Re: [DNSOP] Interim DNSOP WG meeting on Special Use Names: some reading material

"John R Levine" <johnl@taugh.com> Sat, 09 May 2015 01:55 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DF831A8886 for <dnsop@ietfa.amsl.com>; Fri, 8 May 2015 18:55:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.564
X-Spam-Level: *
X-Spam-Status: No, score=1.564 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, LOTS_OF_MONEY=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hERbKC8IxR6I for <dnsop@ietfa.amsl.com>; Fri, 8 May 2015 18:55:00 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8ACC1A8883 for <dnsop@ietf.org>; Fri, 8 May 2015 18:54:59 -0700 (PDT)
Received: (qmail 51958 invoked from network); 9 May 2015 01:55:01 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=caf5.554d68f5.k1505; bh=LpS+efDLiyghR8lB5nnhqoUOiBfATvXQ6g9s5gF8vYo=; b=N8sCJClMRRp827lt900VoH4y65OOgye3jkbtm7+hhXCo9CfEgBVKbu9UXEtV1n6F4wdYzAULEW0PEhoH9WdoGDwYx+bt9qwXVNRZPeL071YYnKbv0VF4V9c91X6qizOoXV7J/5g2Klz0Yk2vrWwMt/oi1zTapheXD2OrpiuMVjoN7BDO6u4LMpCbrd0AdGy5tiDE4EUDNNB60R9dfVkpfbIJ1IPyhIItvpbNFf58QdplTiIK0+YAiQvX6dEXnFwH
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=caf5.554d68f5.k1505; bh=LpS+efDLiyghR8lB5nnhqoUOiBfATvXQ6g9s5gF8vYo=; b=KgELAQItXpDNDft1YCZeTe7Wvvsb1uYm/c3ceQ1EIEREhL+kao+/RRXxXNf9W+xxYqbyVjhSHDsu5ExT6ngauk8Da5T/bHoYeYgDm6974HnFkrSNMxb4msGL8d8K+waMKVH0x3a06VfpeXT4TNCRRrwoTRk7tiji8sVeh3ZZQzCQvjaj0Flx3ksWuZatMkR/Lk/nQTP9nbBnRQc9/ZoModu40bEDUhQYF9eggbfeDKv9buerzqLSkTBn2Q5UoIAh
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 09 May 2015 01:55:01 -0000
Date: Fri, 08 May 2015 21:54:57 -0400
Message-ID: <alpine.OSX.2.11.1505082118060.31363@ary.lan>
From: John R Levine <johnl@taugh.com>
To: Suzanne Woolf <suzworldwide@gmail.com>
In-Reply-To: <FF464258-0C33-45CC-A684-BAB7BCE8A8FB@gmail.com>
References: <20150508193400.55273.qmail@ary.lan> <FF464258-0C33-45CC-A684-BAB7BCE8A8FB@gmail.com>
User-Agent: Alpine 2.11 (OSX 23 2013-08-11)
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="0-447087186-1431136497=:31363"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/BPRlg0KD8cdPs1mVSLAMVEno97U>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Interim DNSOP WG meeting on Special Use Names: some reading material
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 May 2015 01:55:01 -0000

> Is there any concern for the IETF in a policy that says “If you start 
> using an arbitrary name that isn’t currently in the root zone, you can 
> just get the IETF to protect it for you”?

It's a reasonable question, but I think a reasonable answer in some 
circimstances is "yes".

Let's say we found that there's some online thing we never heard of 
before, but it turns out that 100,000,000 people in India and China use 
it, it uses private names in .SECRET, and people looking at DNS logs 
confirm that they're seeing leakage of .SECRET names.  Beyond rolling our 
eyes and saying we wish they hadn't done that, what else should we do? 
Why shouldn't we reserve it?  The number of possible TLDs is effectively 
unlimited, striking one more off the list that might be sold in the future 
doesn't matter.  This is engineering, not ideally what we might have done 
with a blank slate, but the best we can do under the circumstances.

> Furthermore, given that ICANN has already said they won’t delegate these 
> names in particular, how is it helpful for the IETF to also add them to 
> the Special Use Names registry?

I believe that they're currently blocked in the current new gTLD round, 
but not necessarily beyond that.  I don't see any evidence that the six 
applicants who paid $185,000 to apply for .CORP or the ten remaining 
applicants for .HOME or the five remaining applicants for .MAIL have given 
up.  They certainly haven't gotten their money back.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.