Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
Shumon Huque <shuque@gmail.com> Sun, 24 June 2018 03:08 UTC
Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 280B01294D0 for <dnsop@ietfa.amsl.com>; Sat, 23 Jun 2018 20:08:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IelfHct1yclS for <dnsop@ietfa.amsl.com>; Sat, 23 Jun 2018 20:08:28 -0700 (PDT)
Received: from mail-yb0-x231.google.com (mail-yb0-x231.google.com [IPv6:2607:f8b0:4002:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 774FA129385 for <dnsop@ietf.org>; Sat, 23 Jun 2018 20:08:28 -0700 (PDT)
Received: by mail-yb0-x231.google.com with SMTP id v17-v6so3946090ybe.7 for <dnsop@ietf.org>; Sat, 23 Jun 2018 20:08:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oqvh0m8rHNHU0dVAialCKtqiQ6smhJ/eQhU4gTOS9/g=; b=ekkqxHmoJ/uRtRRKbhQ3GZ3YCZ0QNMp7hRtVQpy413w99R+bxbqqhhXoy5byL78jwh NpQhJNzwvEEpfxdAwOtwe2sVZlJAm68sQgPRa5/fttyW5lYpJdyRkh210LURP2qAgMCC eUL0A8ShQTmCATNKNpdTV84kjn/9GMJuhi78x5OgiWz32Ek/SdG7U4gqNX6UIp2lA+DJ KymlLUkVLF+c2N2X3XOCJ3AKrfIMFedD/h4pFUWBLprSenubQGhI8bigBhsqjjeOR6jf okdNSZ168VSdwUyqeBoT6g7xjGXkXBjE9RW3YRjLUnnEhPFZGPdd5cjWh/cKbQUSOLA7 pnZg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oqvh0m8rHNHU0dVAialCKtqiQ6smhJ/eQhU4gTOS9/g=; b=ej+kj7M4omI2bg2R3/FOdLvYT48zD+OcdBZXWs4V/nsWug97cct5H3cot7A3WtR0Vl +4nNTjpCXpEjukc5iONsaOT3WBzpIAR7S/oqcnSjR3igFXPYiE4KmHD2xOLNRTgce+GT kCOxDAfMl1LK8lKu2JV9K6XESfsM6nrHUIssLxTqRYOT0529L2J/++4yI+zOjaaboYas avY0sKZwKXRnmMUG7sdzAk87MBS/qtUkKtXU/PS0crtLfXsirzRJwKQZRWaRRfHiK0AA VzMtBEc0u4/psrw8DZAn690SHru1+eqpnLwxSluTnyp+d9pRCfVFasmwcGmQRSZ9O5W/ V3wA==
X-Gm-Message-State: APt69E3pzHWSJc3xmT3bj4lAzDElxf1lKnZtWuf2Gu1tRVuUUIgeQyHe X0npU7FzRROjwl6QfVR0lgs+W7iFNcwCrgLloTE=
X-Google-Smtp-Source: ADUXVKKbxTT4hoEDb2eMGXhFABiimGx8m8LzhwiGdjSEFk6EFYkwLkxPhgogaIDwIeTlH9S9+emw2s3JDr5+oWh2Qa0=
X-Received: by 2002:a25:f817:: with SMTP id u23-v6mr3550706ybd.62.1529809707637; Sat, 23 Jun 2018 20:08:27 -0700 (PDT)
MIME-Version: 1.0
References: <b73f3dc7-b378-d5d8-c7a2-42bc4326fbae@nic.cz> <alpine.DEB.2.11.1806191428250.916@grey.csi.cam.ac.uk> <CAJhMdTO2kj+nUqESg3ew=wwZuB9OzkJE6pST=mae7pHiEk4-Qw@mail.gmail.com> <20180623210416.GA12346@mournblade.imrryr.org> <CAJhMdTNzOUSjTmnorzrJze9F7Gcc+eWAjqii_4uJ4UmJPvQC-Q@mail.gmail.com> <5B2F05AE.3060306@redbarn.org>
In-Reply-To: <5B2F05AE.3060306@redbarn.org>
From: Shumon Huque <shuque@gmail.com>
Date: Sat, 23 Jun 2018 23:08:15 -0400
Message-ID: <CAHPuVdU36_g2ysfdhqik93oMHeUuXi1hXxkH-eetqBc-OTYkTQ@mail.gmail.com>
To: Paul Vixie <paul@redbarn.org>
Cc: Joe Abley <jabley@hopcount.ca>, "dnsop@ietf.org WG" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000032a2bb056f5a949f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/2mHwBgEnONxmfaQMalw7AG-x2U4>
Subject: Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Jun 2018 03:08:30 -0000
On Sat, Jun 23, 2018 at 10:45 PM Paul Vixie <paul@redbarn.org> wrote: > > Joe Abley wrote: > > I think a pragmatic solution needs to work in unsigned zones. > > > > ... > > can someone ask the IAB to rule on whether any new internet technology > standard should address unsigned DNS zones, or for that matter, IPv4 > networks? > I have to agree with Joe here. I have no problem with the IAB/IETF requiring that new DNS enhancements need to be compatible with and work with DNSSEC - and I support that requirement. But if they don't also work with unsigned zones, then they will face a critical deployment obstacle in today's Internet environment, where DNSSEC is still largely undeployed. So I think for each new enhancement proposal, we need to evaluate this obstacle, and