Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex

Colm MacCárthaigh <colm@allcosts.net> Mon, 25 June 2018 15:46 UTC

Return-Path: <colm@allcosts.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74E6B130E05 for <dnsop@ietfa.amsl.com>; Mon, 25 Jun 2018 08:46:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=allcosts-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Rm3H4wQ65NZ for <dnsop@ietfa.amsl.com>; Mon, 25 Jun 2018 08:46:07 -0700 (PDT)
Received: from mail-yw0-x241.google.com (mail-yw0-x241.google.com [IPv6:2607:f8b0:4002:c05::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE4D0130DCE for <dnsop@ietf.org>; Mon, 25 Jun 2018 08:46:07 -0700 (PDT)
Received: by mail-yw0-x241.google.com with SMTP id 81-v6so4915726ywb.6 for <dnsop@ietf.org>; Mon, 25 Jun 2018 08:46:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=allcosts-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=C4ZqwLqKxNDg0xyBmExJ0IjY8SAnInoQwxukIkFuFtM=; b=2CwOcCU6hUVl3aW1Bfv7adbT01wHJqACoqAkY8erBPVLh+r2TKtFMCj0raMHm1cbpl EymebR7rIWQiP8D2bbB8wpwGpAfpd73+AH/eeFYm43CJUP8LuiZgAUQXNT96P2P3FmLu JJ8wlFXbbi3RFhkM72Mmg34OG4SRpuNkiS7z4wK5ENsL8PYvq55FJGGKpZ50W1x482dy anceJRQF3ajcmOA4iGnWbXUZ7BSqwMYbSlc9+TzjDvAEjmKSohTU3bkAkAGemhQll5xE fDrdJShROvZT5gQCP6DvZ1k3V1cgXM4ai11bkFpZ+ch/5x4+Sol8RD5bkIzwjuUIVAKo W02g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=C4ZqwLqKxNDg0xyBmExJ0IjY8SAnInoQwxukIkFuFtM=; b=XycDWOiOJI/TlvoOv1o4PnolxCtJU6a/YR6jTWmvTFCw6215SikmZKplbvXndnuG7K VA7eQxiQZeBnJwMrGCIeYknFuCj9VVA74AuxPlJFw5voinuXxzgjbuUifYIYCihjGfgm F3ZEZ5JpadjuYM9a2lfBOmPi8MusvM6vPDisKbEktKgzhK1UV00ZHaOrpGJSju5GeIx4 QecAyF2dba1YX8ErOMHub5Xjg1iwexuUWG73JnrheKCZ2G6Qia6veKlO9+AfxxFXKVvP e/RqJrlJ+flVJDl7DwHSXoTGrEooqXoE8pMFl0vKAlyw3V19vC6lwYJkqZBLPMWd+8wu VxoQ==
X-Gm-Message-State: APt69E3hRpYY8Q1KrztvSW4EeZiq7zt4weqjfZ2D0z8V3CmpNEHYfSJF xW423DgO6xcbNLf6GfCfJlbhAnAoAJMJAntZ4YE8PA==
X-Google-Smtp-Source: ADUXVKL9K6eYz1avHDGJ24Vci3it15MrTrdAQltcwMmvYHylBwE1DyuISAKyjKU4dFJuW3em81yzP37aRIWkPko/k70=
X-Received: by 2002:a81:2c56:: with SMTP id s83-v6mr5957350yws.387.1529941566669; Mon, 25 Jun 2018 08:46:06 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a81:241:0:0:0:0:0 with HTTP; Mon, 25 Jun 2018 08:46:05 -0700 (PDT)
In-Reply-To: <0d05c529-9d6c-e4fe-3b19-09d6f20bdbde@bellis.me.uk>
References: <CAJhMdTO2kj+nUqESg3ew=wwZuB9OzkJE6pST=mae7pHiEk4-Qw@mail.gmail.com> <20180619190213.B76962846E19@ary.qy> <20180622182752.GA83312@isc.org> <af9b422a-90a0-b204-70d6-12566d7b65dc@bellis.me.uk> <alpine.DEB.2.11.1806251459510.916@grey.csi.cam.ac.uk> <alpine.LRH.2.21.1806251104490.18905@bofh.nohats.ca> <0d05c529-9d6c-e4fe-3b19-09d6f20bdbde@bellis.me.uk>
From: =?UTF-8?Q?Colm_MacC=C3=A1rthaigh?= <colm@allcosts.net>
Date: Mon, 25 Jun 2018 08:46:05 -0700
Message-ID: <CAAF6GDcQoXKK-FBH5qGzED=rKNK0uTBTEfuMJPZT6LOJ_49Yyw@mail.gmail.com>
To: Ray Bellis <ray@bellis.me.uk>
Cc: Paul Wouters <paul@nohats.ca>, IETF DNSOP WG <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009be04e056f7947a6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/6jJ8kpVErlvfrNrkpLwzohiCMxs>
Subject: Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jun 2018 15:46:10 -0000

On Mon, Jun 25, 2018 at 8:06 AM, Ray Bellis <ray@bellis.me.uk>; wrote:

> On 25/06/2018 16:05, Paul Wouters wrote:
>
> > Then you might as well use that mechanism to update A/AAAA records and
> > skip the intermediate ANAME?
>
> +1
>
> Apex records are a provisioning problem, not a protocol one.
>

When we implemented ALIAS for Route 53 we looked at a model like that,
where it would be more like an instruction to merely import certain DNS
entries. But we found that didn't quite match CNAME in terms of who pays
for the queries (we charge my the query, which is a common model).

As a Route 53 customer, when you ALIAS to something, you don't pay for
queries to those names, the owner of the hidden target name does.  That's
because the target retains control of the TTL, and we didn't want it that
the target could lower the TTL and increase your bill.

-- 
Colm