Re: [dnsext] getting people to use new RRTYPEs
Mark Andrews <marka@isc.org> Fri, 26 April 2013 02:16 UTC
Return-Path: <marka@isc.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F066E21F975F for <dnsext@ietfa.amsl.com>; Thu, 25 Apr 2013 19:16:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FPzpULdlb69q for <dnsext@ietfa.amsl.com>; Thu, 25 Apr 2013 19:16:10 -0700 (PDT)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) by ietfa.amsl.com (Postfix) with ESMTP id AFBDA21F9761 for <dnsext@ietf.org>; Thu, 25 Apr 2013 19:16:09 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "mail.isc.org", Issuer "RapidSSL CA" (not verified)) by mx.ams1.isc.org (Postfix) with ESMTPS id 50E005F9949; Fri, 26 Apr 2013 02:15:58 +0000 (UTC) (envelope-from marka@isc.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=dkim2012; t=1366942569; bh=tPdgPC5JXAYkbxd8hnXAmumMtC4EoyhxOovNv+Xxlx4=; h=To:Cc:From:References:Subject:In-reply-to:Date; b=GfIYeevjXFrWQx8X9Im6wUeD2EgzMKojxfR5MRDH8QTOapPfV+mYQrC4DbLT5v83e mAk+hyBy2hDBfmQwGJ05nXp8ExpNnoxALodpF5dgeAsYgq60BzI8y8hzhbmZJ4VtyB 12voykcli/hooOlTXu7pmzgNMabPtkvpE01JOP7Y=
Received: from drugs.dv.isc.org (unknown [IPv6:2001:470:1f00:820:4129:b64c:428a:9207]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id 66CAA216C43; Fri, 26 Apr 2013 02:15:56 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [IPv6:::1]) by drugs.dv.isc.org (Postfix) with ESMTP id 06E2632FBABE; Fri, 26 Apr 2013 12:15:29 +1000 (EST)
To: Doug Barton <dougb@dougbarton.us>
From: Mark Andrews <marka@isc.org>
References: <alpine.BSF.2.00.1304251758160.66546@joyce.lan> <20130426004632.B5E1E32FAF70@drugs.dv.isc.org> <alpine.BSF.2.00.1304252131590.67465@joyce.lan> <5179DB4B.2040403@dougbarton.us>
In-reply-to: Your message of "Thu, 25 Apr 2013 18:41:31 -0700." <5179DB4B.2040403@dougbarton.us>
Date: Fri, 26 Apr 2013 12:15:29 +1000
Message-Id: <20130426021530.06E2632FBABE@drugs.dv.isc.org>
Cc: dnsext@ietf.org
Subject: Re: [dnsext] getting people to use new RRTYPEs
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 02:16:11 -0000
In message <5179DB4B.2040403@dougbarton.us>, Doug Barton writes: > On 04/25/2013 06:32 PM, John R Levine wrote: > >> Nobody is stating that there is no barrier. Just that the barriers > >> are not as big as people keep stating they are. If your DNS hoster > >> doesn't support a type in their web interface complain to them or > >> move to someone who does. Generic support for new types is nearly > >> a decade old now. > > > > You must know a different set of DNS hosters than I do. It's vanishingly > > rare to find one that lets you insert random records via the provisioning > > software. You can go looking for ones you like, but good luck. For the > > vast majority of DNS users, it's a feature that they can't install random > > crud, not a bug. > > > > This is why I keep saying over and over again that it would be nice if we > > made it easier for them to handle new RRTYPEs in a way that makes it > > harder to shoot yourself in the foor than allowing random hex strings. > > John, > > I realize that you have an agenda to push your idea, but for the sake of > anyone new to this discussion who hasn't seen my response to this before: > > 1. Insert the ability into the interface to add freeform stuff > 2. Run the equivalent of named-checkzone prior to committing the change > 3. Profit! And it's not like example code to do this for individual RRs doesn't exist. It would be about 10 minutes work to take this existing test code and make it into a application that returns 0 or 1 for the exit code. It would still need a man page, test suite for the application itself to be written, etc. but overall not a big deal. One could even make it spit out the records in unknown format if you were worried about having to upgrade the nameserver quickly. [drugs:bind9.drugs/bin/tests] marka% ./rdata_test IN A 1.2.3.4 dns_rdatatype_fromtext returned unknown class/type(65543) [drugs:bind9.drugs/bin/tests] marka% ./rdata_test A IN 1.2.3.4 type = A(1) class = IN(1) "1.2.3.4" [drugs:bind9.drugs/bin/tests] marka% ./rdata_test A IN 1.2.3.4.5 type = A(1) class = IN(1) dns_rdata_fromtext: stream-0x7fff7bf21a90:1: near '1.2.3.4.5': bad dotted quad dns_rdata_fromtext returned bad dotted quad(65541) [drugs:bind9.drugs/bin/tests] marka% > Fixing the provisioning systems isn't hard to do, it's not even a > complex problem. The issue is that for the most part service providers > don't want to make ANY changes to existing stuff because it eats into > their profits. That's understandable, but if we're going to give in to > that then the answer is "no new RRtypes ever," which is not acceptable. > > So can we please stop trotting out the provisioning system argument? > Mark is right, new RRtypes aren't hard to deal with. I've made the point > previously that things like DNSSEC and AAAA have long-since "cracked the > ice" on the old "fire and forget" method of DNS software deployment, and > every day that goes by brings new and exciting developments in the DNS > world. That doesn't mean that deploying new stuff is "easy," just that > it's a lot easier than it used to be, gets easier every day, and there > is market pressure to keep making it get easier as we go along. > > Doug > > _______________________________________________ > dnsext mailing list > dnsext@ietf.org > https://www.ietf.org/mailman/listinfo/dnsext -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- Re: [dnsext] getting people to use new RRTYPEs Doug Barton
- Re: [dnsext] getting people to use new RRTYPEs John R Levine
- Re: [dnsext] getting people to use new RRTYPEs Mark Andrews
- Re: [dnsext] getting people to use new RRTYPEs John R Levine
- Re: [dnsext] getting people to use new RRTYPEs Mark Andrews
- Re: [dnsext] getting people to use new RRTYPEs John Levine
- Re: [dnsext] getting people to use new RRTYPEs Mark Andrews
- Re: [dnsext] getting people to use new RRTYPEs Doug Barton
- Re: [dnsext] getting people to use new RRTYPEs Douglas Otis
- Re: [dnsext] getting people to use new RRTYPEs Jim Reid
- Re: [dnsext] getting people to use new RRTYPEs Mark Andrews
- Re: [dnsext] getting people to use new RRTYPEs joel jaeggli
- Re: [dnsext] getting people to use new RRTYPEs Jim Reid
- Re: [dnsext] getting people to use new RRTYPEs Jim Reid
- Re: [dnsext] getting people to use new RRTYPEs Ted Lemon
- Re: [dnsext] getting people to use new RRTYPEs Andrew Sullivan
- Re: [dnsext] getting people to use new RRTYPEs Måns Nilsson
- Re: [dnsext] getting people to use new RRTYPEs Warren Kumari
- Re: [dnsext] getting people to use new RRTYPEs Doug Barton
- Re: [dnsext] getting people to use new RRTYPEs Andrew Sullivan
- Re: [dnsext] getting people to use new RRTYPEs John Levine
- Re: [dnsext] getting people to use new RRTYPEs Douglas Otis