Re: [DNSOP] private-use in-meeting chat comments

Brian Dickson <> Tue, 17 November 2020 22:20 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D9B3F3A0DBC for <>; Tue, 17 Nov 2020 14:20:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5v1a_T5gfNTb for <>; Tue, 17 Nov 2020 14:20:09 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::e33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7179B3A0DB2 for <>; Tue, 17 Nov 2020 14:20:09 -0800 (PST)
Received: by with SMTP id y78so11968223vsy.6 for <>; Tue, 17 Nov 2020 14:20:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZmR+Aoxa/rElVqf1SSO2LW+Sp4wcCDzK4HtE0PqYgk8=; b=p7Zy9OKV5rSGYqARlYvKHMRMR+Fy0cQYbNnKHpHL8ElHGfA9mff3FQNs2xfyiZYW06 DjiZ6EcIX8+yQixi4oW0ElLGPsuOTbRTt+euCroXLg8LQR9QZND5wY8JgWLgzanoMkRv jHDyBx9oWZgUmhYWtY8TTk8x5Cl8icMMEZDjQA5eE4XExNYOEBmF2+oduHKEKLJetriM W7Vggq3B3ZqA0mj7VMFI6uPHYG5GRWMvgn3VIkjjf+jkMvUi5tDL/rFMHMTAmfF7zj+5 oSghZjyPVVgR+zZY0Lnjy8N72pVhEcZ3CT9XjVr/8jyyjxHH3ZIEuSkyDdu1x+F2Puxk 3/EA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZmR+Aoxa/rElVqf1SSO2LW+Sp4wcCDzK4HtE0PqYgk8=; b=MpCqY0jnyo1pVDyiVu0tbjj/XDgzfP6yXzGvpvSm7MLOFqgNa+ijXdDqj6dU3AwOi3 ftL8S9ImU2rnGZuwknSlIfBLrNLa3ONMdC5o2jGHWCMM16Wz5JEU1VjzNE5cV9AErWRT kEbwhCExVt2wP9Yc68AQMMy1FCRBy4QyLyr8ee7BFk8au9lhpMBWJHy3BsDl8ucmzSpB 7sMjKR/PYh5pDjt38LGEyA3JVMDqlxeEPqhZQ6nVSV5OVUiPdXUVvNNvikkRttEAcxni 8QKNl1lagtwlF4Uk91p9dW8NRCRvvfaSdvLrmKeAHSioD6XTHu4shryTRrP/IHgQe6Uq bPBA==
X-Gm-Message-State: AOAM533UZ+KE4SEGNww0kRgr2qEj8udAkW5bHtc3eMPCHe52ZqSObKeh oV7IGVzj1S12LS1rSSJRLx70efbrgOWcne8JZggNsce8
X-Google-Smtp-Source: ABdhPJzB9jqDLJezUXZo2xyzbtF81GT1z+JOX3gXvOddcShgfh2fbNldzntynCXh/nuYEMqiFfu9FZq2d/6XWjfIgs0=
X-Received: by 2002:a67:e916:: with SMTP id c22mr1557222vso.12.1605651608463; Tue, 17 Nov 2020 14:20:08 -0800 (PST)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Brian Dickson <>
Date: Tue, 17 Nov 2020 14:19:57 -0800
Message-ID: <>
To: Tony Finch <>
Cc: " WG" <>
Content-Type: multipart/alternative; boundary="000000000000c16e9005b454e533"
Archived-At: <>
Subject: Re: [DNSOP] private-use in-meeting chat comments
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 17 Nov 2020 22:20:11 -0000

On Tue, Nov 17, 2020 at 1:46 PM Tony Finch <> wrote:

> Brian Dickson <> wrote:
> > One potential approach is to say (in the RFC) that one of the two-letter
> > reserved codes should avoid name collision by putting a
> collision-resistant
> > second-level label, below .zz and above the private use usage (and use
> that
> > particular two-letter code in that manner exclusively).
> This kind of thing, or, is not that different in terms of
> usability / ugliness from assigning a unique subdomain under a domain that
> has been registered in the normal way.
> There's also a privacy leak: if you assign a unique subdomain then when a
> device roams and leaks queries for the private domain, the device can be
> tracked and correlated with other devices that use the same private
> domain.
> I have a terrible mental conflict trying to weigh this privacy issue
> against the horrible consequences of encouraging people to squat on
> unassigned domains and use colliding hostnames. The privacy leak probably
> needs to be fixed regardless, and if it is fixed then there would be a bit
> less pressure in favour of unwise squatting.

Definitely, the "magic" that is involved in using those, should be
self-limiting and automatic.

However, there's also another clever trick (for some value of $clever),
which isn't iron-clad but could help: DNAME
(FTW - qv RFC 7535 and 7534).

Brian DNAME Dickson