determine if it's worth doing the work. In particular, for the various type specific alias proposals that are the topic of this thread, the target audience is extensively deployed sites on the Internet. And if you survey all the sites that use apex CNAME hacks today, I suspect that you will find a very small minority of them have deployed DNSSEC. And so, if the proposed solution requires DNSSEC, it is not really solving the problem in the field. Maybe it will a decade down the road (if DNSSEC gets wide update by then, which is by no means certain), but I assume we want to solve the problem on a somewhat smaller time frame. Shumon.
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] faux BNAME, was abandoning ANAME and … John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Jan Včelák
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Ebersman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… David Conrad
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ondřej Surý
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Wouters
- Re: [DNSOP] abandoning ANAME and standardizing CN… Matthew Pounsett
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Colm MacCárthaigh
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Anthony Eden
- Re: [DNSOP] abandoning ANAME and standardizing CN… Erik Nygren
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Jared Mauch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Wouters
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Lanlan Pan
- Re: [DNSOP] abandoning ANAME and standardizing CN… tjw ietf
- Re: [DNSOP] abandoning ANAME and standardizing CN… Colm MacCárthaigh
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- [DNSOP] abandoning ANAME and standardizing CNAME … Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Viktor Dukhovni
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Shumon Huque
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Viktor Dukhovni
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… 神明達哉
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Shumon Huque
- Re: [DNSOP] abandoning ANAME and standardizing CN… Warren Kumari
- Re: [DNSOP] abandoning ANAME and standardizing CN… John R Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Lanlan Pan
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… John R Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Warren Kumari
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- Re: [DNSOP] Creating a query/record for A and AAAA Michael Sheldon
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- [DNSOP] Creating a query/record for A and AAAA Michael Sheldon
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Wouters
- Re: [DNSOP] Creating a query/record for A and AAAA Mark Andrews
- Re: [DNSOP] Creating a query/record for A and AAAA Tony Finch
- Re: [DNSOP] Creating a query/record for A and AAAA Ondřej Surý
- Re: [DNSOP] Creating a query/record for A and AAAA Jared Mauch
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Wouters
- Re: [DNSOP] Creating a query/record for A and AAAA Ray Bellis
- Re: [DNSOP] Creating a query/record for A and AAAA Ray Bellis
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tim Wicinski
- Re: [DNSOP] abandoning ANAME and standardizing CN… Brian Dickson
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Hoffman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Matthijs Mekking
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Dan York
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… JW
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman