Re: [DNSOP] on private use TLDS

[Doug Barton <dougb@dougbarton.us>]

The IETF and ICANN share a sandbox on many topics, including the root 
zone. (But of course you already knew that.) And if you don't think 
ICANN has promised to not delegate HOME, CORP, and MAIL; you didn't read 
the reference I provided. Or, if you did read it, and still have 
concerns, that is that much more reason to work with them on a draft 
that memorializes it.

Meanwhile, as many others have pointed out, and your side of the 
argument continues to ignore, ISO can choose to change those rules. And 
if they do, we would have no recourse. OTOH, we do have a means of 
working with ICANN to codify certain TLDs for private use. Given those 
facts alone I'm frankly astonished that anyone would argue for any other 
course of action.

Doug


On 11/28/19 4:15 AM, Ted Lemon wrote:
> So let me get this straight: you want us to stay out of ISO’s sandbox by jumping right in to ICANN’s? ICANN has not promised never to delegate those domains, whereas ISO effectively has, so your reasoning doesn’t make sense.
> 
>> On Nov 27, 2019, at 23:39, Doug Barton <dougb@dougbarton.us> wrote:
>>
>> On 11/26/19 9:16 AM, Matthew Pounsett wrote:
>>> On Tue, 26 Nov 2019 at 05:19, Roy Arends <roy@dnss.ec <mailto:roy@dnss.ec>> wrote:
>>>     “ZZ” was used in my presentation as an example. Since this
>>>     bikeshedding is siphoning attention from the important part of the
>>>     discussion, I’ll try to re-focus on the question here:
>>>     "Is it safe to use ISO3166-1 Alpha-2 code elements from the User
>>>     Assigned range as top level domains for my own private use?"
>>> Thanks for the context, Roy.  Speaking as someone who was not at the IETF meeting this week, I found the earlier thread confusing.  But, it looks like the assumed context of bringing up "what can we use this for" as "can we assign this string in an RFC?" was correct.
>>> It seems like reassignment of anything in the User Assigned range is unlikely, however that is the purview of the iSO 3166 maintenance agency, and not the IETF.  However unlikely it is, we cannot be absolutely certain they will never reassign those, and so we should not include them in any standard (note the lower-case) published by the IETF.  Even if the IETF is just cut & pasting their current advice, I think it's unwise.
>>> I'm also persuaded by Bill's argument that the IETF has already stated that ISO 3166 has control over that bit of the namespace, and trying to take back part of it is confusing, bad form, and risky.
>>> Even though they're not specifically proposed, only mentioned in passing, I'd also like to point out that the referenced potential uses of things like XH instead of home.arpa. is even more risky, because that fixes that string for a specific use, even if it's private.  Using XH as an example, if that had been chosen it would run the risk of colliding with some legitimate use of XH already being used by a User... if that user then also needed to interoperate with Homenet technologies they'd be hosed.
>>> I think, instead of an RFC, what you really want is a Best Current Practices document, outside of the IETF, that is simply a redirect to the current ISO 3166 document.  Instead of DNSOP, I'd suggest you have a chat with one or more  of the BCOP efforts at the NOGs.
>>
>> I agree with Matt, Bill Woodcock, Steve Crocker, and others that have expressed that we should stay out of ISO's sandbox. Whatever the rules are today, they can change, and poaching their stuff for our purposes is bad form (and yes, I feel that poaching is what is being proposed, in spite of the arguments to the contrary).
>>
>> ICANN has already said that it's not going to ever delegate CORP, HOME, or MAIL. (https://www.icann.org/en/system/files/files/name-collision-mitigation-01aug14-en.pdf Section 3.2) IMO it would be useful for the IETF, with ICANN's cooperation, to codify that (if it hasn't been done already). I also think INTERNAL as a private-use TLD is a good idea, and should be included in the same doc. It's also useful to mention the distinction between using something temporarily for testing, and building infrastructure around it. If someone wants to put together a document like that I would be happy to offer support, review, and/or contributions if so desired.
>>
>> So what's the harm? Aside from the PR issues related to poaching ISO 3166 stuff, I have personally been involved a few times in unwinding the giant mess created when clients decided that they were going to use a string as an internal TLD, and then subsequently it got delegated publicly. This creates serious problems, is difficult to debug, and expensive to fix. The advice we've given folks for decades is, "Don't take it upon yourself to grab something that doesn't belong to you and build your network on it." In my view, that's what is being recommended here; and having seen the damage it causes first hand, I cannot support the proposal.
>>
>> Doug
>>
>> -- 
>> Since I haven't been involved in the group for a while here is a mini-resume for those that don't know me, offered with no small amount of embarrassment:
>> DNS and domain name work for 25 years, 20+ of doing it for a living
>> Formerly a regular IETF participant
>> Former GM of the IANA
>> Former consultant in the DNS/DHCP/IPAM and domain name spaces
>> Currently managing the domain name portfolio for a Fortune 100 corporation
>>
>> That said, all views are my own, and are worth exactly what you paid for them.  :)
>>
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop