IETF Logo Mail Archive

Re: [DNSOP] Moving forward on draft-ietf-dnsop-private-tld

"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 30 July 2021 22:04 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC7C23A1302 for <dnsop@ietfa.amsl.com>; Fri, 30 Jul 2021 15:04:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.596
X-Spam-Level:
X-Spam-Status: No, score=-9.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=TyWCDrhm; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=nEypCNGr
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J6wbB2axPM2t for <dnsop@ietfa.amsl.com>; Fri, 30 Jul 2021 15:04:09 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30F383A1304 for <dnsop@ietf.org>; Fri, 30 Jul 2021 15:04:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4114; q=dns/txt; s=iport; t=1627682649; x=1628892249; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=48A2XG6IA+ymy2+/b+yK+Qviq0nrQydX4UIRrLqCfXs=; b=TyWCDrhmc9egjkIn7md/vH/sW00ggR2jfs/cEQ4P0s9zj5OLKVuRNc9M 0Zdiep30wIVhuYrazZdWivfCxuxvmnRNu122SZaymzYJWK4U2V8YFciZa ifYT0BfhQ6lRyfHYqmLTuXphZIU6Q0ACMTeDjU6ItRdQWQNYnyS6vUGN7 8=;
IronPort-PHdr: A9a23:1uGg2hNesMg+ct+VFFwl6ncdWUAX0o4cdiYZ7IE8zb9FIeyv/JXnaUrY4/glzFrERp7S5P8Mje3K+7vhVmoN7dfk0jgCfZVAWgVDhZAQmAotU8KDEla9IfW5JyA/Fd5JAVli+XzzOENJGcH4MlvVpHD67TMbFhjlcwRvIeGgEY/JhMPx3Oe3qPXu
IronPort-HdrOrdr: A9a23:heFYxKzFbXrAt8a+ySvDKrPxjeskLtp133Aq2lEZdPULSK2lfpGV8sjziyWatN9IYgBdpTnyAtj+fZq6z+813WBxB8btYOCCgguVxe5ZnPPfKlHbakjDH6tmpNpdmstFeZ3N5DpB/L3HCWCDer5KqrTqgcPY59s2jU0dNz2CAJsQiDuRfzzra3GeMzM2Y6bReqDsgvZvln6FQzA6f867Dn4KU6zovNvQjq/rZhYAGloO9BSOpSnA0s+4LzGomjMlFx9fy7Yr9mbI1ybj4L+4jv29whjAk0fO8pVtnsf7wNcrPr3PtiFVEESotu+bXvUnZ1SwhkFynAhp0idyrDD4mWZlAy200QKIQoj6m2q35+Cq6kdR15ar8y7ovZKkm72ieNr/YPAx2b6wtXDimhcdVZhHodJ29nPcuJxNARzamiPho9DOShFxj0Kx5WEviOgJkhVkIMEjgZJq3MQiFXluYdw99ePBmfQaOfgrCNuZ6OddcFucYXyctm5zwMa0VnB2GhudWEANtsGczjATxRlCvgcl7d1amm1F+IM2SpFC6eiBOqN0lKtWRstTaa5mHu8OTca+F2SISxPRN2CZJ0jhCcg8Sj/wgo+y5K9w6PCheZQOwpd3kJPdUElAvWp3YE7qAd3m5uwDzvkMehTKYd3J8LAQ23FUgMyPeFPbC1z1dLl1qbrSnxw2OLyvZ8qO
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BxCgDTdgRh/40NJK1aHgEBCxIMQIFOC4FTUQd3WjcxhEeDSAOFOYheA49uikWBLhSBEQNUCwEBAQ0BASoLDAQBAYRYAheCZQIlNgcOAgQBAQESAQEFAQEBAgEGBIERE4VoDYZCAQEBBAEBEBERDAEBLAwLBAIBCBEEAQEDAiYCAgIlCxUICAIEARIIGoJQglUDLwEOnxYBgToCih96gTGBATuBTAEBBgQEhRoYgjQDBoEQKoJ8hA+CaoN6JxyBSUSBWIJiPhyCRgEBgSY8gxU2gi6DWiYEU1s9AhU7UQ0ClSeoEgqDJ55hEqZnlg6gDh8WhFACBAIEBQIOAQEGgWcDMYFZcBU7gmlQGQ6OHwwWg0+FFIVKczgCBgEKAQEDCYpQAQE
X-IronPort-AV: E=Sophos;i="5.84,283,1620691200"; d="scan'208";a="900095550"
Received: from alln-core-8.cisco.com ([173.36.13.141]) by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 30 Jul 2021 22:03:58 +0000
Received: from mail.cisco.com (xbe-aln-006.cisco.com [173.36.7.21]) by alln-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 16UM3w02014187 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Fri, 30 Jul 2021 22:03:58 GMT
Received: from xfe-rtp-005.cisco.com (64.101.210.235) by xbe-aln-006.cisco.com (173.36.7.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Fri, 30 Jul 2021 17:03:58 -0500
Received: from xfe-rtp-003.cisco.com (64.101.210.233) by xfe-rtp-005.cisco.com (64.101.210.235) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Fri, 30 Jul 2021 18:03:57 -0400
Received: from NAM04-MW2-obe.outbound.protection.outlook.com (64.101.32.56) by xfe-rtp-003.cisco.com (64.101.210.233) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15 via Frontend Transport; Fri, 30 Jul 2021 18:03:57 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jSnHRVSz6XYLve7oOJ9HQEBY5lQcXJj4DDa8sXuj84kk5Q24AB+KD/U9gKWcTquLSGGUQOsgATuN2rq8qz7I0/Bcq6J1xgr+D5L6o+7xdgFa8oM/ZhOHS9/MZ/NLvJVjiYjISyspO7pADesl4L7F+lgOgXjEbiXcGb1JAE8bRTrZ8kzd3n/J6adxTccpDnwDEjfLx2+4QVtJFuVgCe315sAVVtxfAsSUTz/yZ2/KUoo8tJnRzv/F7pKm92D1y4x+ppUF3vZxVnx8P90LMUYP08ozzOOnssaHlbCSSdseBKhcAS6UFAUXLAkt8pounAXiQMSdX04nWXdaz24zEWHTXQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=48A2XG6IA+ymy2+/b+yK+Qviq0nrQydX4UIRrLqCfXs=; b=GrgnYVF548ZPw/oEm6cnw7H57MDVT+DK+6uv4ACh7fDjCj0Ajfpx84rAaUPnffMlxvvbLRPB/qQDFwbvRBnU8saLsuWHc57d2smL5+E2kbyxpyY++L0o+rkb/3rSX5p4dtt13Mh7a/qkie759EkXKD+GTCYnB8DWl2mjTOmW130Ry1/c6QHkiF8gv6kynOR6XxaMKHTuw4HgsoRII8iGHxa+KJICEQb2pcuufLWta3F3gUij3PNxkIInKh1jVsKVDEN9I66QLXV7OzH9bHvuUA8t5qa7uJF2Fhov8h1CkFbCRmPhw7MPsqdt7T2CDh7SevzGzNX6TiJVAnECCey49g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=48A2XG6IA+ymy2+/b+yK+Qviq0nrQydX4UIRrLqCfXs=; b=nEypCNGrwt2Hw4TTSVohSjwk5poYpDRimGS7x/7QPHwbH/OKMpEnuhpHBfhgCSqUaifrVn1L/fd0KT8a1E0oW/I9RSxCJrzMYBkoVznsK4SnySWwGcYajhxfwn9hYdiB4WpDeQoAm0j7i2pLInQXraHu7wHKrSYri06sTxfnw0o=
Received: from DM4PR11MB5438.namprd11.prod.outlook.com (2603:10b6:5:399::21) by DM4PR11MB5437.namprd11.prod.outlook.com (2603:10b6:5:398::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.17; Fri, 30 Jul 2021 22:03:56 +0000
Received: from DM4PR11MB5438.namprd11.prod.outlook.com ([fe80::a85a:cb8b:2d73:5e12]) by DM4PR11MB5438.namprd11.prod.outlook.com ([fe80::a85a:cb8b:2d73:5e12%7]) with mapi id 15.20.4373.025; Fri, 30 Jul 2021 22:03:56 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Roy Arends <roy@dnss.ec>, dnsop <dnsop@ietf.org>
Thread-Topic: [DNSOP] Moving forward on draft-ietf-dnsop-private-tld
Thread-Index: AQHXhW+2qYDPOfPgX0effG6tfm8BX6tb2jOg
Date: Fri, 30 Jul 2021 22:03:56 +0000
Message-ID: <DM4PR11MB5438331F84E1A5A2567D8FCDB5EC9@DM4PR11MB5438.namprd11.prod.outlook.com>
References: <E5E151E6-0BC0-44FE-BF7C-6B2ED207894F@dnss.ec>
In-Reply-To: <E5E151E6-0BC0-44FE-BF7C-6B2ED207894F@dnss.ec>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dnss.ec; dkim=none (message not signed) header.d=none;dnss.ec; dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c2e6af5b-6bcf-4920-7135-08d953a5ed1d
x-ms-traffictypediagnostic: DM4PR11MB5437:
x-microsoft-antispam-prvs: <DM4PR11MB54378B49C408577CE0DACDD4B5EC9@DM4PR11MB5437.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JZWKT3DP0OaqrW66JZ19pb2+q/Jk8cYLQqXq22Ff5yEoZJdO4s8oPpM2AmK4DUqLl7UXEzAGKw15z2kvX/Oej8Q9TpY3njZG1sflIvQXX/FVb/908BtXHZP4dJjcjBg5vZvMK8wqoXLbyM1GhmC2vF6DADIrpTQoH1hwy/ElgBhQ7q6xzNzwBWIGh6gKfNzW7QEmk/pYyzDliofJDCdAQ4xMpz+gVYGJ3cr9U741g0T5HgWEfZCQ4I9EoDUG69l4ioxKDmcydJioVU3QUWDDVSOADzOvRcevZ2pHFPOEfxdCB35h4zzFmOZ1IlRHKza0PM9pr5jeQwlmutLPav41QttrFWmB4Of9gKJaRrBMvo0fBOEmVOkJMvnCD7LGExaRV3qsgwV33BLsD4SDpWxwC4b+Q2ODI8roXnFrfGU0DtHo3ATlpjwn99u+fatSUVxkZfKf5OSq+H9IcJ8rc6J2dGodvq81/haZ/VlZd16Y3u/TaHMvNe3NPmsyao1oBfzLZrBb47/OFxa0X9KpClLXf7LdknTkV857B+kow4tI9TPnUinZJpA4Xjv7fBZEkAd0/hMTFWDZ+a7VBuf0ZcpIR7foVqWJia7wGF8f9W1PMzEe8DYOJn5fgCgQCCrNvJwR7Vb8xia2AekUUE2iPtoPLJV3NtQKny6HSCxX3wkV9w25ZQctY+hr5ZsLFtxLDdiMz587odYX+b/JtiHuq62RNnobE6yeVHOMl5wr4bTTzaCgM2FAA8kgqap8ofUo0fISGy6jMUHL3k126OOm7cc08g==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM4PR11MB5438.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(39860400002)(346002)(396003)(366004)(136003)(86362001)(71200400001)(83380400001)(8936002)(55016002)(186003)(9686003)(53546011)(5660300002)(478600001)(6506007)(8676002)(52536014)(26005)(38100700002)(33656002)(66556008)(76116006)(966005)(66946007)(64756008)(66446008)(2906002)(110136005)(66476007)(122000001)(38070700005)(7696005)(316002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 4tzYZt66S3lQJ/Y3xh/U/MmndjxdGMpvtlJml5Fv3eXAQYxu3qs46bCx+f11YJNydFssyDQ5dskX0dQssrwxpOBXbeMy8o68nt49Iinj+S+oPC7IscMaLe5Utp1oWcbcvu7O9v79cOalSmQuF+mBUE99ETdWYtDFGX8dNFXFFT4a7yXBd6NUG4rRtHnMCY3fTvgoopbledBfO51ubz2gwmFAatHDO3nFnnFH3eFOFiNNTqmBe5qSYIieAKes2t9CT5XGZszxIZiFImMUX2g4+8WEOOodZgpOtHcrOfigcc2MoAJejKdKOEEr6ZtEUwWNpS3D39cQQQfTnD55EQ5xUZF4O1U5fbZQcY75eiP9NVyuFZPBCfFZ7hqQmCd7wPc3EYFcZk9H9bu5VvZ43DRFdNug31tw2cPLD8K6U7GYQ5F0zOms3C2s4eoGahtlLPzUgf4avPC4B4oUrdIacZPLDRlbI+/SlzMeW55UDXENhMSs6qA60NEPgZta6UHnKkXtqLH29o8Iq1bxOKk8TAoG0j9/+4b4a3lziwDYYuseiv2h2sdMYHe7JHR66uAKIQjyKVGOueNMdNsm4H2VF67YYdVh07j2fMzciTisNb0MuKdPIMJEBOeQEXifdsf+ITowC/IQnf9JPEAESLazL3/LX0dczFpXNkmfvaGwrXINXSvcZZWbZA8NR8LzTaV0BeGVoyUOZRKskbgmpUBTET93i5PUVHYqWAqjmONvzb7wRyrKTTc1EK27U44Zq7U2i9gZKdNcFIT/Q0+AwTKe7/r5SpK/HU2znQPYGauHBkFsmpkGTFvFp5aVczdUAEVtkufP4n1X1XGcukhaiBHXc2Oeg3ds96muj4TF0MYX+rqnAYMwjtOvBv7RaSmTd12cu1JQZokmH4KBe/U6xFbGC9aO6Vkj3J2KyQNWKDfr50F3UsByWOAbb/YZzSIJsi5DNdwlD6Imrl3SpVuSC5nJzheRCoaGWyDHL3BQ/Zjh9slkaeW900Y0Wr3xkKMJb8K9Dw2NWPF6wDfJZQCW55DcmJuHt4hlfBP+EAY9J3387CWfJHEDEPx8SqDxhFoxA+NnllIHMtjfIThoJYz+u8UwV3EOBUEzlA9/Z+y05UvGvGV6l9sSNF4pPunnaKbM/dgTYESn7eIEiXHeoD7ISeVtgUEztolvRFvl6GXZ3P7XJEdDnwbxZL5ik9t4+U7Qj5RNHIFbzDRkFfhRAOQduRghNH6Epbbky7ntstDnIgnxHKd68rJ1JuLEZJRJILWPPP6urmAvevc/JLnztpN66Rhj1XjC/uDJbi0Igtxm0eJ3QqauHd4pLLpkbR+7l19Bpv2Mi3+d
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM4PR11MB5438.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c2e6af5b-6bcf-4920-7135-08d953a5ed1d
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jul 2021 22:03:56.1608 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: prygfdikJ4nAtPMBcorIIHHT5pTYKpWQOafnaBwFUK4Lpazp68EUWPm1XBHfSpTpT1DRHD+XyCm2kODt5JXxcw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR11MB5437
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.21, xbe-aln-006.cisco.com
X-Outbound-Node: alln-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/LLJ6om2lYtdJulNVPCidv2YCEW0>
Subject: Re: [DNSOP] Moving forward on draft-ietf-dnsop-private-tld
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2021 22:04:15 -0000

