IETF Logo Mail Archive

Re: [DNSOP] private-use in-meeting chat comments

Eric Orth <ericorth@google.com> Thu, 19 November 2020 08:06 UTC

Return-Path: <ericorth@google.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74D763A1175 for <dnsop@ietfa.amsl.com>; Thu, 19 Nov 2020 00:06:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S-I-yjzXc5Lp for <dnsop@ietfa.amsl.com>; Thu, 19 Nov 2020 00:06:24 -0800 (PST)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D5433A1172 for <dnsop@ietf.org>; Thu, 19 Nov 2020 00:06:24 -0800 (PST)
Received: by mail-wr1-x431.google.com with SMTP id r17so5475541wrw.1 for <dnsop@ietf.org>; Thu, 19 Nov 2020 00:06:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UXiYgSfIKDyjL7qEX8l6NyZ4mtoISPtqhVfJhQ1yADw=; b=dH/lOJBtYEDBRPPQU0Hr5MpJsUOd55GQvD9J9YTyQo79pplgKjjdeTQmDXUHUaV2Ik px0dODf5dGiziNNLsoSTUgMah90UBpNaLo19np2HKytIxN9fNYtt6G+GGDGhdLHBr3hb Kg9zFqCs5T70pTn/6uJG+o/26PfOPsW5JG07JYJ6nPg18CEzLVgQuFdttgCOmdh0IUEW E795jZVsXPtHg7FzxLOLTsfDgHVFl/lhPW3DHbLoB/GfHQqnNHFKJnJQo+MD9v7qo+4F 33VT3EYafbZ0LLa/0mmnqjrcwgiCksYqGwpSX2OqNtrlFSqlj7Hw5n+XkdAAZpAPJ+m6 sI4g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UXiYgSfIKDyjL7qEX8l6NyZ4mtoISPtqhVfJhQ1yADw=; b=kBlKJwocKlEh3mz1m3FRyzGmo11GF8cim/gFo8N2zoMOE40hhaPPfOHZbzIzL4BwML buNwMP4iHF4ytFhAEiqqCxpTRWEkyHf1ql535Fmq+zSZNmrlquCCGGIeeRBGGiYiPPtQ fSjEDGaHw2F9NhbDjAXPff2TbBM08iMlZH0OoIVuYLaHYK4JdBgouoYkFV+3nSlVH56c sORunGmcyIbBNjr9RjJs3+EDWAMNoJm7BL4MYmoruyAEaY3agSkYNRKDiCbeO5xQMzhC cAwNXyvlgLmPHYkGWs4q1Oc0RnTukyElDR/n9VWcwPX3OxJVF/kgHzudKCW91afL9dtY hXbw==
X-Gm-Message-State: AOAM530xLtMhC45Fspfq8cGR9SvtdtRG/2C+GOgm4k3LiwCaZBrgJwxi eOzojVBnb3t2dMga941Lny2J1tvlEU67hJLfo4Xnow==
X-Google-Smtp-Source: ABdhPJxt9MP9iM64vVFGZsyP6pgMRd8I2QTxMmidomcQpRWppd0fl/6U2XDrkKGBb+tdFUG+pGhLyyPML8AjZVxgFqM=
X-Received: by 2002:a5d:4001:: with SMTP id n1mr8524513wrp.176.1605773182381; Thu, 19 Nov 2020 00:06:22 -0800 (PST)
MIME-Version: 1.0
References: <CAH1iCirk5X9xOFmABQU9X9G92eQrePPuOwgXVHd4zza4kK9SwA@mail.gmail.com> <alpine.DEB.2.20.2011172127200.9850@grey.csi.cam.ac.uk>
In-Reply-To: <alpine.DEB.2.20.2011172127200.9850@grey.csi.cam.ac.uk>
From: Eric Orth <ericorth@google.com>
Date: Thu, 19 Nov 2020 03:06:11 -0500
Message-ID: <CAMOjQcEO=qQhk8y4u7e7oVRfqH_YiaDg9=oZVxD4vkrNR1SKnQ@mail.gmail.com>
To: Tony Finch <dot@dotat.at>
Cc: Brian Dickson <brian.peter.dickson@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000020b70705b471345d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/6xf3J3zxj00_v-vJ8w0wo4Ms-4w>
Subject: Re: [DNSOP] private-use in-meeting chat comments
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2020 08:06:26 -0000

On Tue, Nov 17, 2020 at 4:46 PM Tony Finch <dot@dotat.at> wrote:

> Brian Dickson <brian.peter.dickson@gmail.com> wrote:
>
> > One potential approach is to say (in the RFC) that one of the two-letter
> > reserved codes should avoid name collision by putting a
> collision-resistant
> > second-level label, below .zz and above the private use usage (and use
> that
> > particular two-letter code in that manner exclusively).
>
> This kind of thing, or guidspace.arpa, is not that different in terms of
> usability / ugliness from assigning a unique subdomain under a domain that
> has been registered in the normal way.
>

Confirming that I understand your point: You're discussing the case of some
local-network technology using $guid.guidspace.technology-vendor.com?

3 possible advantages I can think of of standardizing a .arpa subdomain:
1) More universally trustworthy that *.guidspace.arpa names will never be
globally resolvable, which would be unexpected behavior.  If using a
normally registered domain, you have to rely on whoever owns that domain,
and I could see usecases where the domain owner and the tech owner creating
a name are not one and the same.
2) In cases different technology vendors have created some standard relying
on guid-generated unique names (not necessarily an IETF standard), it may
be desirable for the generated names to fall under some neutral third-party
domain (in this case .arpa) rather than everyone involved relying on
somebody maintaining a domain.
3) In more general cases where different parties aren't trying to
interconnect, I don't quite understand why everyone can't just register
domains for their uses.  But one of the reasons we keep discussing
potential solutions for local domains is that many people keep refusing to
register names.  This would be a good alternative to hopefully convince
them to stop squatting unowned names.  (Although from a practical
perspective, I have no illusions that this would actually end the practice
of squatting.)


>
> There's also a privacy leak: if you assign a unique subdomain then when a
> device roams and leaks queries for the private domain, the device can be
> tracked and correlated with other devices that use the same private
> domain.
>

What if, in whatever hypothetical solution is using this, it is reasonable
for devices to always regenerate the names they are using on changing
networks? At least in such hypothetical cases, it seems the privacy danger
would be significantly mitigated, right? (Maybe we're getting too far into
unknown hypotheticals without finding actual usecases or implementors that
want this.)


>
> I have a terrible mental conflict trying to weigh this privacy issue
> against the horrible consequences of encouraging people to squat on
> unassigned domains and use colliding hostnames. The privacy leak probably
> needs to be fixed regardless, and if it is fixed then there would be a bit
> less pressure in favour of unwise squatting.
>
> Tony.
> --
> f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
> Biscay: Southerly 3 to 5, veering westerly 5 or 6 later in northwest.
> Moderate, occasionally rough in northwest. Rain later. Good, occasionally
> moderate.
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>

v2.23.0 | Report a Bug | By Email