IETF Logo Mail Archive

Re: [apps-discuss] "finding registered domains"

Andrew Sullivan <ajs@anvilwalrusden.com> Wed, 13 March 2013 17:51 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F32E021F8DB9 for <apps-discuss@ietfa.amsl.com>; Wed, 13 Mar 2013 10:51:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.805
X-Spam-Level:
X-Spam-Status: No, score=-0.805 tagged_above=-999 required=5 tests=[AWL=0.035, BAYES_00=-2.599, HELO_MISMATCH_INFO=1.448, HOST_MISMATCH_NET=0.311]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TFh+wSwPUbU8 for <apps-discuss@ietfa.amsl.com>; Wed, 13 Mar 2013 10:51:04 -0700 (PDT)
Received: from mx1.yitter.info (ow5p.x.rootbsd.net [208.79.81.114]) by ietfa.amsl.com (Postfix) with ESMTP id 770AC21F8DEC for <apps-discuss@ietf.org>; Wed, 13 Mar 2013 10:51:04 -0700 (PDT)
Received: from mx1.yitter.info (dhcp-2430.meeting.ietf.org [130.129.36.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.yitter.info (Postfix) with ESMTPSA id 9F0038A031 for <apps-discuss@ietf.org>; Wed, 13 Mar 2013 17:50:57 +0000 (UTC)
Date: Wed, 13 Mar 2013 13:50:46 -0400
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: apps-discuss@ietf.org
Message-ID: <20130313175046.GB45769@mx1.yitter.info>
References: <20130311210857.GG38441@mx1.yitter.info> <CAL0qLwY9YyLpHF9XYbm5zCC1+3PzCtdcmgyC6eiQ-P7QBKiDyA@mail.gmail.com> <20130312184051.GE39324@mx1.yitter.info> <CAL0qLwaD_6k36ZzAFO_KKkP=ud_Cd=-4P+vH_UQ58p6BcuY25A@mail.gmail.com> <20130312202442.GE41728@mx1.yitter.info> <CAL0qLwbg6CxtGO=b+iEtDXw3-FG1Rjr1QG_hcgxiGo5P7fPqgA@mail.gmail.com> <20130312205006.GI41728@mx1.yitter.info> <CAL0qLwb_X=WeNE8Hp9HWnd64OvZCu0bgdmDaw5Gct_VEsY45MA@mail.gmail.com> <20130313032655.GD41909@mx1.yitter.info> <CE39F90A45FF0C49A1EA229FC9899B05600CB2@USCLES544.agna.amgreetings.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CE39F90A45FF0C49A1EA229FC9899B05600CB2@USCLES544.agna.amgreetings.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [apps-discuss] "finding registered domains"
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 17:51:05 -0000

On Wed, Mar 13, 2013 at 04:41:00AM +0000, MH Michael Hammer (5304) wrote:
> > 
> 
> this is one of the use cases that has been problematic. Do we really
> want to rely on each subdomain up the tree publishing a SOPA record
> for this type of case? 

No, of course not.  Nominet puts a SOPA record with the root target at
co.uk.  That means, "This name does not share its administrative realm
with any other name," which is correct.  Nobody else needs to publish
anything for that to take effect.

It's only when you want to make positive association between two
different names that you need to have records at both sides.

> and others do not? Is the intent to force domain administrators to
> go along by them ending up with suboptimal outcomes if they don't?

No, the intent is to pick the safest possible state ("no shared
administrative realm") as the default, and to require positive action
if you want an association with other names.  I think Brad's point
about siblings is that the approach I'm arguing for breaks a current
expectation many people have -- that all the siblings are "safe".  But
that was always a dangerous arrangement, and I think it is becoming
more dangerous over time.

> I'm not asking these things to be snarky 

I didn't take it that way.  I think the proposal I'm making needs
plenty of examination and prodding.  I appreciate the comments and
questions.  Thanks.

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com

v2.23.0 | Report a Bug | By Email