Hi Roy, WG,

Roy, just for clarity, am I right to presume that the status of the document that you propose would purely be informational?

It is, of course, up to the WG to decide what to do with this document, but I would like to make a couple of comments that may help the WG.

I would like to somewhat echo a point that was made in DNSOP yesterday when this draft was being discussed, in that I don't believe that IETF should publish a document that either directly or indirectly undermines ISO TC46's ownership or authority over the ISO3166 code points.  I believe that this concern is likely shared by other ADs.

Hence, if the WG decides to progress this document with the proposed structure below, then I'm not convinced that just documenting that these code points exist and that some people use them would be sufficient.  Given the informal liaison feedback that was received, I think that the IETF would likely need to adopt stronger wording that proactively recommends that these country codes are not used for private networks, and highlights the potential problems with doing so.

Regards,
Rob
// Ops AD



-----Original Message-----
From: DNSOP <dnsop-bounces@ietf.org> On Behalf Of Roy Arends
Sent: 30 July 2021 19:21
To: dnsop <dnsop@ietf.org>
Subject: [DNSOP] Moving forward on draft-ietf-dnsop-private-tld

Dear WG

About 40 years ago, give or take, when Jon Postel planned to use the ISO3166 two character code elements as top level domains representing country names, ISO's TC46 secretariat was contacted (as was requested to users of the ISO3166 standard at the time) and he was told that the standard should not be used for DNS, as the future was in X.500. (Postel wasn’t swayed by the argument, and did what we now refer to as permission-less innovation).

Recently, the ISO was contacted again, and subsequently the WG was again told that the standard wasn’t to be used in this way. It seems that a handful of folks are swayed by the argument and want to use this as guidance for the future of draft-ietf-dnsop-private-tld.

Early on, Joe Abley proposed a way forward that I held off initially: Recognise that User Assigned 3166 code elements are used in various ways, including private networks, that these elements have not been delegated and are known to be used to anchor private namespaces. Do not recommend, promote or reserve anything, no registries. Document potential future pitfalls for using these codes for private namespaces and empower readers to make their own decisions.

I now see that with the current status quo, this might a way forward that both sides of the argument might come together on. Essentially, instead of making the pond safe, we’ll have a warning sign that using the pond is at their own risk.

I hope the WG can come together on this as a way forward. 

Warmly,

Roy



_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email