Re: [dnsext] Name equivalence: Another no protocol change solution
Niall O'Reilly <Niall.oReilly@ucd.ie> Mon, 13 September 2010 19:20 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 43E5B3A6A70; Mon, 13 Sep 2010 12:20:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.998
X-Spam-Level:
X-Spam-Status: No, score=-5.998 tagged_above=-999 required=5 tests=[AWL=0.001, BAYES_00=-2.599, J_CHICKENPOX_55=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xs0icbAgxijC; Mon, 13 Sep 2010 12:20:26 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D070F3A69F9; Mon, 13 Sep 2010 12:20:25 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1OvEVV-000Dhh-5s for namedroppers-data0@psg.com; Mon, 13 Sep 2010 19:16:01 +0000
Received: from mailhub.ucd.ie ([193.1.169.37] helo=cali.ucd.ie) by psg.com with esmtps (TLSv1:RC4-MD5:128) (Exim 4.72 (FreeBSD)) (envelope-from <Niall.oReilly@ucd.ie>) id 1OvEVS-000DhC-6z for namedroppers@ops.ietf.org; Mon, 13 Sep 2010 19:15:58 +0000
Received: from conversion-daemon.cali.ucd.ie by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) id <0L8P002019H6QD00@cali.ucd.ie> (original mail from Niall.oReilly@ucd.ie) for namedroppers@ops.ietf.org; Mon, 13 Sep 2010 20:15:54 +0100 (IST)
Received: from [10.0.1.177] (bark.no8.be [83.141.81.52]) by cali.ucd.ie (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTPSA id <0L8P0014M9IHSY10@cali.ucd.ie>; Mon, 13 Sep 2010 20:15:54 +0100 (IST)
Date: Mon, 13 Sep 2010 20:15:57 +0100
From: Niall O'Reilly <Niall.oReilly@ucd.ie>
Subject: Re: [dnsext] Name equivalence: Another no protocol change solution
In-reply-to: <1B0679E8FE7160C3E91E246B@Ximines.local>
To: Alex Bligh <alex@alex.org.uk>
Cc: namedroppers@ops.ietf.org
Message-id: <4C8E786D.7070105@ucd.ie>
MIME-version: 1.0
Content-type: text/plain; format="flowed"; charset="UTF-8"
Content-transfer-encoding: 7bit
References: <C0F55485EA77FDF78E9B0398@Ximines.local> <4C8E266D.3070702@ucd.ie> <952FA12530B5693E36B03554@Ximines.local> <4C8E399F.8090300@ucd.ie> <C1D6C4E4CDAB83BE68BE10B0@Ximines.local> <4C8E4B65.5030402@ucd.ie> <9C2DE15E0F640A9D041DD421@Ximines.local> <4C8E530F.1050009@ucd.ie> <1B0679E8FE7160C3E91E246B@Ximines.local>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-IE.utf8; rv:1.9.1.12) Gecko/20100826 Thunderbird/3.0.7
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
Alex, On 13/09/10 17:49, Alex Bligh wrote: > Right, and the coexistence of those other records is the problem, yes? > If so, I wrote: >> 1. Apparent pseudo-regulatory requirement to ensure TLDs operate with >> recursive sameness. This is making TLD1 == TLD2. > ... >> Problem 1 can, it seems to me, be solved by DNAME. DNAME only doesn't >> do the job when there is a record at the apex, because DNAME+CNAME >> can't coexist. Few if any TLDs have records at their apexes. > > By assumption (last sentence) there are no records that need to > be at b2. I don't see how that "last sentence" applies to a delegated zone apex or to its mirror images under "sameness". > IE I am assuming problem 1 (need for recursive sameness beyond > that which provisioning could give us) only applies in circumstances > where coexisting records do not exist. So far the only use > people who have said "provisioning doesn't work for this" are > TLDs. I think you may be missing what they mean when they make that statement. I don't believe it's the provisioning of a handful of equivalent TLD zones that gives them cause to say this. That can't be beyond the intellectual and material resources of a TLD registry. Their trouble with provisioning, as I understand it, lies not between them and the root, or within their own bundle of equivalent TLD zones, but between them and their registrants, to whom they want to be able to offer a group of domains which are dependably coupled, and remain so without extraordinary requirements for expertise and effort on the part of the registrants or their agents (registrars, DNS hosting providers). What the TLD registries appear to need is a means to tie a whole bundle together so that it can be managed by or for the registrant with no more trouble than if a single, traditionally delegated zone were involved. Parallel delegation is easy for the TLD registry, but burdensome for the registrant. Pseudo- delegation using DNAME in the TLD zone in parallel with a zone cut deprives the registrant of the means to populate all but one of the supposedly equivalent apices (apexes?). Provisioning offers only these two approaches today, and so doesn't support a credible service for TLD registries to offer to their particular communities. Of course I'm projecting my notion of somebody else's problem. It would be helpful if one or other of those somebodies would confirm what they mean by "provisioning doesn't work for this". I'll be quite content to learn that I'm wrong, should that be how it turns out, because we'll have gained some clarity. Niall O'Reilly
- [dnsext] Name equivalence: Another no protocol ch… Alex Bligh
- Re: [dnsext] Name equivalence: Another no protoco… Niall O'Reilly
- Re: [dnsext] Name equivalence: Another no protoco… Alex Bligh
- Re: [dnsext] Name equivalence: Another no protoco… Niall O'Reilly
- Re: [dnsext] Name equivalence: Another no protoco… Alex Bligh
- Re: [dnsext] Name equivalence: Another no protoco… Niall O'Reilly
- Re: [dnsext] Name equivalence: Another no protoco… Alex Bligh
- Re: [dnsext] Name equivalence: Another no protoco… Niall O'Reilly
- Re: [dnsext] Name equivalence: Another no protoco… Alex Bligh
- Re: [dnsext] Name equivalence: Another no protoco… Niall O'Reilly
- Re: [dnsext] Name equivalence: Another no protoco… Alex Bligh
- Re: [dnsext] Name equivalence: Another no protoco… Niall O'Reilly