Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

神明達哉 <> Thu, 25 January 2018 19:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0A8EF12EA54 for <>; Thu, 25 Jan 2018 11:23:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id OQ-55a9kvzdZ for <>; Thu, 25 Jan 2018 11:23:40 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c0c::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 24ABC12EA53 for <>; Thu, 25 Jan 2018 11:23:40 -0800 (PST)
Received: by with SMTP id t16so8769123wrc.10 for <>; Thu, 25 Jan 2018 11:23:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=S/h/fjPlC+Tsqmsv55ACJD0CG/A+s1qxKFV5fz+OmiQ=; b=cgA3dT0FmCqqS9G5pIJWGpfJpqNiLpSuyVBitYNZJYGUxnPXs3v/bwKa0d7vooKc/B nrmApWZrTBSCQ7obyVnbLBoX2Vtr3f6YXjjElwpbEMT5dBAr8gjMben81RQbuKtBdq/s QjEAFZi2QVMgOvGCmjlKtWXE8yC+Ao1fQop5qI36xLSuHh/fsmOQ7fxFODV4kXLPCP8Q niYR8Ao1e4t5EF3NeTdbXUU16Gb5bHPp9VJfyWIeDqOl7wNujAYMaApCM40ehsicxaZR I/bz4/cQlOsaBySmduvwOPQUwzInIDH8SGETBGiUjLfckXS9uJyjkOmY0U277RSMjYIU GzBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=S/h/fjPlC+Tsqmsv55ACJD0CG/A+s1qxKFV5fz+OmiQ=; b=eWNRMo7aN6Uf5TjPRLECr/9kmvydAcVkLnQCXTDpbsnyeG6KPWrlRkt/3kJ++IB4pT 7jdDWMsfZCa/8lhi7MFYzWR8AzW8oF1va34nqqyp6axkEnOXcPLaV4EXhRe59SaUuKqq 50I5x6xxVclLHMsHWXfzSq2ONc4LbP8O0bnsJjsXpvM7V9YXeLk5KPEfv1IfOYdFHMOY wW3Toxg2SXrsndJbZdXNYJXF3gXIWPDNYjMzfzl3Q73GJ7LFCK3BczFFOGunbY2gOKpl s4MKWNXKLUZl4dXXxLBItdIGtx9++Doss4iS6VfNfA+adGeRwkj0V81EZVEDD8uty93N Ez3w==
X-Gm-Message-State: AKwxytcAL7TtEP508R/cK25louea0fA35t7u69o2fkYb6iMjj6gO9AX/ spIrC/35x9VoUsC/mGRVlOxXjFhGiV2ICC4+Bzs=
X-Google-Smtp-Source: AH8x225czjueWP7iaRosxbMzeP7d/SRMAjMwRBWtsi3LQqYXfzhNSOnB+vuKM3GcyiN4g7csxy1K7BxVbibdrgNWpGc=
X-Received: by with SMTP id b3mr9466306wrf.236.1516908218323; Thu, 25 Jan 2018 11:23:38 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Thu, 25 Jan 2018 11:23:37 -0800 (PST)
In-Reply-To: <>
References: <>
From: =?UTF-8?B?56We5piO6YGU5ZOJ?= <>
Date: Thu, 25 Jan 2018 11:23:37 -0800
X-Google-Sender-Auth: 28DF6gSEDD-XlSbod2dBDFo4MIc
Message-ID: <>
To: Suzanne Woolf <>
Cc: dnsop <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Subject: Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 25 Jan 2018 19:23:42 -0000

At Mon, 22 Jan 2018 11:18:08 -0500,
Suzanne Woolf <> wrote:

> Please focus feedback on: Is this draft ready to go to the IESG for
> approval as an RFC? If not, can you suggest specific changes it
> needs?

I myself don't have a particular opinion on whether to send it to the
IESG, but I don't think it's ready for it based on my understanding of
the WG discussion so far.  In particular, I don't think I saw a wg
consensus about one major objection to the idea: "I'd like to keep my
right of configuring my DNS servers (authoritative or recursive) to
return whatever I want to 'localhost' queries".  Again, I personally
don't claim this right, but I see the concern.  If my observation is
correct and the WG has actually not reached a clear consensus on this,
I believe it should first achieve it.  If I miss a reached consensus,
I wouldn't oppose to it, but I believe the draft should discuss
how/why it justifies dismissing such concerns.

Some specific comments on the 02 version follow.

- (editorial) Section 1:
   This increases the likelihood
   that non-conformant stub resolvers will not go undetected.

  This is a kind of double negation ('not...undetected') and it was
  difficult to me to understand it on a first read.  I'd suggest
  revising it to, e.g:

   This increases the likelihood
   that non-conformant stub resolvers will go detected.

- Section 2

   The domain "localhost.", and any names falling within ".localhost.",
   are known as "localhost names".

  I'm afraid this definition can be a bit ambiguous.  It could read as
  if "a.localhost.example.' is a 'localhost name'.  I'd suggest:

   The domain "localhost.", and any names ending with "localhost.",
   are known as "localhost names".

- Section 3

   1.  Users are free to use localhost names as they would any other
       domain names.

  It's not clear to me what this sentence means.

- Section 3

   7.  DNS Registries/Registrars MUST NOT grant requests to register
       localhost names in the normal way to any person or entity.

  It's a bit awkward to me to use an RFC2119 keyword for what
  registries/registrars should (or should not) do.

- Section 5.1

   In this
   case, the requirement that the application resolve localhost names on
   its own may be safe to ignore, but only if all the requirements under
   point 2 of Section 3 are known to be followed by the resolver that is
   known to be present in the target environment.

  I don't understand this sentence, especially the phrase "if all the
   requirements under point 2 of Section 3 are known to be followed by
   the resolver".  Point 2 of Section 3 talks about application
   behavior (and I interpret "application" is a user of resolver, not
   resolver itself), so what does it mean by "known to be followed by
   the resolver"?

- Section 5.2

   Hosts like "" and
   "" contain a "localhost" label, but
   are not themselves localhost names, as they do not fall within

  I suggest: 'as they do not end with "localhost.".' (see my comment on
  Section 2 above).

- Section 6.1

   Some application software differentiates between the hostname
   "localhost" and the IP address "".

  You might also want to refer to ::1 here.

JINMEI, Tatuya