IETF Logo Mail Archive

Re: [DNSOP] unrelated name server name recommendation

"Wessels, Duane" <dwessels@verisign.com> Mon, 04 March 2024 19:23 UTC

Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17A2CC17C8A9 for <dnsop@ietfa.amsl.com>; Mon, 4 Mar 2024 11:23:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZNrNgFED4VTu for <dnsop@ietfa.amsl.com>; Mon, 4 Mar 2024 11:23:00 -0800 (PST)
Received: from mail1.verisign.com (mail1.verisign.com [72.13.63.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 140DEC180B49 for <dnsop@ietf.org>; Mon, 4 Mar 2024 11:22:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=7778; q=dns/txt; s=VRSN; t=1709580151; h=from:to:cc:date:message-id:references:in-reply-to: mime-version:subject; bh=B4bIXjrCQUX0tBk6FIsSwvqd8mg+BWYPc6PF9GklKKw=; b=d6/5ddlnuhS5wrKoU1e0J0WWVn1jam2sm4zrDdBM1kk6fuRes4rbAbco AV/bS2CraF+WF9r8FtFLK5fNSaX+MWC+6MgfxZQAcqX9uhd05wQ5hNI0o DzYCt/nQLgfVSrYeKa2JJULcwBGxklJRpP2JOASlFQpQh4Qt/S8Oya9dm TdMRupVWY1u5HeNVRUvoO593ahSCU3nDe9YMsvKnyx7ds2/AMMTR7NfLP nlhWYopjXbIy9+ChTSjhg6X4yiLrrzb1dcBUSFEsMy7jFJyr775h1MjFu D8HKNtUi6TtwVW/rPOabctL51aOY4uyxcZyaPb2XvJ34VcmZ1IlKcZ6R2 w==;
X-CSE-ConnectionGUID: e6PBeqpQRpaYqua6G8cF1w==
X-CSE-MsgGUID: NRAVW6R7S+2atObFN41pUA==
X-ThreatScanner-Verdict: Negative
IronPort-Data: A9a23:R9FQX6iXFDhHH5VMtj9I6wTZX161ZhcKZh0ujC45NGQN5FlGYwR3n yJfBTDVa7vTPTzqO4IlK4qrthNR58eRi5Q2eLZe3WpoTndH79KaHrx1RW+gYC7LcJWYFB89s p1HN4LKcZxvEXHW+Un1a7LqpnMgjK/XG+emVeKZaywvSVQ6FCt51xs4l7cz3oJh0YDjCF7V0 T+eT6MzHXf8s9IjGj5Os/LrRGpTlPTupCtK+Rs5butT+lPfmHgeAYgDY6q2KiNSqyO9I4aGq 534IM2Ew0vZ4ws1WJTiirX6N0oBWaaUMQmBi3FbQbTkiR9H/gFxiizT/KscdVtP2XKCltt80 pNWpJm5VBspeKbLnaMYSxpZVC1/MqxN9aXbKiKkscWJwkHddnrpzv5nSkosIdUtx45L7Rp1G YAlxEolNlbb79+ewK6nUvI+wYM8M9atMIIQu3pt1y2fBvEjBrv7eP1gDHSln2+ab2uudcoyH PH1HgeDFjycJUUnB38XFI4mh7XvwWbgbHtUqV2Urqct/y7Yywk2+4DWaHA80SHJHW+8NaYyT 8kr1mLoai32T+dzvgdpiFrwwLenoAv7RJ4KD+//seF1nxufx2MSAxAMSR2wpvz+kFa3Hs9Wc yQoFlEVQd8PGDaDEp+lNyCQoGKYpgVOHJ1PDPJ85ACCy6HZ+RrfDW8BCSRZYZk7vZccLQDGr WRl6O4FfxQz9uX9dE+gy1u0kd+TESNOIzMIa3VYF1ZUsoa4+4xp3kLBH488TP6/g4ypEz39n 2na/SMzue4e3JUBv0mZEfIroBr3/8SUEVRljunzdjj4hu+sTNf9P+RE0XCCsLAYat7fFwHd1 JQ9s5D2xPgUCp2QnzC6TuwIHbW4j96IKzS0bWRHRvHNzBzzvSb9FWxsyGsmfhsxaZ5YIWSBj HL74mu92rcCZBNGUocqO+pdO+xypYD8GNLsUOzjb9YmSvCdoyfeoUmCzWbJt4zcuBBEfZMXY P93Qu71ZZouMpmL+RLtLwsr+eRymn1hnzO7qafTlHxL2ZLGDJKcYeldbAvWNojV5ovcyOne2 44328dnV3yz+QAxC8Xa2dd7ELwEEZQ0LZ2ok+Zab/a6GBJvKXg8AqH+kbgPIpMwysy5ls+Ql p28cmVi7gPAo1D3cV/MdHtkcqupVJo5s2ggO2onOlPAN3oLON7ptfhEMcJqJv97pYSPztYtJ xUBU8mfD+9URzDc0yoQd5jmrYNkMh+sgGpiOgL+PWFuJcE9G2Ql/PfCRCLRy3c0URH078Iih LeO8F+CWacqElEK4MH+LajHI0mKlWAUheZaWUzIK8VIPk7lmKByIjH126NvOcwAIxzZwH2dz Qm+DRIRv+KLooIp/p/On6/sh4uvCOxmNktXA2ed6qy5XRQ25UKp24kZT+CFbWiHEXjq4uOnZ P4Qxfa6OucBxRBUqZF6Vb1syMrS+ufSmlOT9Sw8dF2jUrhhIuoIzqWutSWXipBw+w==
IronPort-HdrOrdr: A9a23:MFVq16iybbfYejg8O/fBYLykR3BQXvkji2hC6mlwRA09TyXBrb HLoBwavSWZtN9jYgBGpTngAtj7fZqyz/5ICOUqV4tKGTOW3VdAT7sSkLcKoQeQeBEWn9Q1vc xdmupFeb/N5DNB4voSlTPYLz9W+re6Gc6T6Ns2hE0dKz2CI5sQljuQmm6gYzVLrSd9dOEEKK Y=
X-Talos-CUID: 9a23:MiCxXm7koYLoM3DMatss+RAsMM08akTn1H7hOlKxV0k5Q5PMVgrF
X-Talos-MUID: 9a23:7NBkQgqHz+OEDu5jc84ezxdYHflXvZ7xMwNXmIkhseeiaXVoBh7I2Q==
X-IronPort-AV: E=Sophos;i="6.06,204,1705363200"; d="p7s'?scan'208";a="35192754"
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Mon, 4 Mar 2024 14:22:29 -0500
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) by BRN1WNEX01.vcorp.ad.vrsn.com ([10.173.153.48]) with mapi id 15.01.2507.035; Mon, 4 Mar 2024 14:22:29 -0500
From: "Wessels, Duane" <dwessels@verisign.com>
To: Paul Wouters <paul@nohats.ca>
CC: Paul Vixie <paul=40redbarn.org@dmarc.ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [EXTERNAL] [DNSOP] unrelated name server name recommendation
Thread-Index: AQHabmlM3Si0+ar6RkioUtb5ret2eg==
Date: Mon, 04 Mar 2024 19:22:29 +0000
Message-ID: <30C0B3BF-4156-4AA1-AD59-D3520A981CDF@verisign.com>
References: <978e2792-1cdf-b33e-532f-83356a5f1ff2@redbarn.org> <BE280DCA-104F-49AB-B28E-9C703E65E213@nohats.ca>
In-Reply-To: <BE280DCA-104F-49AB-B28E-9C703E65E213@nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3731.700.6.1.1)
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; boundary="Apple-Mail=_43C41A5C-62A7-40A9-BD7A-700E75C608BB"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/N2LxdTq7irPqeITSsLfc_izNgJQ>
Subject: Re: [DNSOP] unrelated name server name recommendation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2024 19:23:04 -0000

