IETF Logo Mail Archive

Re: [dnsext] I-D Action:draft-ietf-dnsext-aliasing-requirements-00.txt

John Levine <johnl@iecc.com> Sun, 27 February 2011 19:14 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 88A083A6A2A for <dnsext@core3.amsl.com>; Sun, 27 Feb 2011 11:14:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.754
X-Spam-Level:
X-Spam-Status: No, score=-110.754 tagged_above=-999 required=5 tests=[AWL=0.445, BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9JvaXcEvBS-H for <dnsext@core3.amsl.com>; Sun, 27 Feb 2011 11:14:44 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [64.57.183.53]) by core3.amsl.com (Postfix) with ESMTP id 610F13A6A00 for <dnsext@ietf.org>; Sun, 27 Feb 2011 11:14:44 -0800 (PST)
Received: (qmail 13941 invoked from network); 27 Feb 2011 19:15:42 -0000
Received: from mail1.iecc.com (64.57.183.56) by mail1.iecc.com with QMQP; 27 Feb 2011 19:15:42 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding:vbr-info; s=1aa9.4d6aa2de.k1102; i=johnl@user.iecc.com; bh=SBcYJmcJJePppzfslKxskfpEQZiDaIFypyLDSmT5K9U=; b=rRsp5oLMsem50LNySwuHpuNNLR6l9XEJ9xnpF7tdD80rA+GwrXem8zsZvPGT+vDeyELHwijfi77dHIgDuntFI18EpH/kKcXkBwAJA1V4/VVFKmcy+Fz0HHHDT3ofR8LHZypap57wNU3Tp/AfVZhW9cBparCZl0frTSE+3MudyZk=
VBR-Info: md=iecc.com; mc=all; mv=dwl.spamhaus.org
Date: Sun, 27 Feb 2011 19:15:42 -0000
Message-ID: <20110227191542.6824.qmail@joyce.lan>
From: John Levine <johnl@iecc.com>
To: dnsext@ietf.org
In-Reply-To: <4D66C0C1.1090909@dougbarton.us>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 7bit
Subject: Re: [dnsext] I-D Action:draft-ietf-dnsext-aliasing-requirements-00.txt
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Feb 2011 19:14:45 -0000

>My understanding is that it is to help application developers to be
>able to auto-configure things to handle multiple variants. I think
>this is a good idea, and you made a good catch in noting that it's
>not in Section 4.

Yes, I was going to point out the same thing.

In the security section, I'd suggest adding something about who can
make one domain an alias of another.  Currently, anyone can point a
CNAME or DNAME at anything, but since few applications currently
autoconfigure based on CNAMEs, it's not a big deal.  If
autoconfiguration becomes common, the security issues are a lot more
complex.

Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly

v2.23.0 | Report a Bug | By Email