Re: [DNSOP] Another look - draft-ietf-dnsop-attrleaf-05.txt
Paul Vixie <paul@redbarn.org> Mon, 26 March 2018 07:08 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96BF112D7E8; Mon, 26 Mar 2018 00:08:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id te-2j07WX8cg; Mon, 26 Mar 2018 00:08:03 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF1D612DA00; Mon, 26 Mar 2018 00:07:58 -0700 (PDT)
Received: from [IPv6:2001:559:8000:c9:4ca8:bd4c:848b:7427] (unknown [IPv6:2001:559:8000:c9:4ca8:bd4c:848b:7427]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 36C457594C; Mon, 26 Mar 2018 07:07:58 +0000 (UTC)
Message-ID: <5AB89C4C.7090300@redbarn.org>
Date: Mon, 26 Mar 2018 00:07:56 -0700
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 5.0.24 (Windows/20180302)
MIME-Version: 1.0
To: John C Klensin <john-ietf@jck.com>
CC: "John R. Levine" <johnl@iecc.com>, Dave Crocker <dcrocker@bbiw.net>, art@ietf.org, dnsop@ietf.org
References: <f7b85bac-b050-5003-2df0-a48b1ef2f929@dcrocker.net> <e1f41670-ada8-eaac-468c-c712b338a10b@dcrocker.net> <alpine.OSX.2.21.1803201804440.8940@dhcp-8344.meeting.ietf.org> <A7711F58-5145-49E8-9158-B2F94D0EABBF@redbarn.org> <7c168dc1-2ea7-d47e-78b7-0380e5d0aa84@dcrocker.net> <alpine.OSX.2.21.1803211104210.9553@ary.local> <5244d327-f8ea-1590-c663-1d92e0b194c4@dcrocker.net> <5F44FA5B42805C52479DE491@PSB> <alpine.OSX.2.21.1803211507380.9666@dhcp-935d.meeting.ietf.org> <1DF1564CC2B88726B2B54CF4@PSB>
In-Reply-To: <1DF1564CC2B88726B2B54CF4@PSB>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/CXhIVEcVelj_C2flaELkNXA2n3c>
Subject: Re: [DNSOP] Another look - draft-ietf-dnsop-attrleaf-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2018 07:08:05 -0000
John C Klensin wrote: > ... > > Two additional, possibly more important, thoughts after reading > -05 more closely... > > (1) The introductory material in the I-D seems to imply that use > of labels styled with "_" is a reasonable alternative to > creating a new label type. ... i think you mean "RRTYPE" as used below, and not "label type". we flirted with extended label types in the original EDNS0, but found them to require end-to-end scale (forklift) DNS protocol evolution which is impossible, rather than hop-by-hop scale (incremental) evolution which is all we've got left given the installed base. > ... My impression has been that, while there is nothing we can > change about what is done and deployed, there has been community > consensus that it is a bad idea and that changes have been made to > the procedures for defining and registering new RRTYPEs to reinforce > the principle that new RRTYPEs should be used and to make their use > easier. "Significantly challenging over the life of the DNS" is > undoubtedly correct, but that should not be, and presumably is not, > the situation today or in recent years. I believe this document > should not be advanced until that material is changed to be clear > that use of underscore or similar conventions may be a reality but is > not a desirable substitute for separate RRTYPEs (with or without that > convention as appropriate). while i am sympathetic to this point of view, and even share it, i know that developers of new apps learned from the SPF RR example "never again" and that they can and have and will continue to create new apps based on TXT with or without the IETF's blessing. so i'm expecting your call for the stated clarification to not reach consensus in this WG. > (2) I'd encourage people to think through another possibility. I'm > not sure it is the right answer, but it is worth more consideration > than this draft (at least at -05) appears to be giving it. The issues > associated with QTYPE=ANY notwithstanding, it is not clear to me that > the set of labels starting with "_" constitute a namespace, any more > than the set of labels starting with "xn--" do. It is just a naming > convention that identifies the labels as keywords with defined > meaning. From that point of view, namespaces are actually per-RRTYPE > and the right way to design this document would be as a registry of > "_"-introduced keywords, with subregistries for each RRTYPE with > which those keywords can be used. Given the way the DNS works, at > least as I understand it, there is no DNS protocol conflict between > _foo IN XYZ Data1 > and > _foo IN ABC Data2 > > Using the same keyword in both cases may be a bad idea but the zone > files don't care and, given that queries are typically made for QNAME > and QTYPE (etc.) and not the name alone (i.e., with QTYPE=ANY) except > for other purposes, I see some advantages of [sub]registry-per-RRTYPE > rather than pretending that every label starting with "_" is the same > namespace. Of course, one of them is that there is no need to treat > SRV as a special, legacy, case or even debate that. The coverage of > the current document would be simply a subregistry for SRV > (reorganized from the current registry, but that is simply an IANA > organizational matter, not