Re: [dbound] On (not) moving forward
Andrew Sullivan <ajs@anvilwalrusden.com> Sat, 26 March 2016 01:43 UTC
Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dbound@ietfa.amsl.com
Delivered-To: dbound@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4C6112D587 for <dbound@ietfa.amsl.com>; Fri, 25 Mar 2016 18:43:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 80XTsBaDLSoH for <dbound@ietfa.amsl.com>; Fri, 25 Mar 2016 18:43:06 -0700 (PDT)
Received: from mx2.yitter.info (mx2.yitter.info [IPv6:2600:3c03::f03c:91ff:fedf:cfab]) by ietfa.amsl.com (Postfix) with ESMTP id 0614512D09C for <dbound@ietf.org>; Fri, 25 Mar 2016 18:43:05 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx2.yitter.info (Postfix) with ESMTP id D6FA010AD0 for <dbound@ietf.org>; Sat, 26 Mar 2016 01:43:04 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx2.yitter.info ([127.0.0.1]) by localhost (mx2.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jntFpTh0N9Qs for <dbound@ietf.org>; Sat, 26 Mar 2016 01:43:04 +0000 (UTC)
Received: from mx2.yitter.info (c-73-142-157-135.hsd1.nh.comcast.net [73.142.157.135]) by mx2.yitter.info (Postfix) with ESMTPSA id 1E76F10ACE for <dbound@ietf.org>; Sat, 26 Mar 2016 01:43:04 +0000 (UTC)
Date: Fri, 25 Mar 2016 21:43:02 -0400
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dbound@ietf.org
Message-ID: <20160326014302.GK5239@mx2.yitter.info>
References: <20160320003953.39721.qmail@ary.lan> <56EFD129.7050605@mozilla.org> <20160326011607.GI5239@mx2.yitter.info> <6C00E4F0-DEB6-4C10-81E6-12B5F3828BCD@viagenie.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <6C00E4F0-DEB6-4C10-81E6-12B5F3828BCD@viagenie.ca>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dbound/PKjxO7ZkwkfijUhxtDLcwSV6VIo>
Subject: Re: [dbound] On (not) moving forward
X-BeenThere: dbound@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS tree bounds <dbound.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dbound>, <mailto:dbound-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dbound/>
List-Post: <mailto:dbound@ietf.org>
List-Help: <mailto:dbound-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dbound>, <mailto:dbound-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Mar 2016 01:43:07 -0000
On Fri, Mar 25, 2016 at 09:27:00PM -0400, Marc Blanchet wrote: > in-DNS a good solution, does it have the problem of finally not being > implemented/deployed because of a new RR? The difference between RDAP and SOPA has to do with the incentives for deployment. (The RDAP case could in fact have been solved by SRV, if you ask me, but it was quite clear that the WG didn't want to do it.) The SOPA draft defines the default case as, "Nobody is in the same policy realm as me." For a large number of sites, this is exactly the right answer. The SOPA draft says you can make the explicit claim, "Nobody is in the same policy realm as me." That has certain advantages, such as caching and so on, which means that it's the right answer for public suffixes. Since they're the people who have the greatest potential to deploy new RRs, there's a positive effect. The SOPA draft gives you a way to make more significant statements about others being in the same policy realm. There is a barrier to new RRs here, but there are mitigating factors: (1) the sites that want this sort of functionality are more sophisticated, so they are the more likely to be able to deploy new RRs; (2) the lookup story doesn't need to be perfect for consumer-end hosts, because of the plan to fall back to browser-distributed files as well (which now get the benefit of automatic crowdsourced maintenance); (3) an important part of this story is the CA checking when issuing certs, which benefits from the new RR even if consumer-end hosts. Finally, I do, very much, think that things like SOPA would be way easier to deploy if we did something like John's RRTYPE pattern-classification stuff. That has kind of gone nowhere, but partly because the demand is stanched by the constant refrain that new RRs are impossible to deploy. I'd be prepared to update the SOPA draft with a normative dependency on draft-levine-dnsextlang-07 if we think it would help. Best regards, A -- Andrew Sullivan ajs@anvilwalrusden.com
- Re: [dbound] On (not) moving forward John Levine
- [dbound] On (not) moving forward Resnick, Pete
- Re: [dbound] On (not) moving forward John Levine
- Re: [dbound] On (not) moving forward Jiankang Yao
- Re: [dbound] On (not) moving forward John Levine
- Re: [dbound] On (not) moving forward Gervase Markham
- Re: [dbound] On (not) moving forward Casey Deccio
- Re: [dbound] On (not) moving forward Casey Deccio
- Re: [dbound] On (not) moving forward Jothan Frakes
- Re: [dbound] On (not) moving forward John R Levine
- Re: [dbound] On (not) moving forward Kurt Andersen (b)
- Re: [dbound] On (not) moving forward John Levine
- Re: [dbound] On (not) moving forward Casey Deccio
- Re: [dbound] On (not) moving forward Martin J. Dürst
- Re: [dbound] On (not) moving forward Paul Hoffman
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward Marc Blanchet
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward John Levine
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward Paul Hoffman
- Re: [dbound] On (not) moving forward Marc Blanchet
- Re: [dbound] On (not) moving forward John R Levine
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward David Conrad
- Re: [dbound] On (not) moving forward Murray S. Kucherawy
- Re: [dbound] On (not) moving forward John R Levine
- Re: [dbound] On (not) moving forward Dave Crocker
- Re: [dbound] On (not) moving forward Paul Hoffman
- Re: [dbound] On (not) moving forward David Conrad
- Re: [dbound] On (not) moving forward Dave Crocker
- Re: [dbound] On (not) moving forward John R Levine
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward Gervase Markham
- Re: [dbound] On (not) moving forward Murray S. Kucherawy
- Re: [dbound] On (not) moving forward Andrew Sullivan
- Re: [dbound] On (not) moving forward Paul Hoffman
- Re: [dbound] On (not) moving forward Simone Carletti
- Re: [dbound] On (not) moving forward Martin J. Dürst
- Re: [dbound] On (not) moving forward Paul Hoffman
- Re: [dbound] On (not) moving forward Murray S. Kucherawy
- Re: [dbound] On (not) moving forward Paul Hoffman
- Re: [dbound] On (not) moving forward Martin J. Dürst
- Re: [dbound] On (not) moving forward Jiankang Yao
- Re: [dbound] On (not) reading documents John Levine