IETF Logo Mail Archive

[DNSOP] Re: [Ext] Re: Call for Adoption: draft-davies-internal-tld

Shumon Huque <shuque@gmail.com> Wed, 23 April 2025 16:47 UTC

Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 6B7622020935 for <dnsop@mail2.ietf.org>; Wed, 23 Apr 2025 09:47:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rdvc3s1QUx-u for <dnsop@mail2.ietf.org>; Wed, 23 Apr 2025 09:47:03 -0700 (PDT)
Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 0E5CB202092E for <dnsop@ietf.org>; Wed, 23 Apr 2025 09:47:03 -0700 (PDT)
Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-39c13fa05ebso41609f8f.0 for <dnsop@ietf.org>; Wed, 23 Apr 2025 09:47:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1745426822; x=1746031622; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=KsS1b4HZcxoTVrTd5xJH8Oc9UcXwqfQb4SRc3S2FYFM=; b=aefLWLwktx1n3OAKhdnKYHqpUJoBXvzgl/fNWtsYan6Pcmm/iA8vt+qDIxPMxngiq+ yPkLLqQuZK4RAacFsT91tigd5NfpUIb1uOt/GQPyMCQXV7JxD/DjN4RabtlxluaYvCYT jKiVogOUPICRPCOLoNm17Xwb+sAV8UmznrDP/y78lBUaOIy/yj/HtklKnBrg73bJ1jcr kU4qC4TuLv/tWrijZX9uIuxzRGUdZw9kFtXSUstulBolCpxb23U8mT/NJkqCS/WHF6kb NBgJqfoDXPivi2KyCxgo+vIRISvgJnoGk92VFGsOHQH60R8j8kPy3UfBftGUCukv+iER qHug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745426822; x=1746031622; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KsS1b4HZcxoTVrTd5xJH8Oc9UcXwqfQb4SRc3S2FYFM=; b=MVusePW99u//oYxY9eZBlLmq5b8QJVWpnw4y5mqay8fsjjtvvtqJlGBkTAJfYILea7 eHIkiQDtu5QpQ2IXSUTSxOkOiV/y9jiQkImXuEPj+CRQIgNYoxemgzSGMXyj124MNak5 ntrwcQoCptKBIcwcQdX1FciIctjekpvYGe41MtlKSiAkLMi4qZLGE4x9PciQGiMtPnlF RFolT8omCDEA5hd06fM/M3CM5UxRGlNEF5hwQJpn6xGSArSlNeNwUrfutUoDyB/oTvKV Qvm7ZPazur9FVcC5PlKI0vy2y1mJbpPY7HeBBTrZ7ZvQpH/fJLoRwwQjtLS1q0p/kgIR 5zxw==
X-Forwarded-Encrypted: i=1; AJvYcCUrvhKULwbvKh1Uhfl/Nei13qvPd4DimnAI2pk9LA4NRRLWnwpNFSocUkca3IHPakcpAPYYug==@ietf.org
X-Gm-Message-State: AOJu0Ywe9IA3REx9UNx6GAKh+oSXaJ4IbWRQhnTCx+KXlbGBTucVOM1E GSnUS2Yn/KKF/D20t6QFFyNbP/xJeyeyXH9ynKTFlzW+TGiKdGHPiWPGepxJlQMZIo0aMlBIxor PRh9yFIcV4lfQaut9Y1Znl1wJEg0=
X-Gm-Gg: ASbGncsLJ2ULf6XVz8hcH2rUsV2y/RS/40FsiYnGMXcV6t/bGKwj2xSgYeMCWqu/ty/ PFTJB9u34zVRfY+e195wVGzEY0PuQM2lDvw+xGOjVIJLekcOjHoXM3IcJz1IIX6cTNpimjtyaIL Dsl7zcDUEYy6yluRJJBiqpJQmJwm2pBBpiRsTjaXzuejLZg+2BefRajhhs
X-Google-Smtp-Source: AGHT+IFky7r983DIbJ82Bj0b1nULO5l6XhEZPc0h7ffvIYWbVKMGoV5GFMiBhKtFgarQDA3Q2q19i09KsjO/7SjBR4M=
X-Received: by 2002:a05:6000:4027:b0:392:c64:9aef with SMTP id ffacd0b85a97d-39efba473b3mr15547871f8f.20.1745426821664; Wed, 23 Apr 2025 09:47:01 -0700 (PDT)
MIME-Version: 1.0
References: <m1u5h1G-0000LcC@stereo.hq.phicoh.net> <83666fd3-a51f-46e1-a5ac-0b9a46361480@desec.io> <49E3B1B6-E960-4A46-9C5D-2721FD57132D@depht.com> <3b5fb9e7-8a2b-420f-a2fb-dd6f6a0b88ae@isc.org> <89047B78-A2B1-43F2-A996-94DF1E90538A@depht.com> <cc84f69c-c349-4d91-b942-80221b564a9b@isc.org> <ac48e27d-479f-42f3-b87f-891220ef2fe8@app.fastmail.com> <BE721880-6254-48F4-9F91-567A99E0511B@icann.org> <m1u7asT-0000MtC@stereo.hq.phicoh.net> <deee1bc6-da57-4c64-9093-584475dfb770@desec.io>
In-Reply-To: <deee1bc6-da57-4c64-9093-584475dfb770@desec.io>
From: Shumon Huque <shuque@gmail.com>
Date: Wed, 23 Apr 2025 12:46:49 -0400
X-Gm-Features: ATxdqUFePMEF6cDRqLtBkvZc8QvFupm4Rg52lPlep9NQB-PA6SPY0hcnCixTZ6E
Message-ID: <CAHPuVdU7F-nRwj_kcAUBE3ZV+SJBeESRQiBvmE0hXOFz7XWnzQ@mail.gmail.com>
To: Peter Thomassen <peter=40desec.io@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000afdf0e063374d9d2"
Message-ID-Hash: KDGLCF6VVPP6M3HS2EMF5UMTZ5TY5CEN
X-Message-ID-Hash: KDGLCF6VVPP6M3HS2EMF5UMTZ5TY5CEN
X-MailFrom: shuque@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Philip Homburg <pch-dnsop-6@u-1.phicoh.com>, dnsop@ietf.org, Paul Hoffman <paul.hoffman@icann.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: [Ext] Re: Call for Adoption: draft-davies-internal-tld
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/HH4w0RLhci2mhuVELIzR08OzANE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

On Wed, Apr 23, 2025 at 11:17 AM Peter Thomassen <peter=
40desec.io@dmarc.ietf.org> wrote:

> On 4/23/25 16:15, Philip Homburg wrote:
>
[ ... ]

> > For this working group, I think it is safe to assume that ICANN will not
> > create an insecure delegation for internal.
> >
> > So in my opinion this draft should not be adopted. The best solution is
> > no IETF document at all. That leaves the IETF out of this issue.
>
> I agree. Be it upon advice of SSAC or not, if we find ourselves in a
> situation that this WG has no good way of dealing with, I think it's OK to
> not deal with it.
>

I agree also.

Also, the IETF should not be publishing documents with technically unsound
advice. So we should not be recommending using ".internal" (see my previous
note in this thread). I would be more comfortable with an alternative draft
about best practices for using private domains.

The main benefit of the ICANN board resolution I see is to prevent
collateral damage caused by the unwise use of .internal by existing
organizations, namely to defend against name collision risk by private
queries for these domains leaking out to the internet. The IETF doesn't
really need to say anything further on the subject in my view.

Shumon.

v2.31.3 | Report a Bug | By Email | System Status