[dnsext] Autoconfiguration of variants

"George Barwood" <george.barwood@blueyonder.co.uk> Tue, 08 March 2011 22:57 UTC

Return-Path: <george.barwood@blueyonder.co.uk>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 452C73A67A8 for <dnsext@core3.amsl.com>; Tue, 8 Mar 2011 14:57:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.695
X-Spam-Status: No, score=0.695 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, HELO_EQ_BLUEYON=1.4, MIME_BASE64_BLANKS=0.041, MIME_BASE64_TEXT=1.753]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id aUpVtWk94zsq for <dnsext@core3.amsl.com>; Tue, 8 Mar 2011 14:57:11 -0800 (PST)
Received: from smtp-out4.blueyonder.co.uk (smtp-out4.blueyonder.co.uk []) by core3.amsl.com (Postfix) with ESMTP id 2FB423A67A5 for <dnsext@ietf.org>; Tue, 8 Mar 2011 14:57:10 -0800 (PST)
Received: from [] (helo=anti-virus01-10) by smtp-out4.blueyonder.co.uk with smtp (Exim 4.52) id 1Px5rD-00017z-Hk for dnsext@ietf.org; Tue, 08 Mar 2011 22:58:23 +0000
Received: from [] (helo=GeorgeLaptop) by asmtp-out4.blueyonder.co.uk with smtp (Exim 4.72) (envelope-from <george.barwood@blueyonder.co.uk>) id 1Px5r1-0003xb-KZ for dnsext@ietf.org; Tue, 08 Mar 2011 22:58:11 +0000
Message-ID: <8E708CF867F54D02825E0E66A9861EB8@local>
From: "George Barwood" <george.barwood@blueyonder.co.uk>
To: <dnsext@ietf.org>
Date: Tue, 8 Mar 2011 22:58:10 -0000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5994
Subject: [dnsext] Autoconfiguration of variants
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Mar 2011 22:57:12 -0000

I have not yet properly understood the CLONE draft, for which I apologise,
but it seems to suffer from some technical issues.

How about this approach:

(1) A new RRTYPE that defines the aliases for a given domain.

www.mybigbank.com. VARIANTS www.my-big-bank.com. | www.my-bigbank.com. | www.mybig-bank.com.

(2) An application ( say a web server ) that is configured to handle www.mybigbank.com will on initialisation
check the DNS for variants, and if they are defined, will automatically configure them.

(3) Authoritative DNS servers when they see a VARIANTS record will auto-configure the appropriate copy zones.
For DNSSEC this needs to be handled during zone signing. 

(4) Possibly for concise expression, instead of a simple list of domain names, some limited pattern matching
might be allowed in the RDATA of the VARIANTS record, e.g.

www.mybigbank.com. VARIANTS www.my[-]big[-]bank.com.

(5) Resolvers do not need updating.

George (apologies if this is stupid, or is equivalent to an existing proposal )