IETF Logo Mail Archive

Re: [DNSOP] ALT-TLD and (insecure) delgations.

Ray Bellis <ray@bellis.me.uk> Mon, 06 February 2017 18:12 UTC

Return-Path: <ray@bellis.me.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 302C01295AD for <dnsop@ietfa.amsl.com>; Mon, 6 Feb 2017 10:12:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GWlC9r-o0iZl for <dnsop@ietfa.amsl.com>; Mon, 6 Feb 2017 10:12:34 -0800 (PST)
Received: from hydrogen.portfast.net (hydrogen.portfast.net [188.246.200.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B8D9129404 for <dnsop@ietf.org>; Mon, 6 Feb 2017 10:12:33 -0800 (PST)
Received: from [46.227.151.81] (port=62023 helo=rays-mbp.local) by hydrogen.portfast.net ([188.246.200.2]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) id 1canm9-0006JY-3H (Exim 4.72) for dnsop@ietf.org (return-path <ray@bellis.me.uk>); Mon, 06 Feb 2017 18:12:29 +0000
To: dnsop@ietf.org
References: <6391B5BB-19BD-4717-B9BB-ECD145F7B4F6@fugue.com> <20170206040516.1701.qmail@ary.lan> <CAPt1N1mbzhS19G_uDA8HokVxXuHy5uA7F1c84-1yUUpqZ2ifJQ@mail.gmail.com> <alpine.OSX.2.20.1702052315130.13902@ary.qy> <CAPt1N1m2mowdCF6igU0TN-FCcjas9AaY-uGma4HgPGKx0Jg4Tw@mail.gmail.com> <4E481C14-1C2B-4A18-A4F2-582208C1DDE3@ogud.com> <6B4E9F56-1487-4E09-9245-167C4790AB3D@gmail.com> <EFFF717C-3A5A-4877-8B40-2D5DF42FD19C@ogud.com> <91527611-CBAE-4DFD-8086-5D6499594108@gmail.com> <c1af826c-899e-db90-f592-514874660d7a@bellis.me.uk> <alpine.DEB.2.11.1702061633570.23062@grey.csi.cam.ac.uk>
From: Ray Bellis <ray@bellis.me.uk>
Message-ID: <e5e78d51-4880-c71d-97b6-c833f42f963d@bellis.me.uk>
Date: Mon, 06 Feb 2017 18:12:31 +0000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <alpine.DEB.2.11.1702061633570.23062@grey.csi.cam.ac.uk>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/2VmUCiXWYG0aPzQ4ZiuO0D0OhkA>
Subject: Re: [DNSOP] ALT-TLD and (insecure) delgations.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2017 18:12:36 -0000


On 06/02/2017 16:55, Tony Finch wrote:
> Ray Bellis <ray@bellis.me.uk> wrote:
>>
>> Yes, that's right, with the caveat that all existing locally served
>> zones are in the reverse space - there's no forward zones registered (yet).
> 
> There are several :-) RFC 6761 specifies localhost, invalid, test as
> locally served zones. RFC 6762 specifies local. RFC 7686 specifies onion.
> 
> RFC 7534 says that the AS112 DNAME target zones should be locally served,
> though they are not listed in the special use registry.
> 
> The example domains are special use but not locally served.

The "locally served zones" and "special use domains" registries are
different.  There is potentially scope for overlap.

It's possible that some special use domains might benefit from special
treatment in the root zone, too (".localhost" ?)

Ray

v2.23.0 | Report a Bug | By Email