Re: [DNSOP] dnames, was My "toxic" remark at the mic today

"Joe Abley" <> Fri, 06 November 2015 14:44 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 2E1201A90CF for <>; Fri, 6 Nov 2015 06:44:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wmSP7lLGO7aO for <>; Fri, 6 Nov 2015 06:44:09 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400c:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9058D1A914D for <>; Fri, 6 Nov 2015 06:44:09 -0800 (PST)
Received: by vkfw189 with SMTP id w189so15380913vkf.2 for <>; Fri, 06 Nov 2015 06:44:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-type:content-transfer-encoding; bh=SBmeMgW2xQZfqI05XF/bJbXXi3yc3W8LI9+KAIjWJQc=; b=Li9Hg7sNfvhQinsGUMiux0UDule+xwZl7OaZUcLwSPI+4jQX1mztzxmKsI8VHvoehb EE2LBO6AvQ21CwFK692sx6UXMvHsoEn32h37zK5lF5VsY8NUI+4EPKzNacmuBvswZcxC r7dox1wbQd9eufY/ogFA58thvd8VNZcgvWZGc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-type:content-transfer-encoding; bh=SBmeMgW2xQZfqI05XF/bJbXXi3yc3W8LI9+KAIjWJQc=; b=gsLBcHHrbQaZ2FLeQ36JmD/zerHeDfsTgnswyy0cv/JfBHs083LHMK49DioAFGFvp5 5QnfWEoLS9dGGa5ciaSRevJIXKIS+8ZF8jSdjtALXMyhM1QC2u1l05p9PoBTfY1/ziTq 67Fdub2ireSEfO7MnfqA/dxQ58qnipWtw38GVfiFxR7PO3uQov8ngEt1lFlgCZ/RvcWC F8PVQDFuuw7Wvq28ciNsP5fPvS9Ja3YneqJcCf578+NAXK2K0xrhW7z4DRalp6lIj34F 8wCgC7AO1baRvTtP3FfUhy28LgPh8RsFVBGcstjORp+SgrpIOo9kFz4E/HxtCKj+rP1D Ei9g==
X-Gm-Message-State: ALoCoQnaFXZ22zc4Fbzc5WCt57ZNox42OzzetuB+bAnvwh9WfLVpqYhatgwK/jlrKWmXD/IzqV8h
X-Received: by with SMTP id 13mr13437711vkj.128.1446821048605; Fri, 06 Nov 2015 06:44:08 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id 133sm368036vkf.9.2015. (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 06 Nov 2015 06:44:07 -0800 (PST)
From: Joe Abley <>
To: John R Levine <>
Date: Fri, 06 Nov 2015 09:44:06 -0500
Message-ID: <>
In-Reply-To: <alpine.OSX.2.11.1511061607350.79472@ary.local>
References: <20151105105009.53009.qmail@ary.lan> <> <alpine.OSX.2.11.1511061607350.79472@ary.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (1.9.2r5141)
Archived-At: <>
Subject: Re: [DNSOP] dnames, was My "toxic" remark at the mic today
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Nov 2015 14:44:11 -0000

On 6 Nov 2015, at 2:17, John R Levine wrote:

>>> I'm not sure how toxic it is, but I agree that we are unlikely to 
>>> have
>>> anything useful to say on the topic.
>> Speaking personally, I do not see DNAME toxic, but the question has 
>> almost always been:
> To clarify, it's us offering advice on what goes into the root zone 
> that's toxic, not dname specifically.

I get the distinction.

To the tangential point of whether it's reasonable or practical to have 
DNAME in the root zone (side-stepping the issue you were talking about, 
about who should have opinions about that and who should make decisions) 
there was some work commissioned by ICANN a number of years ago and 
carried out by João Damas to evaluate the behaviour of many different 
code bases to a root zone that contained DNAME. The context of that work 
was the potential solution to use DNAME in the root zone to provision 
variant IDN TLDs (see ICANN board resolution 10 adopted on 12 March 
2010), but the report was arguably general enough to be instructive in 
this different context.

Additionally, there was an experiment carried out to quantify the 
availability of DNAME support in the real world for AS112 by George 
Michaelson and Geoff Huston. The results are documented in an appendix 
of RFC 7535.