[dbound] Would it be possible to provide a quick specification for a per-domain Robots.txt-like text file?

Jeffrey Walton <noloader@gmail.com> Tue, 15 November 2016 13:24 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: dbound@ietfa.amsl.com
Delivered-To: dbound@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 0AC541295A1 for <dbound@ietfa.amsl.com>; Tue, 15 Nov 2016 05:24:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 5vaccs_NV3LC for <dbound@ietfa.amsl.com>; Tue, 15 Nov 2016 05:24:01 -0800 (PST)
Received: from mail-it0-x22d.google.com (mail-it0-x22d.google.com [IPv6:2607:f8b0:4001:c0b::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA242129460 for <dbound@ietf.org>; Tue, 15 Nov 2016 05:24:01 -0800 (PST)
Received: by mail-it0-x22d.google.com with SMTP id l8so1323463iti.1 for <dbound@ietf.org>; Tue, 15 Nov 2016 05:24:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:from:date:message-id:subject:to; bh=7w/XiH5Q1rlP9gjMMbzl0hwSRkr+t/6hrinG+Eg63g8=; b=Z3YLc0bkxfdxg9QXuw4PvjIdwQ95m8fdmzJUAtuVcJMtk6ZJQ1bmkweHrs5lgNmaao ovmwHSddchTKV7rZGiSfnB15UKHNeM8bwXNEci1+DRktgUVibcvZr4+8z7FNk1l59CnR schFhh0IFfd2dw8XvFkwP2atDpzmcZCWuTXNwWLS7Uag0zLZ+txXHu2FpeYSv6qSLmCX ZOTLszbHjyksPevgiyOrNvr9iGL4Jnjwll0aPemPnt6niVwd3n7LGLNfDSe/NVlEzQps bl2pfjRl6a1N4eHzNFDuutKc8HB88+lx11OnKf0knrRh+qk72ku2sN6TWeFsOXUjIshT 4Qkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:reply-to:from:date:message-id :subject:to; bh=7w/XiH5Q1rlP9gjMMbzl0hwSRkr+t/6hrinG+Eg63g8=; b=CZEPGTX5kHCbZc+kD6dJYJbVez40VdiTn/QEs2HeqTvytHT5CQh+8ACBSpWsngDs24 FLle3PtOJKz79GRp7wt5GIeTfbpd7N1jtRkltrY0+XVqXXKrW+ikkxMRklvr1w1DDy0m 0gaKBQH1TtqeEicGhtW8WWX8W3aE1/D4UKUwMTeJdh+avo7kE57Ba8R2qpyEW5OUmImn 9lDX5adRlJxZWZSgAoCS+z69UPjySJ2KVvEIdiRUFsyJKGoXX4nRkQqdRu1N1ayYDXCX T/GmmKK4XkenS6BVf4DudRn6uOP5T76EKmzJ0Okz3ndMP4ghx/qnq++DBm22AMJ3k1zM Becg==
X-Gm-Message-State: ABUngveTTjhHktL2Ajb3pecEbo5ARA69RmmZYaawh9tLZQne0q1x5dLQO8kbPxRQzQdVeVzMnLCD39aKLwUXTQ==
X-Received: by with SMTP id a77mr29927468ioa.109.1479216241104; Tue, 15 Nov 2016 05:24:01 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Tue, 15 Nov 2016 05:24:00 -0800 (PST)
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 15 Nov 2016 08:24:00 -0500
Message-ID: <CAH8yC8=uUg3QnG=LF4gegg-cPpxFvd5WDLuoJ6d4DH_0eijpwA@mail.gmail.com>
To: "dbound@ietf.org" <dbound@ietf.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/dbound/q4AF5H-_hHwhM4Wl4BFhM8DxeXc>
Subject: [dbound] Would it be possible to provide a quick specification for a per-domain Robots.txt-like text file?
X-BeenThere: dbound@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: noloader@gmail.com
List-Id: DNS tree bounds <dbound.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dbound>, <mailto:dbound-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dbound/>
List-Post: <mailto:dbound@ietf.org>
List-Help: <mailto:dbound-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dbound>, <mailto:dbound-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2016 13:24:03 -0000

Before the group closes, would it be possible to provide a
specification for a per-domain Robots.txt-like text file?

My thinking is, a Robots.txt-like file will allow a subdomain to signal:

    * stop inheriting an administrative responsibilities from a parent
    * delegate to an external domain of their choosing

It seems to be an easier problem:

    * it does not need infrastructure changes
    * it does not require advanced knowledge by users
    * it only needs a basic grammar

Absence of a Robots.txt-like text file in the subdomain means keep
doing things as usual, which is no worse than we have now.

It dos not affect existing PSL files, like Mozilla runs. Lessons
learned from the PSL file may help with a grammar. Once you see how
well it works or does not work, then you can move it into DNS at your

For security considerations, it seems to be no worse than any other
TOFU scheme. It seems to be no worse than a DNS based system since a
subdomain can be subverted at DNS by the domain owner/operator, too.