IETF Logo Mail Archive

Re: [DNSOP] I-D Action: draft-chapin-additional-reserved-tlds-02.txt

David Conrad <drc@virtualized.org> Wed, 11 March 2015 00:09 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B5AB1A9059 for <dnsop@ietfa.amsl.com>; Tue, 10 Mar 2015 17:09:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sFJNY6ZJGsuc for <dnsop@ietfa.amsl.com>; Tue, 10 Mar 2015 17:09:09 -0700 (PDT)
Received: from mail-qg0-f46.google.com (mail-qg0-f46.google.com [209.85.192.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7CD91A90BA for <dnsop@ietf.org>; Tue, 10 Mar 2015 17:09:06 -0700 (PDT)
Received: by qgdz107 with SMTP id z107so6327747qgd.3 for <dnsop@ietf.org>; Tue, 10 Mar 2015 17:09:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:message-id:references:to; bh=0JRtrvTK7q6w/NXXcLTRW3Bk83nflFB8XoLWVl7wENc=; b=Z1krI8etb6cHx4mLVDkAc92GQrXgC9MZ/XqwTxvhU7/tJJM8k7bV7GmsBGf8fYSojt 6G6QF7t+q77fIVQ1xOFfLKpvPyUe8YmEf7D6M+OrXJj0FVovNu2g08wAjKc9MT9d8VYl /Nc8sQymWMarJrWF9nKRE2sbQopy1l+wn9qfDTPdcq7T5iwDsYQR/SvK/q9tXFmwyNnT +HiOslY4hzs6DsUEm9pxEuh6MF+Yyh1v9RwexnFEsnYouR3oqDGlzRZmhNBoAir5ZQVc LuZUQ+wlY/vOsqSBziJiNQIRS4hhtn8IAj9gqh3nFWaY28y2BwR6KXPJZ1ArDSHowkey nWaw==
X-Gm-Message-State: ALoCoQkfddTwLt02V6f0jt+hgP6V+kwCr+UD76ari6pCvwdIXB7SVbB4OFrctagieF9myz9woM4a
X-Received: by 10.55.52.83 with SMTP id b80mr7690312qka.36.1426032546094; Tue, 10 Mar 2015 17:09:06 -0700 (PDT)
Received: from [172.27.5.133] (75-104-68-191.mobility.exede.net. [75.104.68.191]) by mx.google.com with ESMTPSA id f8sm1469820qkh.23.2015.03.10.17.09.02 for <dnsop@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 10 Mar 2015 17:09:05 -0700 (PDT)
Content-Type: multipart/signed; boundary="Apple-Mail=_68E522D8-1096-4D73-ACB7-F3BDEDBD01E0"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
X-Pgp-Agent: GPGMail 2.5b5
From: David Conrad <drc@virtualized.org>
In-Reply-To: <alpine.LSU.2.00.1503031046080.23307@hermes-1.csi.cam.ac.uk>
Date: Tue, 10 Mar 2015 20:08:54 -0400
Message-Id: <50B802F4-26D3-4250-BEFE-5C5EAF2093A2@virtualized.org>
References: <20150302105857.16985.904.idtracker@ietfa.amsl.com> <54F4E124.3010406@gmail.com> <alpine.LFD.2.10.1503022129000.19140@bofh.nohats.ca> <alpine.LSU.2.00.1503031046080.23307@hermes-1.csi.cam.ac.uk>
To: dnsop <dnsop@ietf.org>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/7x2R9ZNPBOrSs9sXzL8iZU7HlBw>
Subject: Re: [DNSOP] I-D Action: draft-chapin-additional-reserved-tlds-02.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Mar 2015 00:09:11 -0000

Hi,

>> What was the motivation for removing .lan from the list?
>> 
>> I can see where .localdomain and .domain indeed won't cause any
>> problems, but I think .lan is still a pretty common one in use.
> 
> It is a common fake TLD used by home gateways for their internal networks.

Yeah, so I've read this draft and have hesitated to comment as I'm aware there are folks who believe it inappropriate for ICANN staff to comment on anything having to do with top-level domains in the IETF. However, as I continue to believe participation in the IETF is based on the individual, not for whom the individual works, I'm going to throw in my 2 cents on this topic with an explicit "NO HAT" placed firmly on my head.  My apologies if my participation in this discussion raises political hackles.

While I would like to declare the proposed strings as reserved as I think it would be crazy dangerous for them ever to be delegated, I'm concerned about the lack of objective criteria.  The draft states:

  '[SAC045] reports the results of a CAIDA
   measurement study [RSSAC_DNS] which found that "NXDOMAIN responses
   account for more than 25 percent of the total responses from root
   name servers observed in the study, and the top ten such strings
   account for 10 percent of the total query load.'

While true, these values will vary over time, location of collection, and myriad other reasons, probably including phase of moon. If we're going to reserve strings from ever being delegated, I believe we need to come up with some rationale beyond "because they showed up a lot at some root servers at this point in time."  If that is the only criteria, it would be relatively easy to game the stats by hiring a few botnet zombies to pump queries with names you'd like to reserve with spoofed source addresses.

Perhaps some criteria would be a combination of lots of queries over a long period of time at multiple measuring points along with some rationale for those queries to be generated (e.g., I'm told long ago Microsoft recommended the use of .CORP for internal Active Directory configurations, pointers to that documentation would explain why those queries were being generated)?

FWIW.

Regards,
-drc
(Speaking only for myself. Really.)

v2.23.0 | Report a Bug | By Email