[dnsext] Re: need new flag bit in EDNS, "do me no favours" (DMNF)
Paul Vixie <vixie@isc.org> Mon, 25 October 2010 16:59 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1254A3A6873; Mon, 25 Oct 2010 09:59:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.475
X-Spam-Level:
X-Spam-Status: No, score=-2.475 tagged_above=-999 required=5 tests=[AWL=0.124, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nFiyv6MvkfmM; Mon, 25 Oct 2010 09:59:35 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id EB9C83A6AFC; Mon, 25 Oct 2010 09:59:34 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1PAQMK-000H1e-1z for namedroppers-data0@psg.com; Mon, 25 Oct 2010 16:57:21 +0000
Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.72 (FreeBSD)) (envelope-from <vixie@vix.com>) id 1PAQMG-000H1C-8u for namedroppers@ops.ietf.org; Mon, 25 Oct 2010 16:57:16 +0000
Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 99B76A1021 for <namedroppers@ops.ietf.org>; Mon, 25 Oct 2010 16:57:15 +0000 (UTC) (envelope-from vixie@nsa.vix.com)
From: Paul Vixie <vixie@isc.org>
To: namedroppers@ops.ietf.org
Subject: [dnsext] Re: need new flag bit in EDNS, "do me no favours" (DMNF)
In-Reply-To: Your message of "Mon, 25 Oct 2010 11:45:23 +0200." <20101025094523.GA5187@nic.fr>
References: <59023.1287939121@nsa.vix.com> <20101025094523.GA5187@nic.fr>
X-Mailer: MH-E 8.1; nil; GNU Emacs 23.1.1
Date: Mon, 25 Oct 2010 16:57:15 +0000
Message-ID: <41281.1288025835@nsa.vix.com>
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
> Date: Mon, 25 Oct 2010 11:45:23 +0200 > From: Stephane Bortzmeyer <bortzmeyer@nic.fr> > > > opin? i can write a short i-d on it before beijing. > > -1. The "Do not mess with my DNS resolution" bit is the default value of > the DNS from the beginning and changing this default value means breaking > many assumptions. I suggest instead to add a bit "I like lies" for those > who want to experience NXDOMAIN unauthorized replacements and so on. while i'm not just sympathetic to that view but also passionately in love with that view, it's not a reasonable or practical position to take. the internet economy recognizes first-mover advantage more often than not, and the ISP's and ASP's who do "web error redirection" today are not going to stop no matter what anybody says. sometimes "web error redirection" is the only source of revenue for an ASP, or sometimes it's the difference between profitability or not for an ISP. in practical terms, telling them they should not do this and that the RFC's were the first movers, is meaningless. opt-in would have been the better design choice had events not overtaken us. opt-out, if it's explicit and in-band, is a carve-out. those of us who know that we never want "web error redirection" should be able to express this in unambiguous terms, so that ISP's and ASP's who perform "web error redirection" can be held to account for their conscious and deliberate choice of whether to honour our expressed preferences or not. that's what we can actually still accomplish, while we wait for end-to-end DNSSEC that will drive nails into the lid of the coffin containing "web error redirection" and similar practices.
- [dnsext] need new flag bit in EDNS, "do me no fav… Paul Vixie
- Re: [dnsext] need new flag bit in EDNS, "do me no… Colm MacCárthaigh
- Re: [dnsext] need new flag bit in EDNS, "do me no… Paul Vixie
- Re: [dnsext] need new flag bit in EDNS, "do me no… Paul Wouters
- Re: [dnsext] need new flag bit in EDNS, "do me no… Paul Vixie
- Re: [dnsext] need new flag bit in EDNS, "do me no… Phillip Hallam-Baker
- Re: [dnsext] need new flag bit in EDNS, "do me no… Roy Arends
- Re: [dnsext] need new flag bit in EDNS, "do me no… David Conrad
- Re: [dnsext] need new flag bit in EDNS, "do me no… Roy Arends
- Re: [dnsext] need new flag bit in EDNS, "do me no… Brian Dickson
- Re: [dnsext] need new flag bit in EDNS, "do me no… Mans Nilsson
- Re: [dnsext] need new flag bit in EDNS, "do me no… Paul Vixie
- Re: [dnsext] need new flag bit in EDNS, "do me no… Paul Vixie
- [dnsext] stub validation Paul Vixie
- Re: [dnsext] stub validation Paul Vixie
- Re: [dnsext] need new flag bit in EDNS, "do me no… Brian Dickson
- Re: [dnsext] need new flag bit in EDNS, "do me no… Phillip Hallam-Baker
- Re: [dnsext] need new flag bit in EDNS, "do me no… bmanning
- Re: [dnsext] stub validation David Conrad
- Re: [dnsext] stub validation Phillip Hallam-Baker
- Re: [dnsext] stub validation Masataka Ohta
- Re: [dnsext] need new flag bit in EDNS, "do me no… Jim Reid
- [dnsext] Re: need new flag bit in EDNS, "do me no… Stephane Bortzmeyer
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… David Conrad
- [dnsext] Re: need new flag bit in EDNS, "do me no… Paul Vixie
- Re: [dnsext] need new flag bit in EDNS, "do me no… Paul Wouters
- Re: [dnsext] need new flag bit in EDNS, "do me no… Jeffrey A. Williams
- Re: [dnsext] need new flag bit in EDNS, "do me no… Alex Bligh
- Re: [dnsext] need new flag bit in EDNS, "do me no… David Conrad
- Re: [dnsext] need new flag bit in EDNS, "do me no… Jeffrey A. Williams
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Mark Andrews
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Paul Vixie
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Colm MacCárthaigh
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Brian Dickson
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Phillip Hallam-Baker
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Paul Vixie
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Paul Vixie
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Alex Bligh
- [dnsext] Re: need new flag bit in EDNS, "do me no… Stephane Bortzmeyer
- [dnsext] Re: need new flag bit in EDNS, "do me no… Stephane Bortzmeyer
- [dnsext] Re: need new flag bit in EDNS, "do me no… Stephane Bortzmeyer
- [dnsext] Re: need new flag bit in EDNS, "do me no… Paul Vixie
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Alex Bligh
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Jim Reid
- Re: [dnsext] need new flag bit in EDNS, "do me no… Florian Weimer
- Re: [dnsext] need new flag bit in EDNS, "do me no… Florian Weimer
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Roosenraad, Chris
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Paul Wouters
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Jeffrey A. Williams
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Jeffrey A. Williams
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Nicholas Weaver
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Andreas Gustafsson
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Jeffrey A. Williams
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Paul Wouters
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Nicholas Weaver
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Jeffrey A. Williams
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… David Conrad
- [dnsext] Re: need new flag bit in EDNS, "do me no… David Conrad
- Re: [dnsext] need new flag bit in EDNS, "do me no… David Ulevitch
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Florian Weimer
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Andreas Gustafsson
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Paul Vixie
- Re: [dnsext] Re: need new flag bit in EDNS, "do m… Jeffrey A. Williams