Re: [dns-privacy] Complying with draft-grothoff-iesg-special-use-p2p-names
Hugo Maxwell Connery <hmco@env.dtu.dk> Mon, 26 January 2015 10:49 UTC
Return-Path: <hmco@env.dtu.dk>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A85921A88BF; Mon, 26 Jan 2015 02:49:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.901
X-Spam-Level:
X-Spam-Status: No, score=-0.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DK=1.009, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mPk6kGa8P3NO; Mon, 26 Jan 2015 02:49:39 -0800 (PST)
Received: from spamfilter2.dtu.dk (spamfilter2.dtu.dk [130.225.73.113]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DFD81A0233; Mon, 26 Jan 2015 02:49:38 -0800 (PST)
Received: from ait-pexedg02.win.dtu.dk (ait-pexedg02.win.dtu.dk [192.38.82.192]) by spamfilter2.dtu.dk with ESMTP id t0QAm29t004056-t0QAm2A6004056 (version=TLSv1.0 cipher=AES128-SHA bits=128 verify=CAFAIL); Mon, 26 Jan 2015 11:49:19 +0100
Received: from ait-pex02mbx04.win.dtu.dk (192.38.82.184) by ait-pexedg02.win.dtu.dk (192.38.82.192) with Microsoft SMTP Server (TLS) id 14.3.224.2; Mon, 26 Jan 2015 11:48:19 +0100
Received: from ait-pex01mbx01.win.dtu.dk ([fe80::49f9:dd7a:cb60:3434]) by ait-pex02mbx04.win.dtu.dk ([fe80::3474:e6e2:2be3:3703%17]) with mapi id 14.03.0224.002; Mon, 26 Jan 2015 11:48:21 +0100
From: Hugo Maxwell Connery <hmco@env.dtu.dk>
To: Paul Vixie <paul@redbarn.org>, Christian Grothoff <christian@grothoff.org>
Thread-Topic: Complying with draft-grothoff-iesg-special-use-p2p-names
Thread-Index: AdA4olWq7jZGs0wEQySyNYTrLCCSBgAMQCWAAAB26YAAB2q1gAAYgB+2
Date: Mon, 26 Jan 2015 10:47:32 +0000
Message-ID: <6CB05D82CE245B4083BBF3B97E2ED470250A53@ait-pex01mbx01.win.dtu.dk>
References: <6CB05D82CE245B4083BBF3B97E2ED47025095F@ait-pex01mbx01.win.dtu.dk> <54C54EF9.1040302@redbarn.org> <54C55217.8000700@grothoff.org>, <54C583DD.2@redbarn.org>
In-Reply-To: <54C583DD.2@redbarn.org>
Accept-Language: en-AU, da-DK, en-US
Content-Language: en-AU
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [130.225.73.250]
Content-Type: multipart/mixed; boundary="_002_6CB05D82CE245B4083BBF3B97E2ED470250A53aitpex01mbx01wind_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/ZoKaX4gDTtQfDJib4Kir_B-TgEU>
Cc: "dnsop@ietf.org" <dnsop@ietf.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Subject: Re: [dns-privacy] Complying with draft-grothoff-iesg-special-use-p2p-names
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jan 2015 10:49:41 -0000
Hi, "For every complex problem there is a simple, efficient solution which is wrong". And that seems to be the case for my suggestion for compliance. Persons wiser than me have suggested that the real solution is that which the overlay community (tor, i2p, gnunet etc.) have been working on: using the standardisation process to ask the IANA to reserve these names. One hopes that the governing body can understand that these communities are addressing in the DNS privacy problems that the DPRIVE WG has been asked to consider, and that their existence and implementations can support the WG's efforts. Thanks to all for their input, especially Mark (ISC) and Vixie. Regards, Hugo Connery -- Technical University of Denmark ________________________________________ From: Paul Vixie [paul@redbarn.org] Sent: Monday, 26 January 2015 01:01 To: Christian Grothoff Cc: Hugo Maxwell Connery; dnsop@ietf.org; dns-privacy@ietf.org Subject: Re: Complying with draft-grothoff-iesg-special-use-p2p-names [cid:part1.06030909.07040101@redbarn.org] Christian Grothoff<mailto:christian@grothoff.org> Sunday, January 25, 2015 12:29 PM ... Furthermore, while we expect this to be rare in the first place, people voiced concern about the additional traffic at the root zone from the pTLDs, so using this configuration we can make sure that doesn't happen (even though I personally can't imagine this to be a real issue in practice). as marka@ISC pointed out, an RDNS operator with QNAME privacy concerns can also just slave the DNS root, as was done by default in freebsd a few years ago, and as is described in the kumari/hoffman internet draft now circulating. slaving the root zone has its own tradeoffs, but i think equal or higher benefits with obviously lower risks than a widely distributed RPZ-based (static configuration) approach would have. (TL;DR: pretty much everything we ever hard-code comes back to bite us in the a$$.) Naturally, you are right in that Hugo's configuration is merely a supporting action, the first and most important thing is getting the draft adopted and thus ensuring the root servers won't have a conflicting definition in the future. well then in spite of how much i like to see RPZ get used, i suggest that you put the horse first, cart second, which means: get the IETF to recommend to IANA that these names be reserved, and then and only then, workshop the various methods of implementing that reservation. you'll be in a world of hurt if somebody does early-adoption on your RPZ-based suggestion, only to find that the IANA reserves a slightly different set of names (or no names at all) compared to what you asked for. -- Paul Vixie
- [dns-privacy] Complying with draft-grothoff-iesg-… Hugo Maxwell Connery
- Re: [dns-privacy] Complying with draft-grothoff-i… Paul Vixie
- Re: [dns-privacy] Complying with draft-grothoff-i… Andrew Sullivan
- Re: [dns-privacy] Complying with draft-grothoff-i… Mark Andrews
- Re: [dns-privacy] [DNSOP] Complying with draft-gr… Paul Vixie
- Re: [dns-privacy] Complying with draft-grothoff-i… Paul Vixie
- Re: [dns-privacy] Complying with draft-grothoff-i… Hugo Maxwell Connery
- Re: [dns-privacy] Complying with draft-grothoff-i… Christian Grothoff
- Re: [dns-privacy] [DNSOP] Complying with draft-gr… Ted Lemon