSf50btPzW5aaiqXgGS80lwp7S8lUuoJ6KucHACF8uCG6Hckrm3227w==
X-Received: by 2002:a63:4745:: with SMTP id w5mr26587120pgk.320.1638927132542; Tue, 07 Dec 2021 17:32:12 -0800 (PST)
Received: from smtpclient.apple (47-208-218-46.trckcmtc01.res.dyn.suddenlink.net. [47.208.218.46]) by smtp.gmail.com with ESMTPSA id p10sm1022024pff.173.2021.12.07.17.32.11 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 07 Dec 2021 17:32:11 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.20.0.1.32\))
From: Dan Wing <danwing@gmail.com>
In-Reply-To: <16475.1638571910@localhost>
Date: Tue, 07 Dec 2021 17:32:09 -0800
Cc: "Deen, Glenn (NBCUniversal)" <Glenn.Deen@nbcuni.com>, ADD Mailing list <add@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <5320E6D1-7A19-457A-AD44-86B9AD849407@gmail.com>
References: <152347.1638473207@dooku> <CABcZeBMyZLSE2HZ2dL+P6Dq3hMaG2QgTRrUuAjHTB7pJpXTaMQ@mail.gmail.com> <8AF4482A-A656-4999-8127-39D94FC914AF@gmail.com> <C27FDD98-D80D-4DB8-83D7-3B1BB686F509@nbcuni.com> <16475.1638571910@localhost>
To: Michael Richardson <mcr+ietf@sandelman.ca>
X-Mailer: Apple Mail (2.3693.20.0.1.32)
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/LEo5tCcHYS5D8al_EhC2Wb0ytfg>
Subject: Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns and split horizon DNS
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Dec 2021 01:32:18 -0000
On Dec 3, 2021, at 2:51 PM, Michael Richardson <mcr+ietf@sandelman.ca> wrote: > Deen, Glenn (NBCUniversal) <Glenn.Deen@nbcuni.com> wrote: >> DNSSEC & DANE adoption is a great topic, but needs more beverages than >> available in a virtual environment. > >> Can we please focus on discovery issues as I fear this other topic set >> has the potential to fill up everyone's inbox and still not resolve >> anything. > > Sorry, I can't abide by this. > > This is germane to whether or not split-horizon-dns is really a problem that > needs solved. Is typo-squatting really a concern when there is split-horizon DNS? What is the desired behavior if a DNS server advertises "I own google.com, send queries to me" or "I own piratebay dot whatever-this-week". > I claim that it isn't: that DNSSEC provides for corp.example.com delegations > that satisfy all of the issues that multiple-views claims to solve. I don't understand what is meant by "corp.example.com delegations". Are you describing a delegation where the FQDN www.corp.example.com is resolvable when querying a DNS server inside a network but that same FQDN is not resolvable when querying example.com's DNS on the Internet? Or that it resolves to different A records when queried inside versus on the Internet. -d > If you agree with me, then don't adopt the document. > It you disagree with me, then DDR has to deal with all the shit that DNSSEC > was intended to solve. > > -- > Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > > > > > -- > Add mailing list > Add@ietf.org > https://www.ietf.org/mailman/listinfo/add
- [Add] add-enterprise-split-dns and split horizon … Michael Richardson
- Re: [Add] add-enterprise-split-dns and split hori… Eric Rescorla
- Re: [Add] add-enterprise-split-dns and split hori… Geoff Huston
- Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns… Deen, Glenn (NBCUniversal)
- Re: [Add] add-enterprise-split-dns and split hori… Dan Wing
- Re: [Add] add-enterprise-split-dns and split hori… Paul Wouters
- Re: [Add] add-enterprise-split-dns and split hori… Vinny Parla (vparla)
- Re: [Add] add-enterprise-split-dns and split hori… Michael Richardson
- Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns… Michael Richardson
- Re: [Add] add-enterprise-split-dns and split hori… Michael Richardson
- Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns… Dan Wing
- Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns… Michael Richardson
- Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns… Joe Abley
- Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns… Michael Richardson
- Re: [Add] [EXTERNAL] Re: add-enterprise-split-dns… Paul Wouters