Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

Warren Kumari <> Sat, 10 February 2018 20:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6BE0012DA29 for <>; Sat, 10 Feb 2018 12:21:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aIBUMBUxKrMq for <>; Sat, 10 Feb 2018 12:21:57 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D97E31270AC for <>; Sat, 10 Feb 2018 12:21:56 -0800 (PST)
Received: by with SMTP id r71so3232026wmd.1 for <>; Sat, 10 Feb 2018 12:21:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=VR9EdxyXneYBJHIdRZsg/7/ptCPDnShQ1h/MhEsTd2g=; b=xdlM3r2joEocn10ncDkd8iwiePD2orUHghfHkDs1jpSq/X6/Qvi8hsNCUqjdYmGjB8 9cRDDFa21Oc9RSacB0RNofUqt11RGZ+AymLXKx8w4qc++UIc63Bc1GsL2Qawp8YMwm2h 7q1hGsKS/B2SfZo0UAZypkV6008LRtjLfxkl8CcE7xRks+P8vZyYN2y/6jtXR6o+3FT/ k9wDL9S6S1+wHTUoNTeJy0t76MIKywsCwy0aB4KrrZcVFoi8TNPeZ2dYaZCxCoWfrxNx eORNTI6ReIVtQXFF4AnmhITxaTjHH5aycHXodcFsMTtxUIVXgwprU4UbDV9EcDlpW999 kVcg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=VR9EdxyXneYBJHIdRZsg/7/ptCPDnShQ1h/MhEsTd2g=; b=S3P9A+9n+wZVoKjdTYXEM6nW2YZzsh9K376Ww+Ol+UQZXnMDaBLFH+t95IX1Qlzep1 ridW2Tca9jIYydEB28X4jpqkyQo3FBkAAqYsHRj115fZg5NCChFVcXY9RXvdKJXoxsNU Ah61oA1x0UXttRbY6UhbAwxws+mqmbxpqRPlxuyYMiwqOTquYPdY1dSuDemYPfEa1kaZ 9cUs0mpih9cIJk5Ax0/rfw6JQRSJoHAVImY4ggN4ly+Q1okTZq14g5LMzMASIA/LsjDe 5nx2w11/4ZaRz8RAa6XuX8O7muXZ/KSlEq6ig8DPXnbjfCc32aHC0kmjXrl0A3stPYQR o3Xw==
X-Gm-Message-State: APf1xPB4HvjdaJ+hH2yO1m3NJ9wP80CJlfDtlSZJHYom5g8welFsz16G r8UJodX1AivC/oiDINyZaWzj26K2r9sMto/QjL4Hhlcnpug=
X-Google-Smtp-Source: AH8x227sILj9JT1kcbmvEzzrBubt4t+2VaIGSRIBUCn7pZr1FOdU6rVRcc98U184j8KwjcjHLVqFea8NNM5l8o31D9U=
X-Received: by with SMTP id t3mr4883327wmh.134.1518294115023; Sat, 10 Feb 2018 12:21:55 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Sat, 10 Feb 2018 12:21:14 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <>
From: Warren Kumari <>
Date: Sat, 10 Feb 2018 20:21:14 +0000
Message-ID: <>
To: Andrew Sullivan <>
Cc: dnsop <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 10 Feb 2018 20:21:59 -0000

On Fri, Feb 9, 2018 at 10:55 PM, Andrew Sullivan <> wrote:
> Hi,
> On Tue, Feb 06, 2018 at 12:50:18AM -0500, Ted Lemon wrote:
>> That's pretty clear.   This document is not forbidding the appearance of such names in the DNS, nor the resolution of such names.
> Instead, it is wanting to have its cake and eat it too.  Because…
>>    Note, however, that the admonition against searchlist usage could
>>    affect their resolution in practice, as discussed in Section 3
> …of the "admonition" (or whatever you want to call it).  In effect,
> the document requires special-casing of "localhost" as a label in
> every searchlist context.
> If the goal is to say, "The search list is evil, and should not be
> used," then say that.

<with no hats at all>
Interestingly enough, Steve Sheng and I wrote just such a document a
number of years ago (around the time of the initial name-collisions
drama). Even though I'm 95% sure it included the phrase "tilting at
windmills" my search foo fails me at the moment... but it basically
deprecated search list processing in the DNS.
There are many things which would be safer, less complex, and safer if
search lists didn't exist -- would people be interested in discussing
the idea, or is it just too out there?

>  Otherwise, what this document is _really_ doing
> is altering STD13's search list processing, to include special-casing
> of down-tree names.
> I think that is the case despite this bit:
>>        Application software MUST NOT use a searchlist to resolve a
>>        localhost name.  That is, even if DHCP's domain search option
>>        [RFC3397 <>] is used to
>>        specify a searchlist of "" for a given network,
>>        the name "localhost" will not be resolved as
>>        "" but as "localhost.", and
>>        "subdomain.localhost" will not be resolved as
>>        "" but as
>>        "subdomain.localhost.".
> The reason I think that is because of the earlier part:
>    2.  Application software MAY recognize localhost names as special, or
>        MAY pass them to name resolution APIs as they would for other
>        domain names.
> If you can just pass this to a resolution API, then it's actually the
> resolution API that needs to know to handle the search list rules
> according to this new specification (this part of the specification
> does not say that you can only use the API if you can tell the API not
> to use search lists, &c).
> I really do sympathise with the goal of the document, but I think it
> is making a bigger change than it seems to understand.  And anyway, I
> don't understand how the original 6761 text is the wrong approach:
> given that it isn't even being followed on the Internet today, there's
> no reason to suppose that this alternative approach is going to make
> things any better.
> Best regards,
> A
> --
> Andrew Sullivan
> _______________________________________________
> DNSOP mailing list

I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.