IETF Logo Mail Archive

[Dbound] Online vs Offline modes

Jeffrey Walton <noloader@gmail.com> Sat, 05 July 2014 01:53 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: dbound@ietfa.amsl.com
Delivered-To: dbound@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AFE31A019A for <dbound@ietfa.amsl.com>; Fri, 4 Jul 2014 18:53:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FKF-PAJaVdIU for <dbound@ietfa.amsl.com>; Fri, 4 Jul 2014 18:53:29 -0700 (PDT)
Received: from mail-vc0-x232.google.com (mail-vc0-x232.google.com [IPv6:2607:f8b0:400c:c03::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2966C1A00FF for <dbound@ietf.org>; Fri, 4 Jul 2014 18:53:29 -0700 (PDT)
Received: by mail-vc0-f178.google.com with SMTP id ij19so2061805vcb.23 for <dbound@ietf.org>; Fri, 04 Jul 2014 18:53:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:date:message-id:subject:from:to:content-type; bh=LujRK5AR7h/KkN4PaIHbfpIbHe2r+KD7ipdD2thuPrk=; b=cw/PTZmO0XI+JrlZx60iCOs8oqBHUHL+gZ4dZOsuqmPPVeueC+kpi28DzXgolOuX2s faI48So0RTH7pybhUTuNTbYajPlqZAFBK7jJnlGmctCuQVHB31dHm8QU74i8GIvnC1MU pmKqGCYgbYLKNv+JtjNgbP3iQ1dNv+zoDXSfLlbVWwavJ0zGwoutvEVOqa2vcOXMLoCR uNYREIs60eyQ92AASG5h0aFJl/w4PCFWOy6wNPHiMX3e/xCOCfbKhnsJ+xBbJkrkeZJo VKmlGXqPOexeC2TLm6b29Sw6Hi43IXIVZQuBxv4XJbCa1Ju7V4wDadd48kwzLTmWnrnX FRzA==
MIME-Version: 1.0
X-Received: by 10.58.119.75 with SMTP id ks11mr12886156veb.20.1404525207972; Fri, 04 Jul 2014 18:53:27 -0700 (PDT)
Received: by 10.220.227.7 with HTTP; Fri, 4 Jul 2014 18:53:27 -0700 (PDT)
Date: Fri, 04 Jul 2014 21:53:27 -0400
Message-ID: <CAH8yC8=13krQUTwwT8DYPwji9zu92e02HU9g+xEuVZWMUCKMPg@mail.gmail.com>
From: Jeffrey Walton <noloader@gmail.com>
To: dbound@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/dbound/B9HyzG-WV2ey1WKLixPGxRzngR0
Subject: [Dbound] Online vs Offline modes
X-BeenThere: dbound@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: noloader@gmail.com
List-Id: DNS tree bounds <dbound.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dbound>, <mailto:dbound-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dbound/>
List-Post: <mailto:dbound@ietf.org>
List-Help: <mailto:dbound-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dbound>, <mailto:dbound-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Jul 2014 01:53:30 -0000

I think one thing to consider with the Dbound is online vs offline modes.

It looks like the two drafts [1,2] both have online requirements. I
don't mind the online requirement when collecting information or
building a list as a prep step to compiling my program. But when my
program operates in the field, I want to avoid going online.

The extra online query is an additional point of network failure.
Plus, I don't know that I'm getting an authentic answer under many
circumstances. I can tolerate the potential failures when gathering
information or building a list. But at runtime, I don't want to
introduce the additional risks.

This might be a unrealistic requirement when solving the general
problem, but I think its reasonable in my case. My case is validating
host name data in an X509 certificate with an emphasis on catching
wildcards in gTLDs and ccTLDs. I'm less concerned about administrative
boundaries in subdomains.

[1] draft-levine-orgboundary
[2] draft-sullivan-domain-policy-authority

v2.23.0 | Report a Bug | By Email