Re: [DNSOP] Fwd: New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt

P Vix <> Fri, 23 March 2018 19:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 66710124B18 for <>; Fri, 23 Mar 2018 12:24:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8jC9QbwLT6ZP for <>; Fri, 23 Mar 2018 12:24:20 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E130F1200C1 for <>; Fri, 23 Mar 2018 12:24:20 -0700 (PDT)
Received: from [IPv6:2600:1003:b120:6231:3ed9:a7a1:de12:11ad] (unknown [IPv6:2600:1003:b120:6231:3ed9:a7a1:de12:11ad]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id 732E37594C; Fri, 23 Mar 2018 19:24:20 +0000 (UTC)
Date: Fri, 23 Mar 2018 19:24:16 +0000
User-Agent: K-9 Mail for Android
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----FELH0FLJ5DX0CL95P0G7GH1TI8T0KQ"
Content-Transfer-Encoding: 7bit
To: =?UTF-8?Q?Ond=C5=99ej_Sur=C3=BD?= <>
CC: Bob Harold <>,dnsop <>
From: P Vix <>
Message-ID: <>
Archived-At: <>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 23 Mar 2018 19:24:22 -0000

Did you hear the part about doing it the way we did when deprecation iquery? There's a discovery and decision process that involves the broader community.

Technical merit was provided. Sad that I can't think of a way to do it more clearly.

On March 23, 2018 7:18:25 PM UTC, "Ondřej Surý" <> wrote:
>The configurations change all the time, I am sorry, but your argument
>doesn’t have a technical merit.
>We really do need to start removing obsolete stuff from DNS, and I
>believe this is a good start.
>Ondřej Surý — ISC
>> On 23 Mar 2018, at 18:39, Paul Vixie <> wrote:
>> Ondřej Surý wrote:
>>> What’s so wrong of using TYPExxx for these if you absolutely need
>>> them to run the ancient technology while at the same time running
>>> latest version of BIND (or your favorite DNS server)?
>> because i am loathe to break existing working configurations. when
>isc changed the value of allow-query to be LAN only, it took years to
>do as safely as we knew how, and even so there was some breakage.
>>> Your argument feels like strawman to me. And I am not the one
>>> on a pile of passive DNS data, so I can’t pull the numbers...
>> we don't see a lot of intranet data, so that would not be
>dispositive. however, i urge you to reconsider your strawman-ish
>feelings. we are forever rebuilding the airplane in flight. the long
>tail matters.
>>> We are not taking the ability to put random TYPEnnn records into the
>>> zone, we are just saying the tools just won’t understand them
>>> anymore. Again nothing is going to break on the day one.
>> as long as people know what they're doing and are willing to convert
>their zones using tools unspecified, that's true. but you are chewing
>on the narrowest part of bert's camel here, at some risk, little gain.
>> -- 
>> P Vixie

Sent from my Android device with K-9 Mail. Please excuse my brevity.