Re: [dnsext] Announcing public suffixes as a DNS record
Phillip Hallam-Baker <hallam@gmail.com> Fri, 01 February 2013 17:32 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A6FD21F868F for <dnsext@ietfa.amsl.com>; Fri, 1 Feb 2013 09:32:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[AWL=-3.500, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4gmN2H13Tk8d for <dnsext@ietfa.amsl.com>; Fri, 1 Feb 2013 09:32:26 -0800 (PST)
Received: from mail-wg0-f43.google.com (mail-wg0-f43.google.com [74.125.82.43]) by ietfa.amsl.com (Postfix) with ESMTP id 5470921E80C9 for <dnsext@ietf.org>; Fri, 1 Feb 2013 09:32:13 -0800 (PST)
Received: by mail-wg0-f43.google.com with SMTP id e12so3011608wge.34 for <dnsext@ietf.org>; Fri, 01 Feb 2013 09:32:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=lY1FHdqcAsQN2uYv63bc4wTo3TrJUUE5aIr6RpZJQRI=; b=Ip/kquSSAmTXeHrR2ClqCnndENfhD3J0kn7L3TFWp5QwA+tmW5W1bN1jLgNpasjQvn ZJ0LBhN2xT8DybRYS0Vh5R3btEDZHNVB8b+2/f5ELot2ojVi9S06lfSuRPchAtOj9AKO 1F+lYMMmvEivr0huhxO6MFkWBl+PqAwUcLv4e+CeWYmG3xiY++GHB+fmSCm0t31M9sD3 CMVuObq7ClBLF3Jb4cjPlaGbP9x1LfI0JVUP/84b7ZHPJlGaNcbylryWgBP3rEextQcV 0NI2dKBwgrSdp3LUHtOxhNmXTtCVuqHX64LukhgyPsi1TDuMxx65Xg8ol6v575FLdw/t oyNw==
MIME-Version: 1.0
X-Received: by 10.180.78.34 with SMTP id y2mr4405435wiw.3.1359739932494; Fri, 01 Feb 2013 09:32:12 -0800 (PST)
Received: by 10.194.16.74 with HTTP; Fri, 1 Feb 2013 09:32:12 -0800 (PST)
In-Reply-To: <A3773108-EE7A-4A13-9902-B0E04941F1A3@vpnc.org>
References: <CAMm+LwjeW-7ZG-DO--v4qiE0N2XN+_nA9octgm5puS3RsAreYg@mail.gmail.com> <A3773108-EE7A-4A13-9902-B0E04941F1A3@vpnc.org>
Date: Fri, 01 Feb 2013 12:32:12 -0500
Message-ID: <CAMm+LwhbNSMybwM6TvnkEdGnre1tvKm21RzgfUzVkAG4qFjmvA@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: multipart/alternative; boundary="f46d043c7ecca9cc9a04d4ad1f96"
Cc: DNSEXT Working Group <dnsext@ietf.org>
Subject: Re: [dnsext] Announcing public suffixes as a DNS record
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Feb 2013 17:32:27 -0000
On Fri, Feb 1, 2013 at 11:58 AM, Paul Hoffman <paul.hoffman@vpnc.org> wrote: > On Feb 1, 2013, at 8:30 AM, Phillip Hallam-Baker <hallam@gmail.com> wrote: > > > Has anyone written a draft to propose such a record or is interested in > helping to make such a proposal? > > draft-sullivan-domain-origin-assert deals with the core issue, and does so > in healthier way than simply reproducing the Mozilla list (which is often > wrong due to insufficient input and validation). > Well it is not just a question of 'the Mozilla list' there are multiple lists in use maintained separately :( The idea would be to migrate away from that position and do so by pushing the responsibility for maintaining these lists onto ICANN and the operators of large public spaces like blogspot.com > > I still would like to see draft-sullivan-domain-origin-assert adopted as a > standard. > Andrew's proposal is essentially the opposite of mine. Instead of assertions of the form 'this is a gap in the trust model', Andrew proposes that the default is disconnected and trust is only established if there is an explicit link. That is definitely the right way to do this particular feature for JavaScript if starting from scratch. (OK no the right way is not to do it at all but..) But I don't see a viable transition strategy from where we are to where we want to be. Happy to be proved wrong here... -- Website: http://hallambaker.com/
- [dnsext] Announcing public suffixes as a DNS reco… Phillip Hallam-Baker
- Re: [dnsext] Announcing public suffixes as a DNS … Paul Hoffman
- Re: [dnsext] Announcing public suffixes as a DNS … Phillip Hallam-Baker
- Re: [dnsext] Announcing public suffixes as a DNS … Andrew Sullivan
- Re: [dnsext] Announcing public suffixes as a DNS … Andrew Sullivan
- Re: [dnsext] Announcing public suffixes as a DNS … Paul Hoffman
- Re: [dnsext] Announcing public suffixes as a DNS … Florian Weimer
- Re: [dnsext] Announcing public suffixes as a DNS … Chris Thompson
- Re: [dnsext] Announcing public suffixes as a DNS … Mark Andrews
- Re: [dnsext] Announcing public suffixes as a DNS … Phillip Hallam-Baker
- Re: [dnsext] Announcing public suffixes as a DNS … Phillip Hallam-Baker