Re: [DNSOP] private-use in-meeting chat comments

Stephane Bortzmeyer <bortzmeyer@nic.fr> Sun, 22 November 2020 07:49 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C8993A121B for <dnsop@ietfa.amsl.com>; Sat, 21 Nov 2020 23:49:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Vmpc_7Ta52W for <dnsop@ietfa.amsl.com>; Sat, 21 Nov 2020 23:49:04 -0800 (PST)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C935C3A121A for <dnsop@ietf.org>; Sat, 21 Nov 2020 23:49:04 -0800 (PST)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id DB159280E51; Sun, 22 Nov 2020 08:49:02 +0100 (CET)
Received: by mx4.nic.fr (Postfix, from userid 500) id D4277280E5A; Sun, 22 Nov 2020 08:49:02 +0100 (CET)
Received: from relay01.prive.nic.fr (unknown [10.1.50.11]) by mx4.nic.fr (Postfix) with ESMTP id CC8E6280E51; Sun, 22 Nov 2020 08:49:02 +0100 (CET)
Received: from b12.nic.fr (b12.tech.ipv6.nic.fr [IPv6:2001:67c:1348:7::86:133]) by relay01.prive.nic.fr (Postfix) with ESMTP id C911160793AA; Sun, 22 Nov 2020 08:49:02 +0100 (CET)
Received: by b12.nic.fr (Postfix, from userid 1000) id B6D033FCC6; Sun, 22 Nov 2020 08:48:37 +0100 (CET)
Date: Sun, 22 Nov 2020 08:48:37 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Tony Finch <dot@dotat.at>
Cc: Brian Dickson <brian.peter.dickson@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>
Message-ID: <20201122074837.GB31567@nic.fr>
References: <CAH1iCirk5X9xOFmABQU9X9G92eQrePPuOwgXVHd4zza4kK9SwA@mail.gmail.com> <alpine.DEB.2.20.2011172127200.9850@grey.csi.cam.ac.uk> <CAH1iCirZWAzUpfhzdoJ8y7RfMFy7JEDhY1jBHbb7Y2CzD8iv3A@mail.gmail.com> <alpine.DEB.2.20.2011172229380.9850@grey.csi.cam.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <alpine.DEB.2.20.2011172229380.9850@grey.csi.cam.ac.uk>
X-Operating-System: Debian GNU/Linux 10.6
X-Kernel: Linux 4.19.0-12-amd64 x86_64
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Bogosity: No, tests=bogofilter, spamicity=0.000092, version=1.2.2
X-PMX-Version: 6.4.9.2830568, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.11.22.74217, AntiVirus-Engine: 5.79.0, AntiVirus-Data: 2020.11.21.5790002
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/E2eObWiiBQjnt6I2G0QKMiETn1Q>
Subject: Re: [DNSOP] private-use in-meeting chat comments
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Nov 2020 07:49:09 -0000

On Tue, Nov 17, 2020 at 10:51:45PM +0000,
 Tony Finch <dot@dotat.at> wrote 
 a message of 32 lines which said:

> if the domain points at AS112 then almost anyone might receive the
> QNAME leakage; if the domain is unregistered and the resolver does
> qmin then there's less leakage.
> 
> This is really a general issue with split horizon DNS: whoever is
> assigning or giving advice about local/internal DNS needs to make
> it clear that the names aren't private and will leak.

Note that this is one of the reasons why draft-bortzmeyer-dname-root
was not a success: some people objected that AS 112 is not to be
trusted with "private" names.