Re: [dbound] [art] Related Domains By DNS (RDBD) Draft
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 26 February 2019 15:51 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dbound@ietfa.amsl.com
Delivered-To: dbound@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A708129532 for <dbound@ietfa.amsl.com>; Tue, 26 Feb 2019 07:51:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vqzJKYbJisLI for <dbound@ietfa.amsl.com>; Tue, 26 Feb 2019 07:51:53 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 957A2128CB7 for <dbound@ietf.org>; Tue, 26 Feb 2019 07:51:53 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id B7591BE53; Tue, 26 Feb 2019 15:51:51 +0000 (GMT)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DtMCy_EtuJuE; Tue, 26 Feb 2019 15:51:51 +0000 (GMT)
Received: from [134.226.36.93] (unknown [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 6C32FBE51; Tue, 26 Feb 2019 15:51:51 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1551196311; bh=++iTXgFaoi1aSKJ3auJo56WZCTfaDnO2K4pJIDYyhz0=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=xZQoLomoTAXwZb9tLgb8oJ2iDiKWhv6gqNss1WSTu+DC+owtA/XfLCu8ybWyO9nD5 nw9qljZMb2GGsHwrFAB0MHeKJEF7yZ5K2kXg5jNkxFKoE54j0XJpnQvaAHOAgodrab 0kqjEIjmx08GhS03wnXa+pUCenAfknV8jPFwMjnM=
To: John R Levine <johnl@taugh.com>
Cc: Alexander_Brotman@comcast.com, dbound@ietf.org
References: <20190226032027.B52BE200EC0B38@ary.local> <250922de-26c5-da8d-0b25-c69bc6d56337@cs.tcd.ie> <alpine.BSF.2.21.9999.1902261021210.6114@gal.iecc.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <72c13f04-0a5c-53b0-a980-5cfb69ea866d@cs.tcd.ie>
Date: Tue, 26 Feb 2019 15:51:49 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0
MIME-Version: 1.0
In-Reply-To: <alpine.BSF.2.21.9999.1902261021210.6114@gal.iecc.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="V4D42Bej17ojr9E8ww6xNCQiqVvyQDnq8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dbound/q-LtHaAVyO6PpsFlfj99JXD28XA>
Subject: Re: [dbound] [art] Related Domains By DNS (RDBD) Draft
X-BeenThere: dbound@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS tree bounds <dbound.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dbound>, <mailto:dbound-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dbound/>
List-Post: <mailto:dbound@ietf.org>
List-Help: <mailto:dbound-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dbound>, <mailto:dbound-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Feb 2019 15:51:57 -0000
Hiya, On 26/02/2019 15:26, John R Levine wrote: >> Main differences I see are: >> - RDBD has DKIM-like signatures (so a bit of computational >> complexity) > > It does, but they don't prove anything that you wouldn't already know if > you can look stuff up in the DNS. Not sure I agree. While I accept a signature doesn't provide a strong "proof", it can provide evidence that the primary is ok with the secondary claiming that some relationship exists and that the primary was involved in creation of the RR values. (The "can provide evidence" above of course depends on things like DNSSEC or using a previously cached version of the public key etc.) But regardless of that... > > ... So if you want to do > this, here's what I'd do. > > We have a new record type, call it SAME. Each SAME record has a flag > for parent/child and a domain name. So if foo.com wants to say it's the > same as foo-bar.org: > > foo.com. SAME 1 foo-bar.org. > > foo-bar.org SAME 0 foo.com. > > If foo.com wants to claim many other domains, it can publish as many > SAME records as it needs to. I'd be fine if we had such an RFC and be happy if people wanted to publish such RRs in their zones. If the above existed, we could in any case define a way to digitally sign for the relationship separately, if there was support for doing so, and that could be done now or later. > If new RRs are too scary, you can do it with a txt record and a prefix: > > _same.foo.com TXT "v=same 1 foo-bar.org" > > _same.foo-bar.org TXT "v=same 0 foo.com" Could be done. I suspect the IETF-process overhead of having a fight over TXT vs a new RR type isn't really worthwhile myself, so a new RR type would be just fine by me. Cheers, S. > > Regards, > John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY > "I dropped the toothpaste", said Tom, crestfallenly. > > _______________________________________________ > dbound mailing list > dbound@ietf.org > https://www.ietf.org/mailman/listinfo/dbound
- [dbound] Related Domains By DNS (RDBD) Draft Brotman, Alexander
- Re: [dbound] [art] Related Domains By DNS (RDBD) … John Levine
- Re: [dbound] [art] Related Domains By DNS (RDBD) … Stephen Farrell
- Re: [dbound] [art] Related Domains By DNS (RDBD) … John R Levine
- Re: [dbound] [art] Related Domains By DNS (RDBD) … Stephen Farrell
- Re: [dbound] [art] Related Domains By DNS (RDBD) … John R Levine
- Re: [dbound] [art] Related Domains By DNS (RDBD) … Stephen Farrell
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Bob Harold
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Stephen Farrell
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Paul Wouters
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Brotman, Alexander
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Paul Wouters
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Stephen Farrell
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Paul Wouters
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Stephen Farrell
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Tony Finch
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Hollenbeck, Scott
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Paul Wouters
- Re: [dbound] [art] [DNSOP] Related Domains By DNS… John Levine
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… David Conrad
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… John R. Levine
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Ted Lemon
- Re: [dbound] [art] [DNSOP] Related Domains By DNS… Stephen Farrell
- Re: [dbound] [art] [DNSOP] Related Domains By DNS… John C Klensin
- Re: [dbound] [art] [DNSOP] Related Domains By DNS… Jothan Frakes
- Re: [dbound] [DNSOP] Related Domains By DNS (RDBD… Michael J. Sheldon
- Re: [dbound] [art] [DNSOP] not DNAME, was Related… John R Levine
- Re: [dbound] [art] [DNSOP] Related Domains By DNS… John Levine
- Re: [dbound] [art] [DNSOP] Related Domains By DNS… Stephen Farrell
- Re: [dbound] [art] [DNSOP] Related Domains By DNS… John R Levine
- Re: [dbound] [art] [DNSOP] not DNAME, was Related… John C Klensin
- Re: [dbound] [art] [DNSOP] not DNAME, was Related… Tony Finch
- Re: [dbound] [art] [DNSOP] not DNAME, was Related… Suzanne Woolf
- Re: [dbound] [art] [DNSOP] not DNAME, was Related… Samuel Weiler
- [dbound] Related Domains By DNS (RDBD) Draft Stephen Farrell
- Re: [dbound] Related Domains By DNS (RDBD) Draft Samuel Weiler
- Re: [dbound] Related Domains By DNS (RDBD) Draft Stephen Farrell