IETF Logo Mail Archive

[DNSOP] Re: [Ext] Re: what problem are we trying to solve, was Call for Adoption: draft-davies-internal-tld

John R Levine <johnl@taugh.com> Tue, 17 June 2025 21:09 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id DFA0A362D81E for <dnsop@mail2.ietf.org>; Tue, 17 Jun 2025 14:09:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.401
X-Spam-Level:
X-Spam-Status: No, score=-4.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="zE37rdHb"; dkim=pass (2048-bit key) header.d=taugh.com header.b="XbUygjHx"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vWvcTt14BCZs for <dnsop@mail2.ietf.org>; Tue, 17 Jun 2025 14:09:00 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 31029362D80C for <dnsop@ietf.org>; Tue, 17 Jun 2025 14:09:00 -0700 (PDT)
Received: (qmail 58018 invoked from network); 17 Jun 2025 21:08:59 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:content-transfer-encoding; s=e2a06851d96b.k2506; t=1750194529; x=1750540129; bh=ijgN7fJTREsGchIMe69CpWBflI35GrtjoAS5kCHcjew=; b=zE37rdHb9UqgIElirJM6Nn/kpdTJpdzy8+aEpwhDbf0j0yiddQhr9YvzFiKE3H6e/bMOUGxfcety+6h3jf0Mv6cvAJQjObcjknVaYW2wShP4eVP8vc6p59Hiqcr5G1ZEv6TDv0rSpFc9vNr70Jb/NDq3o3Jccmypx9BXcAaA3lmhmH6drfDSrwx2lOLYhEeiYQc3w0e85T+YmD8yP4m7l3R1qlGyjJ9WiOOfvuA4WWlW2Y3kSHNNYjCn17feWAGPa+wJhrdE6yEk8TCX1ZZMc81z35DEabXSOubCY0PpUNzLhPpDv45pTNSiIj+z55eUrjpvOJmJ1Xgywu4bOrAZbA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:content-transfer-encoding; s=e2a06851d96b.k2506; bh=ijgN7fJTREsGchIMe69CpWBflI35GrtjoAS5kCHcjew=; b=XbUygjHxihH0gMvs0E5CNlWPSrSkK1hepgLv2MfU+PKZQw1WRyyCrVP1oArPbJ1vqXOTaEnCrKqRhNVBAPf5ESPzCz4qLUg4+NBPptBrFREobyG+F0YPlx8rFANJ6WfqSBuxeesgn9dmoV1fzKua7RXu9ASQsZohXYbsWlYR2jcXJUuK5OII9hFfWWZu8UN6UE2eXvx5SWGyN2VRW3LXQ2IvQ8NwpZpCUcAsC6BGKWOM8qjh/Amz8xzbyGRHnj1tgKxschLtvOCk6Cg9blmCYqv81eb65QcvTYE5VaocWZ4ctqNFv4RyBCrtup/WNF7jkmhIcfZzPlJ/O/ONvlGxkQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126:0:78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126:0:78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 17 Jun 2025 21:08:59 -0000
Received: by ary.qy (Postfix, from userid 501) id 7262CCE9D71A; Tue, 17 Jun 2025 17:08:58 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 2145DCE9D6FC; Tue, 17 Jun 2025 17:08:58 -0400 (EDT)
Date: Tue, 17 Jun 2025 17:08:58 -0400
Message-ID: <0d090f95-cf5f-3552-84f6-c475d039c229@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Mark Andrews <marka@isc.org>
In-Reply-To: <DF7161E9-F4CE-42AE-A449-A65A8819B410@isc.org>
References: <20250617171743.87B03CE96906@ary.qy> <DF7161E9-F4CE-42AE-A449-A65A8819B410@isc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: 572O32WYM647WNZ4LBALPXLWWTGD4QHW
X-Message-ID-Hash: 572O32WYM647WNZ4LBALPXLWWTGD4QHW
X-MailFrom: johnl@taugh.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnsop@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: [Ext] Re: what problem are we trying to solve, was Call for Adoption: draft-davies-internal-tld
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/82zx0UvkVUVxvkdVPS9S6LfGPs0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

On Wed, 18 Jun 2025, Mark Andrews wrote:
> And if the stubs are validating then the answer for 10.in-addr.arpa DS is a provable NOERROR NODATA response that says there is a delegation at that point in the tree.  That validator does NOT need to be configured to say ‘DO NOT VALIDATE THIS NAMESPACE’.

We're going in circles here.

IF you have a validating stub resolver AND it gets all of its data from 
the local cache AND even so it doesn't believe the cache's AD flag AND you 
have some locally served zones AND none of those zones are a TLD you 
picked yourself before .INTERNAL was reserved AND even though you're 
sophisticated enough to do stub resolution you don't configure local trust 
anchors THEN yes, the opt-outs are helpful.

On the other hand, if you think that's a rather narrow scenario and most 
systems aren't quite like that, not so much.

Like I said, I don't see us coming to agreement any time soon.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.31.3 | Report a Bug | By Email | System Status