IETF Logo Mail Archive

Re: [dnsext] does making names the same NEED protocol changes at all?

Nicholas Weaver <nweaver@icsi.berkeley.edu> Fri, 25 February 2011 18:50 UTC

Return-Path: <nweaver@icsi.berkeley.edu>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E57483A69FB for <dnsext@core3.amsl.com>; Fri, 25 Feb 2011 10:50:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TexxcNk55Gan for <dnsext@core3.amsl.com>; Fri, 25 Feb 2011 10:50:58 -0800 (PST)
Received: from taffy.ICSI.Berkeley.EDU (taffy.ICSI.Berkeley.EDU [192.150.187.26]) by core3.amsl.com (Postfix) with ESMTP id 2FC553A67C1 for <dnsext@ietf.org>; Fri, 25 Feb 2011 10:50:58 -0800 (PST)
Received: from [192.168.5.170] (unknown [64.134.235.223]) (Authenticated sender: nweaver) by taffy.ICSI.Berkeley.EDU (Postfix) with ESMTP id 1F40336A017; Fri, 25 Feb 2011 10:51:51 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset="us-ascii"
From: Nicholas Weaver <nweaver@icsi.berkeley.edu>
In-Reply-To: <20110225184838.GS74938@shinkuro.com>
Date: Fri, 25 Feb 2011 10:51:48 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <A6CD428C-2D90-44DE-B623-26E80828677B@icsi.berkeley.edu>
References: <AANLkTikHm62x=+xWpSRyERw2cB31yZZhVkTT-90dgFjk@mail.gmail.com> <39EBBA76-22F1-4935-9300-B0078B229793@ICSI.Berkeley.EDU> <5A100E65-FB09-4556-AA5A-BF9FE0468DDA@ICSI.Berkeley.EDU> <AANLkTikECGtJm5WyDnX=s8zTERu89qLbFDebf8R1y4Pa@mail.gmail.com> <6AD400292B2C771C7FE70E8F@Ximines.local> <20110225143043.GB74938@shinkuro.com> <AANLkTimfhfsj65Vec61-_Q18+RoC1144Zf1E2bQhvt18@mail.gmail.com> <alpine.LSU.2.00.1102251653290.5244@hermes-1.csi.cam.ac.uk> <AANLkTinvqqGTGPeMXUcAv5iY1KGn_=LwfGr3debWo_GE@mail.gmail.com> <F87B152F-4941-4B6D-8DC1-4F7D60198DA7@icsi.berkeley.edu> <20110225184838.GS74938@shinkuro.com>
To: Andrew Sullivan <ajs@shinkuro.com>
X-Mailer: Apple Mail (2.1082)
Cc: dnsext@ietf.org
Subject: Re: [dnsext] does making names the same NEED protocol changes at all?
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Feb 2011 18:50:59 -0000

On Feb 25, 2011, at 10:48 AM, Andrew Sullivan wrote:

> No hat
> 
> On Fri, Feb 25, 2011 at 10:34:22AM -0800, Nicholas Weaver wrote:
>> 
>> There is NOTHING which prevents such slaves from forwarding the dynamically signed requests to the master and caching the results and forwarding it on.
> 
> Except, of course, that it would be insane, since that would turn the
> master into a potential single point of failure for any lookup in the
> zone.  A significant reason for the success of the DNS is its loose
> consistency and resulting resilience to failure.  Any scheme which
> replaces that with a single server is doomed to failure.

It is ONLY a point of failure for NeW MiXED CasINGs which appear.  Old ones remain cached.

And unlike other schemes, does NOT require any changes to resolvers.  Any proposal which requires changes to resolvers rather than just authorities which want to support non-ascii mixed case is IMO, a non-starter.

v2.23.0 | Report a Bug | By Email