IETF Logo Mail Archive

Re: [dnsext] Naked domain resolution with DNSSEC

Mark Andrews <marka@isc.org> Fri, 25 October 2013 13:15 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3426511E83EF for <dnsext@ietfa.amsl.com>; Fri, 25 Oct 2013 06:15:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.569
X-Spam-Level:
X-Spam-Status: No, score=-2.569 tagged_above=-999 required=5 tests=[AWL=0.030, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OVLYbIGGDZVm for <dnsext@ietfa.amsl.com>; Fri, 25 Oct 2013 06:14:51 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) by ietfa.amsl.com (Postfix) with ESMTP id 6C2D211E8192 for <dnsext@ietf.org>; Fri, 25 Oct 2013 06:14:49 -0700 (PDT)
Received: from mx.pao1.isc.org (localhost [127.0.0.1]) by mx.pao1.isc.org (Postfix) with ESMTP id 098B9C9483; Fri, 25 Oct 2013 13:14:36 +0000 (UTC) (envelope-from marka@isc.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=dkim2012; t=1382706889; bh=Q9O0+NOOCIMZZvR1T8fKNpyljB0/JeoywK8GDqb9HEM=; h=To:Cc:From:References:Subject:In-reply-to:Date; b=tvJnpyum/u0MlN1kB5lkn/ZKXVvoogl/LNYugTtpVBnFa8+YAoPp+kcAtVtk+rwVw lkKmFHcM0IxCaZaXzXbydXwFA7ZIHFGAwmYpMCV3NNKyrs1GN74RZdf441Xx31bbn3 ANRp18InBQSeefkmoVV4ob8RiGFms141IDdSFlfU=
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) by mx.pao1.isc.org (Postfix) with ESMTP; Fri, 25 Oct 2013 13:14:36 +0000 (UTC) (envelope-from marka@isc.org)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 8FA81160470; Fri, 25 Oct 2013 13:19:30 +0000 (UTC)
Received: from rock.dv.isc.org (c211-30-183-50.carlnfd1.nsw.optusnet.com.au [211.30.183.50]) by zmx1.isc.org (Postfix) with ESMTPSA id 5FD9816042E; Fri, 25 Oct 2013 13:19:30 +0000 (UTC)
Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id EAAF48BEA92; Sat, 26 Oct 2013 00:14:31 +1100 (EST)
To: Andrew Sullivan <ajs@anvilwalrusden.com>
From: Mark Andrews <marka@isc.org>
References: <21069.41000.63116.736893@gro.dd.org> <F04702D34F7A2740A330302703120864384C8916@SINEX14MBXC421.southpacific.corp.microsoft.com> <21074.61535.976353.482373@gro.dd.org> <E66B38BB793BAF439EF374F3E7EBEE464B6202F6@SINEX14MBXC415.southpacific.corp.microsoft.com> <21095.58207.781300.353688@gro.dd.org> <E66B38BB793BAF439EF374F3E7EBEE464B620758@SINEX14MBXC415.southpacific.corp.microsoft.com> <C94CB03B-44C8-4792-9097-141D812EC01C@rfc1035.com> <E66B38BB793BAF439EF374F3E7EBEE464B620972@SINEX14MBXC415.southpacific.corp.microsoft.com> <21096.7524.908259.719737@gro.dd.org> <2013102517253369957870@cnnic.cn> <20131025093648.GB12997@mx1.yitter.info>
In-reply-to: Your message of "Fri, 25 Oct 2013 05:36:50 -0400." <20131025093648.GB12997@mx1.yitter.info>
Date: Sat, 26 Oct 2013 00:14:31 +1100
Message-Id: <20131025131431.EAAF48BEA92@rock.dv.isc.org>
X-DCC--Metrics: post.isc.org; whitelist
Cc: Thirunadha Reddy <thirunr@microsoft.com>, "dnsext@ietf.org Group" <dnsext@ietf.org>, Sourav Sain <sosain@microsoft.com>
Subject: Re: [dnsext] Naked domain resolution with DNSSEC
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Oct 2013 13:15:01 -0000

In message <20131025093648.GB12997@mx1.yitter.info>, Andrew Sullivan writes:
> On Fri, Oct 25, 2013 at 05:25:48PM +0800, Jiankang Yao wrote:
> > 
> > BNAME, which directs both itself and its children, may solve it. the draft 
> about BNAME was discussed 3 years ago.
> 
> > _______________________________________________
> 
> Yes, and if it were compatible with DNSSEC, perhaps people would have
> pursued it.  But it won't work with DNSSEC.

And you know as well as I do that it can be made to work with DNSSEC
the same way as NSEC3 was made to work with DNSSEC.

> Best,
> 
> A
> 
> -- 
> Andrew Sullivan
> ajs@anvilwalrusden.com
> _______________________________________________
> dnsext mailing list
> dnsext@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsext
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email