Re: [dnsext] DNAME with exceptions - work-around found
Brian Dickson <brian.peter.dickson@gmail.com> Mon, 13 September 2010 16:49 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B332E3A69F7; Mon, 13 Sep 2010 09:49:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.822
X-Spam-Level:
X-Spam-Status: No, score=-0.822 tagged_above=-999 required=5 tests=[AWL=1.776, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V6QfjlOc85aK; Mon, 13 Sep 2010 09:49:07 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 96AA33A69A0; Mon, 13 Sep 2010 09:49:05 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1OvCAR-000M3r-Pf for namedroppers-data0@psg.com; Mon, 13 Sep 2010 16:46:07 +0000
Received: from mail-fx0-f52.google.com ([209.85.161.52]) by psg.com with esmtp (Exim 4.72 (FreeBSD)) (envelope-from <brian.peter.dickson@gmail.com>) id 1OvCAO-000M3E-LC for namedroppers@ops.ietf.org; Mon, 13 Sep 2010 16:46:04 +0000
Received: by fxm13 with SMTP id 13so3872857fxm.11 for <namedroppers@ops.ietf.org>; Mon, 13 Sep 2010 09:46:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=l2r6gfdjGQhfZFn+L3pArgfIWpjyO4WA4vFP8ZCDMj0=; b=UK1gZHx8KKBCgIQl+NHq8s07jFVPDtf8nGLxuJueQaH2weRexb9r1Tdu7H+9+JGXfm 33tcNjtXPtPVBe1ke8uUJFf9NjtgDUxN60YQwKggHwMdMyurmtDqCGDqrpoGDd/iTl3m 5kQDKIx+bcMtzNAOmYNDm5CZHmW71M3mG+tgE=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=OqJlESjVkJ3GAzQsWDNIJMWCdPJfFrFIgLqSco/3JuM72njScabEsRYqSGyPo4sVkf Zqs//v0RMOG2hXNCuB96IFjDs0Sbj1vjpsJTp0eDDS0yxISD1Twm+m3CbtiZsoJ6eTHI rTJ4shKLpcurP9rt6Mj9NcZGxHmqu6LNiYLMg=
MIME-Version: 1.0
Received: by 10.223.111.76 with SMTP id r12mr3776436fap.0.1284396363518; Mon, 13 Sep 2010 09:46:03 -0700 (PDT)
Received: by 10.223.109.13 with HTTP; Mon, 13 Sep 2010 09:46:03 -0700 (PDT)
In-Reply-To: <20100913155827.GI19594@shinkuro.com>
References: <AANLkTim8o93AQhj_oUvWMvqNH6DiN_W9mLSznRLu9ePA@mail.gmail.com> <4C8B3F0E.8050806@nlnetlabs.nl> <AANLkTi=s92ndRdeTGzC16sMNkPkDNbqtkEjRiSCxiW15@mail.gmail.com> <20100913155827.GI19594@shinkuro.com>
Date: Mon, 13 Sep 2010 13:46:03 -0300
Message-ID: <AANLkTikcgNo+BwUbdHhiEmY3Mjpw6CtFY2BCMk6b21nU@mail.gmail.com>
Subject: Re: [dnsext] DNAME with exceptions - work-around found
From: Brian Dickson <brian.peter.dickson@gmail.com>
To: namedroppers@ops.ietf.org
Content-Type: multipart/alternative; boundary="001636c5966fff96c8049026d494"
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
On Mon, Sep 13, 2010 at 12:58 PM, Andrew Sullivan <ajs@shinkuro.com> wrote: > No hat. > > On Sun, Sep 12, 2010 at 07:24:20PM -0300, Brian Dickson wrote: > > Set the DNAME TTL to 0. > > I don't believe that this WG is going to standardize anything that > requires TTLs = 0. It's particularly not the sort of advice we can > offer operators of TLDs and so on. Nifty hacks are fun to think > about, but I don't think this is a proposal that is really going to go > anywhere. > > Actually, I concur. I am using the properties needed in achieving the hack, to show that I believe some work is probably needed, to avoid unpleasant choices by users of the DNS, i.e. registrants. It's traditional logic, "reduction to absurdity". If you start with a set of axioms, and reach an absurd conclusion, it means one of those axioms is a bad choice. The axioms here were: DNS protocol as is Make multiple domains "the same" Allow exceptions (to handle things which cannot be the same) Make it scale (i.e. something other than brute force provisioning -> dname) Registrants are likely to not have choice over the "allow exceptions", or "Make multiple domains the same", as requirements imposed on them. This suggests either provisioning-only as a solution, or a requirement to make some sort of change to the existing DNS RFCs to improve things where those requirements are taken as axiomatic. Brian P.S. I'm pretty sure that hierarchical SHADOW, without support for exceptions, can work, based on the hackery I did.
- [dnsext] DNAME with exceptions - work-around found Brian Dickson
- Re: [dnsext] DNAME with exceptions - work-around … W.C.A. Wijngaards
- Re: [dnsext] DNAME with exceptions - work-around … Brian Dickson
- Re: [dnsext] DNAME with exceptions - work-around … W.C.A. Wijngaards
- Re: [dnsext] DNAME with exceptions - work-around … Niall O'Reilly
- Re: [dnsext] DNAME with exceptions - work-around … Andrew Sullivan
- Re: [dnsext] DNAME with exceptions - work-around … Brian Dickson