[apps-discuss] Comments on draft-sullivan-domain-policy-authority
"Murray S. Kucherawy" <superuser@gmail.com> Fri, 19 July 2013 18:48 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C500111E816E for <apps-discuss@ietfa.amsl.com>; Fri, 19 Jul 2013 11:48:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.575
X-Spam-Level:
X-Spam-Status: No, score=-2.575 tagged_above=-999 required=5 tests=[AWL=0.024, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mocsm-5OPSDi for <apps-discuss@ietfa.amsl.com>; Fri, 19 Jul 2013 11:48:31 -0700 (PDT)
Received: from mail-we0-x231.google.com (mail-we0-x231.google.com [IPv6:2a00:1450:400c:c03::231]) by ietfa.amsl.com (Postfix) with ESMTP id DDFDC11E8145 for <apps-discuss@ietf.org>; Fri, 19 Jul 2013 11:48:30 -0700 (PDT)
Received: by mail-we0-f177.google.com with SMTP id m19so4165305wev.8 for <apps-discuss@ietf.org>; Fri, 19 Jul 2013 11:48:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=7WWH7BVFhn9tkcjDROahE+ZFduDM+R2lcvjwhMOUR2c=; b=tvvSc4L+JKw7/vIWyx0IOxwbOZ3GsTccggu7GrDKrNHUcS/P3zuBVXIzqMRnSBeyU6 C9Q9NiSPLWgkTfjdqF3O5QeZWyNOdNKS2tU/VWPRyTLN9Gt8zitndJT6FVNlf6Oi1qV5 GNObgvd5yTH3RbLKYQc5w5EsGT0HWWS5rKu5GKPu+MQMPUkQtKVprU30uW2v3ur5P+Ir aCCyIT6mwM8jjd73DgoKg7TZ0xgWtMVAJgfFeIgjZ0LysB73ODdkfUGRF+XgNCOJ/y1X DCiIrci12YerBJbr+Y1+2OsiTD6h2au/xLVnmxXdVOjlPuiTdN5F4gAfmOiX6SSGQXwL XjCQ==
MIME-Version: 1.0
X-Received: by 10.194.122.71 with SMTP id lq7mr12850976wjb.77.1374259709949; Fri, 19 Jul 2013 11:48:29 -0700 (PDT)
Received: by 10.180.90.16 with HTTP; Fri, 19 Jul 2013 11:48:29 -0700 (PDT)
Date: Fri, 19 Jul 2013 11:48:29 -0700
Message-ID: <CAL0qLwbu-vUjD2Wg2FnzUrnWeXzNV8Va-BBp6XgAWm-gQNGaQQ@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
To: draft-sullivan-domain-policy-authority@tools.ietf.org, IETF Apps Discuss <apps-discuss@ietf.org>
Content-Type: multipart/alternative; boundary="089e01229750d73ddb04e1e1c5aa"
Subject: [apps-discuss] Comments on draft-sullivan-domain-policy-authority
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jul 2013 18:48:31 -0000
As someone who's involved in email authentication work, identifying the apex of authority given an arbitrary domain name has long been a valuable goal. The current way to do this (the public suffix list) is undesirable, but it's currently the only way to do this. This draft proposes a new solution to this problem and also takes into scope several other related problem statements. It does a very good job describing the problem spaces and also is very up front of its various (and in a couple of cases, daunting) limitations. I'd love to be part of a conversation that talks about how to mitigate some or all of those. One thing it doesn't mention is that it will require a SOPA record to be created at every extant node in the DNS tree for a domain that wishes to make use of it. Unless I've misread something, the document does indicate that a node can indicate it is in the same policy realm as all of its descendants, but it also says this relationship needs to be confirmed to be believed. That means all of the descendant nodes also have to have SOPA records pointing back to that parent node. If I'm understanding that correctly, the document should probably call this out as a constraint as well. There's another related document, draft-levine-orgboundary, about which I'll comment separately. I wonder, though, since we have time on the APPSAWG/APPAREA agenda, if the authors of both drafts would be interested in talking to that audience about their ideas in Berlin. -MSK
- [apps-discuss] Comments on draft-sullivan-domain-… Murray S. Kucherawy
- Re: [apps-discuss] Comments on draft-sullivan-dom… Paul Hoffman
- Re: [apps-discuss] Comments on draft-sullivan-dom… Andrew Sullivan
- Re: [apps-discuss] Comments on draft-sullivan-dom… Kurt Andersen
- Re: [apps-discuss] Comments on draft-sullivan-dom… Peter Saint-Andre
- Re: [apps-discuss] Comments on draft-sullivan-dom… Peter Saint-Andre