Re: [DNSOP] My "toxic" remark at the mic today

"John Levine" <> Thu, 05 November 2015 10:50 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 2343A1ACDA0 for <>; Thu, 5 Nov 2015 02:50:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.862
X-Spam-Status: No, score=0.862 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id NROdR-V3henH for <>; Thu, 5 Nov 2015 02:50:40 -0800 (PST)
Received: from ( [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7B3F41ACDA7 for <>; Thu, 5 Nov 2015 02:50:35 -0800 (PST)
Received: (qmail 5153 invoked from network); 5 Nov 2015 10:50:31 -0000
Received: from unknown ( by with QMQP; 5 Nov 2015 10:50:31 -0000
Date: Thu, 05 Nov 2015 10:50:09 -0000
Message-ID: <20151105105009.53009.qmail@ary.lan>
From: John Levine <>
In-Reply-To: <>
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <>
Subject: Re: [DNSOP] My "toxic" remark at the mic today
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 05 Nov 2015 10:50:41 -0000

>Is there a document that says not to put such a record into the root,
>however?  If not, why should DNSOP say anything about this?  It seems
>like a job for SSAC to me.

IANA has a variety of policies which appear to me to say that the only
things that they will put into the root are NS, DS, and glue.

On the other hand, there's at least one delegated TLD that has a DNAME
at the apex.  It's been around for several years, it seems to work OK.
I don't see a lot of operational difference between that and putting
the DNAME directly into the root zone.  Management differences, sure,
but not operational.  I realize this is not the same use case as using
DNAMEs to shed queries for special names, but it's a DNAME and its at
the top level.

I'm not sure how toxic it is, but I agree that we are unlikely to have
anything useful to say on the topic.