I understood Fujiwara’s proposal to be slightly different:

If you are a DNS provider (hosting other zones) then the provider should use in-domain name servers.

DW


> On Mar 4, 2024, at 3:14 PM, Paul Wouters <paul@nohats.ca> wrote:
> 
> On Mar 4, 2024, at 14:04, Paul Vixie <paul=40redbarn.org@dmarc.ietf.org> wrote:
>> 
>> 
>> 
>> this means a zone will always be reachable through at least one in-zone data path (name server name and associated address records.) the result would be that a full resolver would never have to pause its current lookup while searching for address records matching an out-of-zone name server name.
>> 
>> i think it's a solid recommendation,
> 
> It means every registrant, who doesn’t know about DNS, has to create host objects for glue and whenever the ISP changes nameserver names (eg gets bought, sold or merges), or IP address, the ISP has to talk to the registrant to fix things at their registry. I can promise you those in-domain name servers will quickly become very unreliable.
> 
> Paul
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://secure-web.cisco.com/1a3MNvrMgvJke3ozLjb1HCuRHhuKPU4kcf25J9eCUq4p-aOa0Aqy6qmiTdxMr02KJy3Ai80ZFNKl9j_c-7cA3MZpUD5480mMQT5pKWiSiUhWWeiTjjFCC6bZdqrh-FHCqvl1sM64AGrDIt4zjPKgcxERVilTSw7U3KPYhiGQ1IMY8wwa-dVkcU7s4T0z9flJabKEE7sH-IvWVC-Sv4i0fKZUk1g-ek5vkhx5JIA8TeMvtjP17WZaKrO79M9HpU6TNwB0ypkRbRMX8btrJZ9nSBar6W3gL2W4TKNRPrzyBFB8/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fdnsop

v2.23.0 | Report a Bug | By Email