IETF Logo Mail Archive

Re: [DNSOP] Status of "let localhost be localhost"?

Tony Finch <dot@dotat.at> Sun, 13 August 2017 17:19 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC751132646 for <dnsop@ietfa.amsl.com>; Sun, 13 Aug 2017 10:19:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RJNIHiPvuiBD for <dnsop@ietfa.amsl.com>; Sun, 13 Aug 2017 10:19:47 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 767E11324E5 for <dnsop@ietf.org>; Sun, 13 Aug 2017 10:19:47 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 91095210A4; Sun, 13 Aug 2017 13:19:46 -0400 (EDT)
Received: from frontend2 ([10.202.2.161]) by compute4.internal (MEProxy); Sun, 13 Aug 2017 13:19:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= fm1; bh=UuIpGj1IVoebWZ//m79rJbhChD+s6mJP50A4zbWDDWA=; b=GBO4sJwD q4WKJv2Es0Pf8m+FsBdkD9D8BZk183lVZk1RjJ8ikRkdhvWd2qymbpCZDYn5uQJF 9vcTcvCSrQjBSS4OzLLfmbOOhM/AFbGflGkP6VTEsLaHSFGQg/9iNki7h9KCGfNU hf+xfSf6bnqMGeaNltanDIbdZChQ84tM9q03ZuGraA00++0Bl2cLTmEqm62HS7Qz pqWT9S2xI1jKMlfLuNHD7EckfMp1OudjTRg2FnGGd6ekFJIal1ap0rb7VUVLb6xf HXU1nTCFkkMzfoHFoW0kgxQrLVm3DwsHI0EGh2g1MBvR45uow6nhDeCcfC/sD+2X dBvnQz7eT8W7AA==
X-ME-Sender: <xms:MoqQWRjHWeMiphJYd48TBs9HWkevQbjHTabp8a4GRO42NwMmS4dtbA>
X-Sasl-enc: pbhjXTtXEdtJ6kWGX6h0FQDYeSCXm1+F2H0TQn9mv3h4 1502644786
Received: from [10.37.0.155] (188.29.164.105.threembb.co.uk [188.29.164.105]) by mail.messagingengine.com (Postfix) with ESMTPA id 223F924697; Sun, 13 Aug 2017 13:19:46 -0400 (EDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-16907341-FD7E-46F3-AFFA-43CB23B1EA77"
Mime-Version: 1.0 (1.0)
From: Tony Finch <dot@dotat.at>
X-Mailer: iPhone Mail (14G60)
In-Reply-To: <42C048AD-E5BC-4D13-BE26-F9ED5D049FC9@fugue.com>
Date: Sun, 13 Aug 2017 20:19:40 +0300
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, dnsop <dnsop@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <C12D3CFC-74DF-49C1-8947-863D49EEEEA5@dotat.at>
References: <20170812170958.14197.qmail@ary.lan> <B21C539E-75AF-43F1-B6B0-4BDC25C6D670@fugue.com> <4544C6A8-5591-454F-9E94-F3CADD3CDD2D@vpnc.org> <42C048AD-E5BC-4D13-BE26-F9ED5D049FC9@fugue.com>
To: Ted Lemon <mellon@fugue.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/LTvQHBBmgtrV9QJ_bBvMczbcSxo>
Subject: Re: [DNSOP] Status of "let localhost be localhost"?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Aug 2017 17:19:50 -0000

> On 12 Aug 2017, at 22:35, Ted Lemon <mellon@fugue.com> wrote:
> 
> That is, the title of the document should be "DNS servers should return NXDOMAIN for localhost" and the abstract should say why, and then the bit about stub resolvers translating "localhost" to a reachable identifier for the localhost such as 127.1 or ::1 should be the thing that's mentioned as an aside.

RFC 6761 requires recursive servers to return positive 127.0.0.1 and ::1 responses, not NXDOMAIN. I can't see an explanation in the draft for the change to NXDOMAIN.

https://tools.ietf.org/html/rfc6761#section-6.3

Should there also be some text about the wisdom (or otherwise) of localhost entries in public zones? E.g. localhost.cam.ac.uk - see also http://seclists.org/bugtraq/2008/Jan/270 and the follow up messages from Florian Weimer and David Malone.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at

v2.23.0 | Report a Bug | By Email