Re: [DNSOP] Fwd: New Version Notification for draft-pan-dnsop-swild-rr-type-00.txt
Lanlan Pan <abbypan@gmail.com> Wed, 16 August 2017 04:19 UTC
Return-Path: <abbypan@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61748132361 for <dnsop@ietfa.amsl.com>; Tue, 15 Aug 2017 21:19:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6UiF6MAe_7MB for <dnsop@ietfa.amsl.com>; Tue, 15 Aug 2017 21:19:22 -0700 (PDT)
Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E99F1321A5 for <dnsop@ietf.org>; Tue, 15 Aug 2017 21:19:22 -0700 (PDT)
Received: by mail-wm0-x22d.google.com with SMTP id m85so21532894wma.0 for <dnsop@ietf.org>; Tue, 15 Aug 2017 21:19:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RVcpz8f6wQQ9+EFLUs/WfEmVlyuRUauwMjJcvHKt1/w=; b=HDZ19Zx5ZNQPVZQt/1ifw/yo2mdsd8gUFhepPofq3Uy7bsOmvO0/VmGhWBVQ9sstIk SmNE157asUJvBf3ZV++7S9bK7t6Q16rwB1YqlkIV/LXQDx0kqDjPZCpDQsut2SRm4gHN r6khFRnG69KtJWpk7GFlhC++2umZSCsyY/DphQCwVSL1pqjF4lxQEONpONhGjzN2Ew1X f2zG/VeydkKN+Z4KJN+R44TTSSnRVc/URtNz5SLZrSREKXv30dHUYrQEHijwkTHon8mr Fty22r3C2pNvMkXdx+FqqFXF5QxWANzf1OSUjuf7DwwkQOMKliv785ueYa52sKuN9wrW c3Aw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RVcpz8f6wQQ9+EFLUs/WfEmVlyuRUauwMjJcvHKt1/w=; b=VIITbcSUU9RqelchM9iH5cpygelTPrCvP3tOWcckgPKgd0un2oZ2baXUNNumjoukaI YrA4pZHkMjF6GqPwfWnzB9cYN9HakMa0PMJZVSAnlZzGAJGgPq1pBuvgwkfFfPPF5pX+ X1ngu4W2Opz2YNPsuR5tPdWAHYyp0ykJfNMRu2oWIG0bX+EVe9n05nsVVtCw15dLBxEc W5990aJ/+EYjUohsdj57ecmFI11AmpXdURrx/pwQ6pmrSUHwWtpC3XIB/Z14OgY47TuO WLoMBHbz6doTTIMZmCiOdomebZzXyJjTual6T2LuJA0bOtNtVOp7RgEE9wIWvOJb5N9F 9X7g==
X-Gm-Message-State: AHYfb5hvHvApJgqFPXFzZ5LhNMJEr3HiFZJvFV/EN/IJxgoQqxt0NGjj D2xVVnXwq1a87qL6iIrgYra8S1GSodX9Y14=
X-Received: by 10.80.146.5 with SMTP id i5mr708851eda.48.1502857160985; Tue, 15 Aug 2017 21:19:20 -0700 (PDT)
MIME-Version: 1.0
References: <CANLjSvWFh0ER47=SFJB-3rkTJKT_OxcjKwcD9-DUkDDxJTo=+g@mail.gmail.com> <201708151341.v7FDfNqR039481@calcite.rhyolite.com> <CAPt1N1=2eFRBCHYptn6W=3ruFisN0xRcMQSPPakgZXnmsaTS5w@mail.gmail.com>
In-Reply-To: <CAPt1N1=2eFRBCHYptn6W=3ruFisN0xRcMQSPPakgZXnmsaTS5w@mail.gmail.com>
From: Lanlan Pan <abbypan@gmail.com>
Date: Wed, 16 Aug 2017 04:19:10 +0000
Message-ID: <CANLjSvWkDTgqTg+fy2jZzfcaY7e1VWB11yiWMzO3MfcrCGVLSQ@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Cc: dnsop WG <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="f403045c0c463a8fbe0556d7336c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/JNlyNg30ilbIjtemhXRsk65q4yY>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-pan-dnsop-swild-rr-type-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Aug 2017 04:19:25 -0000
Hi Ted, Thanks for your relevant comments, :-) Ted Lemon <mellon@fugue.com>于2017年8月16日周三 上午1:28写道: > I tried to ignore this thread for a while, but became alarmed after > reading some of the recent comments, so I went and read the document. > > As far as I can tell, this document gives no clear justification for why > it is a good idea. We have not been told of the practical operational > problems that motivate it. It appears to solve a problem we have already > solved, in a way that creates new security vulnerabilities. We have not > been told why the existing solution to the problem is not adequate. > > If the authors have a real problem that they feel has not already been > solved, the first step in the process ought to be to present that > information to the working group, rather than to present a solution to the > working group with no clear statement about the problem it solves, and in > particular no data about the seriousness of the problem. > For what it's worth, which isn't much since the chairs haven't issued a > call for adoption, I don't think the working group should work on this. > We analyzed our recursive query log, about 18.6 billion queries from 12/01/2015 to 12/07/2015. We found about 4.7 Million temporary domains occupy the recursive's cache, which are subdomain wildcards from Skype, QQ, Mcafee, Microsoft, 360safedns, Cloudfront, Greencompute... Temporary Domain Names/ All Names: 41.7% Queries for Temporary Domain Names/ All Queries: 0.12% Details in: Dealing with temporary domain name issues in the DNS <https://www.computer.org/csdl/proceedings/iscc/2016/0679/00/07543831-abs.html> <https://www.computer.org/csdl/proceedings/iscc/2016/0679/00/07543831-abs.html> The operational problem is, subdomain wildcards waste recursive cache capacity. Existing solution to the problem is not adequate in recursive operating environment at present, because of low DNSSEC deployment. > > On Tue, Aug 15, 2017 at 9:41 AM, Vernon Schryver <vjs@rhyolite.com> wrote: > >> ] From: Lanlan Pan <abbypan@gmail.com> >> >> ] Give the choice to operators, time is the best witness, like IP >> surpassed >> ] ATM. >> >> That is backwards. IP did not surpass ATM, because IP came long before >> ATM. Instead, end-to-end ATM was the last gasp of the end-to-end >> circuit switching point of view. End-to-end ATM was supposed to replace >> IP, but instead the new virtual circuits of ATM came far too late and >> did not solve the problems that packet switching had already solved. >> >> ATM has not yet died and is still common for some uses. For example, >> ATM is used as x.25 was used under IP in the early days of IP; many >> DSL installations use AMT VCs. >> >> A better and more relevant history is that of the SPF RR. The SPF RR >> was supposed to replace the use of the TXT rtype for SPF. The SPF RR >> was widely available in deployed DNS authoritative servers (via BIND). >> I think it was in milter modules for sendmail and postfix. Nevertheless, >> it died because it came late, was only a modest improvement, and required >> operators to do something more than they were doing. >> >> >> Vernon Schryver vjs@rhyolite.com >> >> _______________________________________________ >> DNSOP mailing list >> DNSOP@ietf.org >> https://www.ietf.org/mailman/listinfo/dnsop >> > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > -- 致礼 Best Regards 潘蓝兰 Pan Lanlan
- [DNSOP] Fwd: New Version Notification for draft-p… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Tony Finch
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Petr Špaček
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Matthew Pounsett
- Re: [DNSOP] New Version Notification for draft-pa… Paul Hoffman
- Re: [DNSOP] Fwd: New Version Notification for dra… Richard Gibson
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Matthew Pounsett
- Re: [DNSOP] Fwd: New Version Notification for dra… Dave Crocker
- Re: [DNSOP] New Version Notification for draft-pa… Peter van Dijk
- Re: [DNSOP] New Version Notification for draft-pa… Matthew Pounsett
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Mark Andrews
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Mark Andrews
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Vernon Schryver
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Vernon Schryver
- Re: [DNSOP] Fwd: New Version Notification for dra… Ted Lemon
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Mukund Sivaraman
- Re: [DNSOP] Fwd: New Version Notification for dra… Mikael Abrahamsson
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Mukund Sivaraman
- Re: [DNSOP] Fwd: New Version Notification for dra… Mukund Sivaraman
- Re: [DNSOP] Fwd: New Version Notification for dra… Mikael Abrahamsson
- Re: [DNSOP] Fwd: New Version Notification for dra… Mukund Sivaraman
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Mark Andrews
- Re: [DNSOP] Fwd: New Version Notification for dra… Davey Song
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] New Version Notification for draft-pa… Ralf Weber
- Re: [DNSOP] New Version Notification for draft-pa… Lanlan Pan
- Re: [DNSOP] Fwd: New Version Notification for dra… Davey Song
- Re: [DNSOP] Fwd: New Version Notification for dra… Mikael Abrahamsson
- Re: [DNSOP] Fwd: New Version Notification for dra… Ted Lemon
- Re: [DNSOP] Fwd: New Version Notification for dra… Vernon Schryver
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Vernon Schryver
- Re: [DNSOP] fragile dnssec, was Fwd: New Version John Levine
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] Fwd: New Version Notification for dra… Vernon Schryver
- Re: [DNSOP] fragile dnssec, was Fwd: New Version Mark Andrews
- Re: [DNSOP] Fwd: New Version Notification for dra… Lanlan Pan
- Re: [DNSOP] fragile dnssec, was Fwd: New Version Petr Špaček
- Re: [DNSOP] Fwd: New Version Notification for dra… Paul Vixie
- Re: [DNSOP] fragile dnssec, was Fwd: New Version Matthew Pounsett
- Re: [DNSOP] fragile dnssec, was Fwd: New Version John R Levine
- Re: [DNSOP] New Version Notification for draft-pa… Ted Lemon
- Re: [DNSOP] fragile dnssec, was Fwd: New Version John R Levine
- Re: [DNSOP] New Version Notification for draft-pa… Ralf Weber
- Re: [DNSOP] fragile dnssec, was Fwd: New Version Mark Andrews
- Re: [DNSOP] fragile dnssec, was Fwd: New Version John R Levine
- Re: [DNSOP] fragile dnssec, was Fwd: New Version Mark Andrews
- Re: [DNSOP] updating fragile dnssec, was Fwd: New… John R Levine
- Re: [DNSOP] updating fragile dnssec, was Fwd: New… Patrik Fältström
- Re: [DNSOP] New Version Notification for draft-pa… Lanlan Pan
- Re: [DNSOP] New Version Notification for draft-pa… Lanlan Pan
- Re: [DNSOP] New Version Notification for draft-pa… Ted Lemon
- Re: [DNSOP] fragile dnssec, was Fwd: New Version John Levine
- Re: [DNSOP] New Version Notification for draft-pa… Warren Kumari
- Re: [DNSOP] New Version Notification for draft-pa… Lanlan Pan
- Re: [DNSOP] fragile dnssec, was Fwd: New Version Petr Špaček
- Re: [DNSOP] fragile dnssec, was Fwd: New Version A. Schulze