Re: [DNSOP] ALT-TLD and (insecure) delgations.

Ted Lemon <mellon@fugue.com> Tue, 07 February 2017 18:57 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B41C21295AB for <dnsop@ietfa.amsl.com>; Tue, 7 Feb 2017 10:57:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2gs0_MPv4I0T for <dnsop@ietfa.amsl.com>; Tue, 7 Feb 2017 10:57:17 -0800 (PST)
Received: from mail-qt0-x229.google.com (mail-qt0-x229.google.com [IPv6:2607:f8b0:400d:c0d::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E67E9129404 for <dnsop@ietf.org>; Tue, 7 Feb 2017 10:57:16 -0800 (PST)
Received: by mail-qt0-x229.google.com with SMTP id v23so143898309qtb.0 for <dnsop@ietf.org>; Tue, 07 Feb 2017 10:57:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=pyC/MViL8Ze7v1kZPH9iaPKkK+Ipw3LJlYQyJCUgKS8=; b=v2ClUPMYxhAJtFECwB/1jR+w5waMSqrPdQAyABEG02yRP1FWhDHOe8OvwIoHMvpH7w bkqz1iCzdIL4UIIwnAnOeB1G1+0z6qfgdneIfJS38atEUtNmkP0XCA3QWDMkiTaYyLQs j7ghYPq55X3hk+ERJHyPqqIQ6RFkqQha5Re7ePiMiZyn7aXGYKUoWMaAyj/XS42dx/Ty WeE1EdbC5WK/fbXPBaAi/6lmzEv+4I4E0a1Zs0gNNNQEVxLAwkFU/uu440vtokQyFn9M vDIoSVa51DQn+aPc0KllRhqSSTQYIfRcK2/++BPOwnoM47abunEcYDmUdSg5AhvlLP9r RvlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=pyC/MViL8Ze7v1kZPH9iaPKkK+Ipw3LJlYQyJCUgKS8=; b=A35L/D3BUv7hszfY2zINw2fF7qxTmVV+v7+MqjjfZ2JtStDWKAfIzNavCYnewvvh5i 3FT3u6A2dRL+XSqKZuGYE4fC5ktRYpiCAep7KVPT8gAjHafSMLRs1fqaUytKiRwk2hZh udlQfELSw7zo2WVRLRZSBNo9+KL26JbniQ6NYXgHXPWrlAutJhT2y85ay+VPXA8j/lpq qD62HSgTY7ZhjK0fBHEf0u8Xd4GicBeRve/5GwDEW3z6EHJpl3+l3aatFxJ+qIGtC/tV rIfcHv6KsOLlRMD88kOXDIsNDrrE8mHG55vXxBm0/1tlPdYbeFseF/SBPZ8AXNamUQrZ 8ozQ==
X-Gm-Message-State: AMke39nYpiB3UbrMnOZLglsEE9J19GaopMtmuOb4XDCD9D9OFXEus2GAE9+/y3Jo/9HpCQ==
X-Received: by 10.237.59.213 with SMTP id s21mr15151529qte.146.1486493835991; Tue, 07 Feb 2017 10:57:15 -0800 (PST)
Received: from [10.0.20.228] (c-73-167-64-188.hsd1.ma.comcast.net. [73.167.64.188]) by smtp.gmail.com with ESMTPSA id b1sm4096880qkc.33.2017.02.07.10.57.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 07 Feb 2017 10:57:14 -0800 (PST)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <63D0E93E-BD79-4427-8C7B-DB67582BC156@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3D77C27E-DE0F-4B40-806E-A7C11B91F59B"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Date: Tue, 07 Feb 2017 13:57:13 -0500
In-Reply-To: <20170207184945.10052.qmail@ary.lan>
To: John Levine <johnl@taugh.com>
References: <20170207184945.10052.qmail@ary.lan>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/EAferl9hlFYaVyvcin8Aq2CKNnE>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] ALT-TLD and (insecure) delgations.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2017 18:57:19 -0000

On Feb 7, 2017, at 1:49 PM, John Levine <johnl@taugh.com> wrote:
> I really doubt that if we bless both .alt and .lcl (or whatever) that
> the people building stuff will use the one we want them to use.

Then it won't work for them.   But fashionable though this sort of cynicism is, clear specifications do get read, and not everybody is a blithering idiot.   We can't protect people from shooting themselves in the foot, but we can make it possible for them not to shoot themselves in the foot.   That's what Warren is proposing.