a change to what is registered, protocols, > etc., plus a subregistry for RRTYPE=TXT and provisions for other > subregistries as might be needed in the future. > > Organizing things that way would have at least one additional > advantage: while FCFS may be appropriate for some RRTYPEs, other > procedures may be appropriate for others. In a way, SRV is a good > example of that distinction. > > Again, that might not be the right thing to do on balance, but I > think it should be examined carefully as an alternative to trying to > treat "everything starting with '_' as long as it occupies a > particular place in the tree" as a namespace. i have reproduced your entire second suggestion here, because i think it's solid. rrset atomicity means you're right, and that underbar'ed labels need only be unique within an RRTYPE, and any registry of such labels can and therefore should be per-RRTYPE. good catch. -- P Vixie
- [DNSOP] Fwd: New Version Notification for draft-i… Dave Crocker
- Re: [DNSOP] Fwd: New Version Notification for dra… tjw ietf
- Re: [DNSOP] Fwd: New Version Notification for dra… Dave Crocker
- Re: [DNSOP] Fwd: New Version Notification for dra… John R. Levine
- Re: [DNSOP] Fwd: New Version Notification for dra… Dave Crocker
- Re: [DNSOP] New Version Notification for draft-ie… John R. Levine
- Re: [DNSOP] New Version Notification for draft-ie… P Vix
- Re: [DNSOP] New Version Notification for draft-ie… Dave Crocker
- Re: [DNSOP] New Version Notification for draft-ie… John R. Levine
- Re: [DNSOP] [art] New Version Notification for dr… Dave Crocker
- Re: [DNSOP] [art] New Version Notification for dr… John C Klensin
- Re: [DNSOP] [art] New Version Notification for dr… Paul Vixie
- Re: [DNSOP] [art] New Version Notification for dr… Paul Vixie
- Re: [DNSOP] [art] redefining SRV, New Version Not… John R. Levine
- Re: [DNSOP] [art] redefining SRV, New Version Not… John R. Levine
- Re: [DNSOP] [art] New Version Notification for dr… Dave Crocker
- Re: [DNSOP] [art] New Version Notification for dr… John R. Levine
- Re: [DNSOP] [art] New Version Notification for dr… Dave Crocker
- Re: [DNSOP] [art] New Version Notification for dr… Alexey Melnikov
- Re: [DNSOP] [art] New Version Notification for dr… Dave Crocker
- Re: [DNSOP] [art] redefining SRV, New Version Not… Ray Bellis
- [DNSOP] Attrleaf _second-Level modifications (was… Dave Crocker
- Re: [DNSOP] Attrleaf _second-Level modifications Ray Bellis
- Re: [DNSOP] [art] New Version Notification for dr… John Levine
- Re: [DNSOP] [art] New Version Notification for dr… Andrew Sullivan
- Re: [DNSOP] [art] New Version Notification for dr… Dave Crocker
- Re: [DNSOP] [art] New Version Notification for dr… John R Levine
- Re: [DNSOP] [art] Attrleaf _second-Level modifica… John Levine
- [DNSOP] Another look - draft-ietf-dnsop-attrleaf-… John C Klensin
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Paul Vixie
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… John C Klensin
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Paul Vixie
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… John C Klensin
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… John R. Levine
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… John C Klensin
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Martin Hoffmann
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Dave Crocker
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Martin Hoffmann
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… John C Klensin
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Dave Crocker
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Kurt Andersen (b)
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… John R. Levine
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… John C Klensin
- [DNSOP] _openpgpkey & _smimecert (was: Re: [art] … Dave Crocker
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Paul Vixie
- [DNSOP] namespace and substring reservations (was… Dave Crocker
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Ray Bellis
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Dave Crocker
- [DNSOP] Additional uses of underscore labels (was… Martin Hoffmann
- Re: [DNSOP] Additional uses of underscore labels Dave Crocker
- [DNSOP] End-to-end _underscore arguments (was: Re… Dave Crocker
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Warren Kumari
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Dave Crocker
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Warren Kumari
- Re: [DNSOP] Another look - draft-ietf-dnsop-attrl… Paul Vixie
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… John C Klensin
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Adam Roach
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Dave Crocker
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… John R. Levine
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… Paul Vixie
- Re: [DNSOP] [art] Another look - draft-ietf-dnsop… John R. Levine