IETF Logo Mail Archive

Re: [DNSOP] Public Suffix List

Florian Weimer <fw@deneb.enyo.de> Tue, 10 June 2008 19:18 UTC

Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@lists.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 36A2C3A6ADD; Tue, 10 Jun 2008 12:18:51 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3AB193A6AD1 for <dnsop@core3.amsl.com>; Tue, 10 Jun 2008 12:18:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.774
X-Spam-Level:
X-Spam-Status: No, score=-2.774 tagged_above=-999 required=5 tests=[AWL=-0.525, BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1YesRyf7AY-3 for <dnsop@core3.amsl.com>; Tue, 10 Jun 2008 12:18:49 -0700 (PDT)
Received: from mail.enyo.de (mail.enyo.de [IPv6:2001:14b0:202:1::a7]) by core3.amsl.com (Postfix) with ESMTP id 436C63A6908 for <dnsop@ietf.org>; Tue, 10 Jun 2008 12:18:48 -0700 (PDT)
Received: from deneb.vpn.enyo.de ([212.9.189.177] helo=deneb.enyo.de) by mail.enyo.de with esmtp id 1K69Mg-0003ZU-07; Tue, 10 Jun 2008 21:18:42 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.69) (envelope-from <fw@deneb.enyo.de>) id 1K69Mf-0006xw-Fd; Tue, 10 Jun 2008 21:18:41 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: Brian Dickson <briand@ca.afilias.info>
References: <484CFF47.1050106@mozilla.org> <484D1533.4060300@spaghetti.zurich.ibm.com> <484D1883.4060002@mozilla.org> <666CCACE-71F0-485D-9C9F-0C3E0C965ADA@virtualized.org> <484D52EC.1090608@mozilla.org> <C5894EBB-D4AA-40AD-8A38-2F4CD8A07D66@virtualized.org> <484D5B88.3090902@mozilla.org> <484D60DC.1090400@ca.afilias.info>
Date: Tue, 10 Jun 2008 21:18:41 +0200
In-Reply-To: <484D60DC.1090400@ca.afilias.info> (Brian Dickson's message of "Mon, 09 Jun 2008 12:57:00 -0400")
Message-ID: <87y75dumi6.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Cc: dnsop@ietf.org, Gervase Markham <gerv@mozilla.org>, David Conrad <drc@virtualized.org>, ietf-http-wg@w3.org
Subject: Re: [DNSOP] Public Suffix List
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org

* Brian Dickson:

> If you want grouping, there is a simple-to-code, reliable, and 
> authoritative way to do so.
>
> Zone cuts (in DNS).

This is an bad idea because introducing a new zone at an existing name
should really, really be transparent to the rest of the world. (Thanks
to configuration options like (root-)delegation-only, this is already
not true to some extent, but there's no reason to repeat past mistakes.)

What's worse, bringing technical and administrative delegation into
agreement requires significant changes, which are unlikely to happen.
You need to take into account that this data is not just needed to make
new services secure on the surface, but also to deal with fairly old
protocol mishaps.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email