IETF Logo Mail Archive

Re: [DNSOP] Questions on draft-ietf-dnsop-delegation-only

Joe Abley <jabley@hopcount.ca> Tue, 03 November 2020 21:15 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C6653A11E7 for <dnsop@ietfa.amsl.com>; Tue, 3 Nov 2020 13:15:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hopcount.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6JHai8ZD3fqj for <dnsop@ietfa.amsl.com>; Tue, 3 Nov 2020 13:15:28 -0800 (PST)
Received: from mail-qk1-x72f.google.com (mail-qk1-x72f.google.com [IPv6:2607:f8b0:4864:20::72f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E37C43A11EA for <dnsop@ietf.org>; Tue, 3 Nov 2020 13:15:27 -0800 (PST)
Received: by mail-qk1-x72f.google.com with SMTP id k9so16623004qki.6 for <dnsop@ietf.org>; Tue, 03 Nov 2020 13:15:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=HaQwgcsxPYch4JdxnfKX9ui4Q3CcPyNQaBWU9eRD3DE=; b=mvYYoZcGpMJrAlohwf6zlFq3YQC5jhfNlj+dpgmu/XPTQ+ywnb6pvseTni5J7EXVbO fxg4EJtMTRpW+5anyh8Co4OzCVT7dMcQY67e+20kGvPIoGVauQzCukXYbFnhHXFOWFMG SQy9fsEusULL+SBT3JX4vxkPKHsKa4awyVcZM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=HaQwgcsxPYch4JdxnfKX9ui4Q3CcPyNQaBWU9eRD3DE=; b=ZYfPPrdLvCdIYKgjRK7VmaC7Fto5fx9Hyf7Q5vwBj/u9f925B7PaEPJSnb80intijw NmViGCQV+JdsUL+pauJ1KKngKjMMHVv8APtszmHBi1wPr6xT0/SEr6TkX+H7l9EOoC0X 4eilz/N1grY/Y8cuM9NG3wXQEzsvQD7U04tBPyzKn4TcJJA3j22vP6h6ZEZhstsvYFos Xbt4Pj3bpkXYC8GHIHq8JiDZyh1QLW1Ra08lVIGYW4wd/KhbI3truSzviaHwr5fky3sa jjh4rYBH3StVq2gxpS+jUwoQMfiA/MOOKC4t7/uYpy9KRPPtFUpgMR6VLLWRUiskVozm AdRg==
X-Gm-Message-State: AOAM5319I/LgS1FRz/jB4eCZh3lvdkbgbqpHIqlszR6xb2yeLTpDP8Ya B3GdLS8c369r6/V2vSLTQNIDi61DQ64OykJWmHg=
X-Google-Smtp-Source: ABdhPJyH8CdIQXPGb8g4Dk1hqaPgbQXF+rFZTU+0hOrM65I0q429MqzpgjMhvIvQwKYlOsUoeELQ8A==
X-Received: by 2002:a37:ec2:: with SMTP id 185mr21710119qko.456.1604438126705; Tue, 03 Nov 2020 13:15:26 -0800 (PST)
Received: from ?IPv6:2607:f2c0:e784:c7:1907:91d8:c544:f7e8? ([2607:f2c0:e784:c7:1907:91d8:c544:f7e8]) by smtp.gmail.com with ESMTPSA id o2sm8090944qkd.12.2020.11.03.13.15.24 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 03 Nov 2020 13:15:25 -0800 (PST)
From: Joe Abley <jabley@hopcount.ca>
Message-Id: <6E7B50FC-BF24-468A-B2B4-062D365D63E8@hopcount.ca>
Content-Type: multipart/mixed; boundary="Apple-Mail=_18DF90BC-E205-4CE7-8E8E-9A8FCA7A4DE5"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Date: Tue, 03 Nov 2020 16:15:23 -0500
In-Reply-To: <1A141A5B-FD68-4991-BD90-DFE7EFAED49D@hopcount.ca>
Cc: dnsop <dnsop@ietf.org>
To: Paul Wouters <paul@nohats.ca>
References: <CAHbrMsDWR0Yf_66f7g6sYm5Wk5vg9avGnLLT2sqezHzJzK4qJw@mail.gmail.com> <05f9f7ce-1bb7-b195-1be5-4db4c13b3145@nic.cz> <alpine.LRH.2.23.451.2007301253530.416340@bofh.nohats.ca> <F16107A1-669C-41AD-9F59-1794C64B0737@hopcount.ca> <alpine.LRH.2.23.451.2008112048410.99493@bofh.nohats.ca> <alpine.LRH.2.23.451.2011030956000.2700646@bofh.nohats.ca> <1A141A5B-FD68-4991-BD90-DFE7EFAED49D@hopcount.ca>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/1qvk1cAWQIwc2SmpIpw0VM-OlNw>
Subject: Re: [DNSOP] Questions on draft-ietf-dnsop-delegation-only
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2020 21:15:29 -0000

Hey,

On 3 Nov 2020, at 10:49, Joe Abley <jabley@hopcount.ca> wrote:

>>> Well, 200+ TLD's are now removing this problematic orphan glue due to
>>> security reasons unrelated to this draft.
> 
> I have not done a survey of other TLD zones, but perhaps if I have a few spare minutes I'll take CZDS for a spin and see what I can see there.

I don't have access to all zone data in CZDS since some registries take longer to approve access than others. It's perhaps also worth mentioning that CZDS doesn't carry any ccTLD zone data. This is not a representative sample.

From a quick look (with very little checking, and more than a little crude scripty hackery) it looks to me like 217 TLDs have at least one orphan glue record and 872 have none, based on this incomplete sample.

jabley@manta bin % jq '.zones | map_values(select(.orphans > 0)) | keys | length' zonedata.json
217
jabley@manta bin % jq '.zones | map_values(select(.orphans == 0)) | keys | length' zonedata.json
872
jabley@manta bin % 

See attached, if you feel like slicing the data some other way (or checking it).


Joe

v2.23.0 | Report a Bug | By Email