IETF Logo Mail Archive

Re: [dnsext] getting people to use new RRTYPEs

Douglas Otis <doug.mtview@gmail.com> Sat, 27 April 2013 00:15 UTC

Return-Path: <doug.mtview@gmail.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 248C221F9636 for <dnsext@ietfa.amsl.com>; Fri, 26 Apr 2013 17:15:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Level:
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[AWL=-0.500, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dgSvKXJuUVdO for <dnsext@ietfa.amsl.com>; Fri, 26 Apr 2013 17:15:33 -0700 (PDT)
Received: from mail-ob0-x22f.google.com (mail-ob0-x22f.google.com [IPv6:2607:f8b0:4003:c01::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 7893A21F962E for <dnsext@ietf.org>; Fri, 26 Apr 2013 17:15:33 -0700 (PDT)
Received: by mail-ob0-f175.google.com with SMTP id wp18so3984398obc.20 for <dnsext@ietf.org>; Fri, 26 Apr 2013 17:15:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:content-transfer-encoding:message-id:references:to:x-mailer; bh=VSMaQ7B/zwHXT0CnZYVoP/dmRiOzY9lT0IG62nvUSKA=; b=rmDn5CkOavlua41CjQCR3bASPkebedasIyOWsiFGwgSd5Zp09gABWPpS2tVoN8Tynb u6g0WxGqA4xfOx6r5WlwlaRF2v9qZ2IgecRcm9iUpJXFq+MnWfx9LkM06gn1suRMhl8L h3lIYNcWc3GR04zkpeQBOC5EKvKufeW7cjY9gylVXENEquRKHu1GUk99j5rYHbVYINgU NBO8J366t4on3SR7A0cD6oHJ1RZb2yo9g88NJ/qR6On4+XSkikaAiTOljz3wIlWrE5xh D2JcRpnSSCyyNNaBTSwzurDZ5YtjVHLRAWr42rXsiE9zgBA2OS+2PL0p52sxWhnaiedW 9evg==
X-Received: by 10.60.135.1 with SMTP id po1mr19907530oeb.116.1367021733058; Fri, 26 Apr 2013 17:15:33 -0700 (PDT)
Received: from [192.168.1.194] (c-24-4-157-244.hsd1.ca.comcast.net. [24.4.157.244]) by mx.google.com with ESMTPSA id it9sm10045410obb.6.2013.04.26.17.15.30 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 26 Apr 2013 17:15:32 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Douglas Otis <doug.mtview@gmail.com>
In-Reply-To: <20130426231430.75437.qmail@joyce.lan>
Date: Fri, 26 Apr 2013 17:15:28 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <0D821AF2-A61D-438A-A146-82DB97535EAD@gmail.com>
References: <20130426231430.75437.qmail@joyce.lan>
To: John Levine <johnl@taugh.com>
X-Mailer: Apple Mail (2.1503)
Cc: dnsext@ietf.org
Subject: Re: [dnsext] getting people to use new RRTYPEs
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Apr 2013 00:15:34 -0000

On Apr 26, 2013, at 4:14 PM, "John Levine" <johnl@taugh.com> wrote:

>> On Thu, Apr 25, 2013 at 06:41:31PM -0700, Doug Barton wrote:
>> 
>>> 1. Insert the ability into the interface to add freeform stuff
>>> 2. Run the equivalent of named-checkzone prior to committing the change
>>> 3. Profit!
>> 
>> That's preposterously naive.  Step 2.1 is "Find that customer who has
>> no theory of the mystifying DNS arcana screwed it up, so you can't
>> publish, and now you have to contact a human.  Stop.  Invoke expensive
>> off-page customer service process."  In some significant number of
>> cases, we never get to step 3.  In the DNS business, the margins are
>> small.  
> 
> You also forgot step 1.9, in which the software faeries magically
> update named-checkzone for every new RRTYPE, even though the times
> when new RRTYPEs are defined bear no relation to any sort of software
> update or release schedule, and people who want to experiment with new
> RRTYPEs are unlikely also to have the skills or inclination to patch
> the BIND parser.
> 
> R's,
> John
> 
> PS: That's why my hack, using an idea from Vixie, automatically
> configures new RRTYPEs as they're published, with no software changes
> or updates needed.  Again, I don't claim that's the only way to do it,
> but I do strongly believe that a useful configurable provisioning or
> DNS system can't require per-RR software changes.

John,

A configurable provisioning scheme sounds nice until you realize a defined and provisioned method to encode CIDR prefixes in binary existed several years with suitable input schemes before SPF's text approach was developed.  Bind was not the barrier.  It was RPC templates missing in Windows.  Substantial amounts were offered to those willing to implement Sender-ID, but they themselves were unable to support established DNS resource records?  Do you really think had there been a provisioning scheme in place things would have been different?  

If done today, Lists of Address Prefixes (APL RR) sets offer a superior solution.  If APL instead of TXT had been the choice made then, configuring prefixes would be easier and less burdened with unused options and poorly considered features.  A prefix label in SRV fashion with APL offers more interesting, concise, and cleaner results.  This may not convince a web designer wanting to add dancing fruit, but XMPP used web techniques to implement a safer and more scalable StartTLS solution using binary RRs.  Why not do the same with SMTP?  

Regards,
Douglas Otis

v2.23.0 | Report a Bug | By Email