[dbound] New version of draft-deccio-dbound-organizational-domain-policy
Casey Deccio <casey@deccio.net> Mon, 04 April 2016 12:39 UTC
Return-Path: <casey@deccio.net>
X-Original-To: dbound@ietfa.amsl.com
Delivered-To: dbound@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB43412D5E9 for <dbound@ietfa.amsl.com>; Mon, 4 Apr 2016 05:39:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=deccio.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y85y79ed7f5M for <dbound@ietfa.amsl.com>; Mon, 4 Apr 2016 05:39:07 -0700 (PDT)
Received: from mail-lf0-x22a.google.com (mail-lf0-x22a.google.com [IPv6:2a00:1450:4010:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5603312D509 for <dbound@ietf.org>; Mon, 4 Apr 2016 05:39:07 -0700 (PDT)
Received: by mail-lf0-x22a.google.com with SMTP id g184so94150375lfb.3 for <dbound@ietf.org>; Mon, 04 Apr 2016 05:39:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=deccio.net; s=google; h=mime-version:date:message-id:subject:from:to; bh=/wS1g0R7T9aLDMhMJd9P1p5bSIooBehUwVkrcO1+p48=; b=ZM7PxgnUNsr/1s/TBs95PeeYE5hIqHu0vPCwEDAqbNCmgF/vTFaTbTLUSBp2iDQFmY E3CqvywpACGE+dtFqkJxp6y5u3upvrog3sALGm75i+faWvHeQ7Ez2ph5xLbe+YnwXFqx 6U8jAsesJ0bf82BjnsJEmT9s1Z6L2QzZYJebg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to; bh=/wS1g0R7T9aLDMhMJd9P1p5bSIooBehUwVkrcO1+p48=; b=FhRP4ciKLW7t6BjdeRQmtwWXyYEHUVDrgIl8tkHK5v/V6jMf4ByJSjNZZL1sn/G7TP SyaglQidg5bXwj4sjyczJQBeXqkhnEiAj0sdveBzVQ3rT7iTfMMbewLX4k19LzdONz5s Ar2T48013v2BE1rkh/eBIw0gQ2zvU/ew5jbpHTG8uVxou05pyzYT2WKBwzamILZFt0Hn BnVUuWmiLZPUnh3PmcOB63cM+ppZnWQtawbIZSCszbyOV7rh8kWdD251BLj3c3ChpqhW YDBnVucRr1S1rkqNjTTzasLOINnY845+soglsdCrsCCYXb51XMdLP0lA+yRt9rIfxTfo AAPA==
X-Gm-Message-State: AD7BkJJkreKDAK+nXMVmSw+6sf4agBzrDRPCH/0l0QBedXHS2ga1yVR98jKGBAGA54h6M6FSM23GkaHt1Agjxw==
MIME-Version: 1.0
X-Received: by 10.194.59.138 with SMTP id z10mr17642234wjq.74.1459773545285; Mon, 04 Apr 2016 05:39:05 -0700 (PDT)
Received: by 10.194.67.132 with HTTP; Mon, 4 Apr 2016 05:39:05 -0700 (PDT)
Date: Mon, 04 Apr 2016 08:39:05 -0400
Message-ID: <CAEKtLiTwQadBMvvX1PS_Rr6kYafPQn8wHCb94Uek-SdVRptKrQ@mail.gmail.com>
From: Casey Deccio <casey@deccio.net>
To: "dbound@ietf.org" <dbound@ietf.org>
Content-Type: multipart/alternative; boundary="047d7b86c8c09ea7dc052fa803c0"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dbound/oMXQmnpxDS_Vt9LzFPD9zuLUwHw>
Subject: [dbound] New version of draft-deccio-dbound-organizational-domain-policy
X-BeenThere: dbound@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS tree bounds <dbound.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dbound>, <mailto:dbound-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dbound/>
List-Post: <mailto:dbound@ietf.org>
List-Help: <mailto:dbound-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dbound>, <mailto:dbound-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2016 12:39:10 -0000
Hi all, A new version of draft-deccio-dbound-organizational-domain-policy has been uploaded. References: ---- Name: draft-deccio-dbound-organizational-domain-policy Revision: 02 Title: Organizational Domains and Use Policies for Domain Names Document date: 2016-04-04 Group: Individual Submission Pages: 23 URL: https://www.ietf.org/internet-drafts/draft-deccio-dbound-organizational-domain-policy-02.txt Status: https://datatracker.ietf.org/doc/draft-deccio-dbound-organizational-domain-policy/ Htmlized: https://tools.ietf.org/html/draft-deccio-dbound-organizational-domain-policy-02 Diff: https://www.ietf.org/rfcdiff?url2=draft-deccio-dbound-organizational-domain-policy-02 Key Differences: ---- Note that the biggest change between version 01 and 02 is the elimination of the "_odup" TLD. Instead, policies are published from the TLD and below. General Notes about the Approach ---- The mechanism can be thought of as "policy" delegation. Policy begins at the TLD. The _odup sub-domain is used for that, e.g., _odup.com. Until the point in which policy is delegated, policy is below the ODUP name at hand (e.g., _odup.com -- where "com" is referred to as the organizational domain). Policies are either delegated either explicitly using "+org" directives or by "relegation" using "+bound". The former is like the use of NS records to delegate namespace in the DNS; the latter says, "there is an policy delegation boundary". In either case, the result is that policy is now handled by a new organizational domain. The defaults were carefully considered to match existing behavior, including cookie use, wildcard use, PSL use, etc. One of the important points is that child inherits policy from its organizational domain by default, so every name doesn't need a policy (i.e., it gets it already from its parent). But it can have its own policy, if designated. Or it can become its own organizational domain, if appropriate, using "+org" or "+bound". The PSL can be used to build ODUP policies, and ODUP names can be used to re-construct the PSL. This was primarily designed both for backwards compatibility and for smooth deployment and transition. There is code to try this out here: https://github.com/verisign/odup Please review and comment. If you have questions, please let me know. Casey
- [dbound] New version of draft-deccio-dbound-organ… Casey Deccio
- Re: [dbound] New version of draft-deccio-dbound-o… Daniel Kahn Gillmor
- Re: [dbound] New version of draft-deccio-dbound-o… Casey Deccio
- Re: [dbound] New version of draft-deccio-dbound-o… Murray S. Kucherawy
- Re: [dbound] New version of draft-deccio-dbound-o… Casey Deccio
- Re: [dbound] new rrtype vs. txt John Levine
- [dbound] New version of draft-deccio-dbound-organ… Casey Deccio
- Re: [dbound] New version of draft-deccio-dbound-o… Casey Deccio