Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

Paul Vixie <paul@redbarn.org> Fri, 02 February 2018 01:40 UTC

Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A334512EAEB for <dnsop@ietfa.amsl.com>; Thu, 1 Feb 2018 17:40:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSpD0dPOciQV for <dnsop@ietfa.amsl.com>; Thu, 1 Feb 2018 17:40:12 -0800 (PST)
Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0982212EAC5 for <dnsop@ietf.org>; Thu, 1 Feb 2018 17:40:12 -0800 (PST)
Received: from [IPv6:2001:559:8000:c9:694c:5ab8:f09f:e87e] (unknown [IPv6:2001:559:8000:c9:694c:5ab8:f09f:e87e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id D442B7594C; Fri, 2 Feb 2018 01:40:11 +0000 (UTC)
Message-ID: <5A73C17B.4070808@redbarn.org>
Date: Thu, 01 Feb 2018 17:40:11 -0800
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 5.0.22 (Windows/20171208)
MIME-Version: 1.0
To: Ted Lemon <mellon@fugue.com>
CC: Andrew Sullivan <ajs@anvilwalrusden.com>, dnsop@ietf.org
References: <5A6F5CF1.4080706@redbarn.org> <CA+nkc8D7tne5SxGOUhvJqstmDa=1=RmvcHQte1byAab5dUd5sQ@mail.gmail.com> <AE634FC4-0EAF-4F54-8860-61E41284F873@fugue.com> <20180130185919.GJ19193@mx4.yitter.info> <3b57a486-df8e-ca57-ab89-c167cea0dcc9@bellis.me.uk> <20180131161507.GP3322@mournblade.imrryr.org> <20180201172644.GD26453@mx4.yitter.info> <1D7693F7-000C-451A-8F7A-45B94366240F@fugue.com> <20180201204833.GA27125@mx4.yitter.info> <777C7B4A-A8D6-4E14-9DBF-360B6BDF4A95@fugue.com> <20180201214101.GA27672@mx4.yitter.info> <F9120EAD-486F-414C-9797-CA5CA05B42A6@fugue.com>
In-Reply-To: <F9120EAD-486F-414C-9797-CA5CA05B42A6@fugue.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/792gCZB2w_61_PCCPlpQa8gLP70>
Subject: Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Feb 2018 01:40:14 -0000


Ted Lemon wrote:
> On Feb 1, 2018, at 3:41 PM, Andrew Sullivan <ajs@anvilwalrusden.com
> <mailto:ajs@anvilwalrusden.com>> wrote:
>> I think that this is an example of attempting to
>> do so: to make a name that already appears today in the DNS
>> (localhost) go away.
>
> Okay, but this simply isn't true. I think you actually responded to the
> dig traces I sent earlier. The root servers securely deny the existence
> of localhost. Existing practice is that localhost does not appear in the
> DNS. The fact that the RFCs currently differ from existing practice is a
> problem that the current document is trying to solve.

the root zone has never supported this.

whereas, every rdns server i've operated since 1987 has supported this.

so you may be arguing past each other as to whether localhost does or 
does not "appear in the dns".

since we're talking about dig, here's mine. i do localhost with RPZ now.

> ; <<>> DiG 9.9.5-3ubuntu0.17-Ubuntu <<>> localhost
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58186
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;localhost.                     IN      A
>
> ;; ANSWER SECTION:
> localhost.              5       IN      A       127.0.0.1
>
> ;; AUTHORITY SECTION:
> dns-policy.vix.com.     30      IN      NS      localhost.
>
> ;; Query time: 47 msec
> ;; SERVER: 24.104.150.212#53(24.104.150.212)
> ;; WHEN: Thu Feb 01 17:35:27 STD 2018
> ;; MSG SIZE  rcvd: 86

i think if you want to stop people from asking the localhost question in 
dns, you can recommend that operating system libraries work that way, 
and there will probably be uptake.

but if you want to stop people from answering it, that's an on-wire 
change from "isn't causing complaints" to "unknown", which isn't strong 
motivation, and in any case, is not enforceable.

i have not seen an explaination of why you're fixing what you think is a 
bug in gethostbyname() by asking for changes to online dns configs.

-- 
P Vixie