IETF Logo Mail Archive

Re: [dd] DBOUND scope

John Levine <johnl@taugh.com> Tue, 19 March 2024 03:19 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dd@ietfa.amsl.com
Delivered-To: dd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F83FC14F6A5 for <dd@ietfa.amsl.com>; Mon, 18 Mar 2024 20:19:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.858
X-Spam-Level:
X-Spam-Status: No, score=-1.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="TVoIh6p2"; dkim=pass (2048-bit key) header.d=taugh.com header.b="kZFoKdA+"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MlwlTEuUObpZ for <dd@ietfa.amsl.com>; Mon, 18 Mar 2024 20:19:32 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29DB1C14F698 for <dd@ietf.org>; Mon, 18 Mar 2024 20:19:31 -0700 (PDT)
Received: (qmail 45151 invoked from network); 19 Mar 2024 03:19:29 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=b05c65f90441.k2403; bh=SDxvRj3S+iwk99L6owzWm6M56Eb/FsvMLYWN4WvIBxE=; b=TVoIh6p25k2g7/l4cq+NPg7wp+nVs76RKEucQ8xecvFJsUC8yTSX2DAZ6KVpYz/0O0LXDWLbk8pFZ5sUejleZ0C4NW/jq0ydS6coNHYPBXWJ0TPOKNqi8J/jUa8VLGUh3gGh3QKGVKKgKob1X+cLeSVGivsP+VEvXsJYAqA1OHgabD3+1U1nIzfKrTOMaltSruIm1pUzcJk9dnaKv4r9UIoaRsz4IM0aHSfdMTimqXKBkoZQleqYq3UiFD9FzLM9trsquFr5c6/HVKinr4XJ1JaRQNO0tw0ywtxIU0ms+oxu0Bocv4alm8sQt3vEHHCOY7J6Vrrk3uhvdLrEpSBWRw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=b05c65f90441.k2403; bh=SDxvRj3S+iwk99L6owzWm6M56Eb/FsvMLYWN4WvIBxE=; b=kZFoKdA+Yyy9p5peWVGrSh7EchcLkxYaYgEIpZegBw7DujefoCntk7Q4y08u6GTdEkDtF/tXyJIApVDLY6FReJS96RsR7c0svenOxoWUODTp7otnetSQm8bu/j/PHcgh9wiiZYvOwbvjZZcQlgyiVvm749aK2enlK7lciD+KG6ig6bkITHTP9E0MJI66hqJ3w/Oh3Szi9O+poZzUeiZ3OQdpVQ2P5yWU5Dn0M5YfvV6/s/AIrBzhZxUBp+IOxmNAPeRSjEFuVpLbUd03rfLg+sQwVkLobyHRxwVCCr9lGsxfLagiAofRFWojYPiNXAyxO+uMdbH54PaHRLe64jmGYg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 19 Mar 2024 03:19:29 -0000
Received: by ary.qy (Postfix, from userid 501) id B1A1785A7367; Mon, 18 Mar 2024 23:19:28 -0400 (EDT)
Date: Mon, 18 Mar 2024 23:19:28 -0400
Message-Id: <20240319031928.B1A1785A7367@ary.qy>
From: John Levine <johnl@taugh.com>
To: dd@ietf.org
Cc: bemasc@meta.com
In-Reply-To: <MW4PR15MB437960E4E89D3EDFE8818665B32C2@MW4PR15MB4379.namprd15.prod.outlook.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dd/mcmfWr0LBwTN3nR9goNPHUMGPwg>
Subject: Re: [dd] DBOUND scope
X-BeenThere: dd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DNS Delegation <dd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dd>, <mailto:dd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dd/>
List-Post: <mailto:dd@ietf.org>
List-Help: <mailto:dd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dd>, <mailto:dd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2024 03:19:37 -0000

It appears that Ben Schwartz  <bemasc@meta.com> said:
>-=-=-=-=-=-
>I saw a few concerns in Zulip today about whether the DBOUND-like work is addressable by any​ technical solution.  I think it is.  Additionally, I think:

I wold bet money that it is not.

>Some browsers today show only the "registrable domain" in the title bar, to minimize user confusion.  This is sometimes the second-level domain, but
>not always (e.g. for co.uk).  There are also some other contexts in which the "registrable domain" is a valuable concept (e.g. rate limits for PKI
>certificate issuance, like Let's Encrypt [1]).

Yes, those are some of the things that they use the PSL for.

>A DELEG flag meaning "this delegation is from a registry" would be useful to help clients identify the "registrable domain".  For browser use, this
>would require some additional protocol work, to accumulate relevant DELEG metadata and pass it back to the stub in EDNS.

Where would this appear in www.example.com? Or widget.sales.example.com? The way you use the PSL is to walk up the
tree until you find the boundary. Or are you saying your cache will do
this tree walk for you and put the results in the EDNS?  Yuck.

>It's true that further delegations down the tree could set the "registry" flag disingenuously.  That's not a problem: the client is only interested
>in the "topmost registrable domain", and would ignore any indications from further down the tree.

If you look at the PSL, that doesn't work. There are real cases like
uk.com where there is one registry underneath another. It is not a bug
that the entries in the PSL are manually reviewed to see that they're
plausible.

This is hard.  Let's not get DELEG stuck in this swamp of a side show.

R's,
John

v2.39.1 | Report a Bug | By Email | System Status