Re: [DNSOP] Alternative Special-Use TLD problem statement draft
Philip Homburg <pch-dnsop@u-1.phicoh.com> Fri, 08 April 2016 11:50 UTC
Return-Path: <pch-bBB316E3E@u-1.phicoh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DCA312D14A for <dnsop@ietfa.amsl.com>; Fri, 8 Apr 2016 04:50:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kv2bgA55VFmE for <dnsop@ietfa.amsl.com>; Fri, 8 Apr 2016 04:50:04 -0700 (PDT)
Received: from stereo.hq.phicoh.net (stereo6-he.hq.phicoh.net [IPv6:2001:470:d16a:10:2a0:c9ff:fe9f:17a9]) by ietfa.amsl.com (Postfix) with ESMTP id E352812D0DF for <dnsop@ietf.org>; Fri, 8 Apr 2016 04:50:03 -0700 (PDT)
Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (Smail #91) id m1aoUvK-0000CoC; Fri, 8 Apr 2016 13:50:02 +0200
Message-Id: <m1aoUvK-0000CoC@stereo.hq.phicoh.net>
To: dnsop@ietf.org
From: Philip Homburg <pch-dnsop@u-1.phicoh.com>
Sender: pch-bBB316E3E@u-1.phicoh.com
In-reply-to: Your message of "7 Apr 2016 21:26:51 -0000 ." <20160407212651.54260.qmail@ary.lan>
Date: Fri, 08 Apr 2016 13:50:01 +0200
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/CssWd87MyfPDhS5M1Bin9-LrOAg>
Cc: John Levine <johnl@taugh.com>
Subject: Re: [DNSOP] Alternative Special-Use TLD problem statement draft
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Apr 2016 11:50:09 -0000
In your letter dated 7 Apr 2016 21:26:51 -0000 you wrote: >>Just because TOR asks for .onion doesn't mean it should be given it. > >The TOR project has been distributing software that special cases >the .onion TLD for close to a decade. > >If the IETF said "you're wrong, go away", what exactly do you >think they would do? They would have been in serious trouble. The problem with the special use registry is that it comes from a line of thinking that as long as you properly partition the name space, all is fine. I.e., names have no other properties than that they are either resolved in DNS or not. For the tor project, onion names leaking into DNS is a problem. But is not clear if and when the current RFC will have any operational impact. It is more a would be nice if DNS resolvers would filter onion. There was no real risk that somebody would start using .onion or even that tor users would be affect by such use. There was however a really big issue, CA were going to refuse DV certificates for .onion because officially it did not exist. Read for example, https://www.ietf.org/blog/2015/09/onion/ So the IETF, saying no we don't want this would have had an impact on this. The IETF giving a stamp of approval on either a protocol or a name can have a lot of impact because other (standards) organizations recognize the IETF as the authority on this. Adrien de Croy wrote: "I understand the IETF is supposed to obtain consensus, but I didn't "see anything in http WG on this until after the fact. Special use "names has wide-ranging repercussions. This is in line with the concept that the special use register is only about reserving the name. How this impact users of the name space is essentially not considered. See the rather poor treatment in RFC 7686. To use the words 'protocol police'. Yes, the IETF is the protocol police. That's its role in the internet. We can still refer to our documents as 'requests for comments'. The outside world sees them as the official seal of approval of the Internet's standards organization. And in this sense, the IETF should only say yes to a naming protocol if it makes sense in the overall architecture of internet related software. Explictly considering the rather complex interaction between naming and security in many applications (such as web browsers).
- [DNSOP] Alternative Special-Use TLD problem state… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Philip Homburg
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Philip Homburg
- Re: [DNSOP] Alternative Special-Use TLD problem s… Paul Hoffman
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Tim Wicinski
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Alain Durand
- Re: [DNSOP] Alternative Special-Use TLD problem s… George Michaelson
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… George Michaelson
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… George Michaelson
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… Patrik Fältström
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… Philip Homburg
- [DNSOP] Example domains and following the standar… Stephane Bortzmeyer
- [DNSOP] Formal syntax in the Special-Use domain r… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Formal syntax in the Special-Use doma… Alain Durand
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… Alain Durand
- Re: [DNSOP] Alternative Special-Use TLD problem s… Paul Hoffman
- Re: [DNSOP] Alternative Special-Use TLD problem s… joel jaeggli
- Re: [DNSOP] Alternative Special-Use TLD problem s… Suzanne Woolf
- Re: [DNSOP] Alternative Special-Use TLD problem s… Suzanne Woolf
- Re: [DNSOP] Alternative Special-Use TLD problem s… Suzanne Woolf
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… joel jaeggli
- Re: [DNSOP] Alternative Special-Use TLD problem s… George Michaelson
- Re: [DNSOP] Alternative Special-Use TLD problem s… joel jaeggli
- Re: [DNSOP] Alternative Special-Use TLD problem s… Suzanne Woolf
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… Warren Kumari
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… Stephane Bortzmeyer
- Re: [DNSOP] Alternative Special-Use TLD problem s… John Levine
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… David Conrad
- Re: [DNSOP] Alternative Special-Use TLD problem s… Ted Lemon
- Re: [DNSOP] Alternative Special-Use TLD problem s… Warren Kumari
- Re: [DNSOP] Alternative Special-Use TLD problem s… Adrien de Croy
- Re: [DNSOP] Alternative Special-Use TLD problem s… John R Levine
- Re: [DNSOP] Alternative Special-Use TLD problem s… Philip Homburg
- Re: [DNSOP] Alternative Special-Use TLD problem s… Donald Eastlake