IETF Logo Mail Archive

Re: [DNSOP] ALT-TLD and (insecure) delgations.

Ray Bellis <ray@bellis.me.uk> Sat, 04 February 2017 09:46 UTC

Return-Path: <ray@bellis.me.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1C6E12961C for <dnsop@ietfa.amsl.com>; Sat, 4 Feb 2017 01:46:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zkb4mJaLVuMW for <dnsop@ietfa.amsl.com>; Sat, 4 Feb 2017 01:46:19 -0800 (PST)
Received: from hydrogen.portfast.net (hydrogen.portfast.net [188.246.200.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D62912957A for <dnsop@ietf.org>; Sat, 4 Feb 2017 01:46:18 -0800 (PST)
Received: from [46.227.151.81] (port=62904 helo=rays-mbp.local) by hydrogen.portfast.net ([188.246.200.2]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) id 1cZwvA-0004fg-2b (Exim 4.72) for dnsop@ietf.org (return-path <ray@bellis.me.uk>); Sat, 04 Feb 2017 09:46:16 +0000
References: <CAHw9_i+8PA3FQx8FqW-xQ_96it7k-g5UrMB7fxARUi1gwQ++hw@mail.gmail.com> <20170201204455.6nymmjlj5lzq2ect@mycre.ws> <CAHw9_iJ50jWgsAe+hRKUtubfAtpt7+GEeCKEASzypcf86+4nYA@mail.gmail.com> <20170204015158.GB67739@mx2.yitter.info> <5BB1A3F5-5EFB-4164-9720-68E262E58636@fugue.com> <20170204021353.GF67739@mx2.yitter.info>
To: dnsop <dnsop@ietf.org>
From: Ray Bellis <ray@bellis.me.uk>
Message-ID: <0c9ea76d-a541-943a-d72e-bfe255d57259@bellis.me.uk>
Date: Sat, 04 Feb 2017 09:46:15 +0000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <20170204021353.GF67739@mx2.yitter.info>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JLcValI5d-chy3Q2TMfu1TjpBzM>
Subject: Re: [DNSOP] ALT-TLD and (insecure) delgations.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Feb 2017 09:46:21 -0000


On 04/02/2017 02:13, Andrew Sullivan wrote:
> Right, that's always been the problem with using this _for the DNS_.
> Homenet has no choice in that, because the whole point of the homenet
> name is precisely to enable in-homenet DNS without reference to the
> global DNS.  I think you're quite correct that we need to decide
> whether alt is to be used for those purposes.  I'm not convinced
> that's so useful.

If it turns out that we can't get the insecure delegation that we need
for .homenet, then I'd (personally) be reasonably happy with
.homenet.alt, except that the current proposals for the use of .alt
wouldn't seem to permit that.

Ray

v2.23.0 | Report a Bug | By Email