Re: [DNSOP] Fwd: New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt

Paul Vixie <> Fri, 23 March 2018 18:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A9D02126579 for <>; Fri, 23 Mar 2018 11:40:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id OOA7PKnHZ7yV for <>; Fri, 23 Mar 2018 11:40:00 -0700 (PDT)
Received: from ( [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 35FFA124B18 for <>; Fri, 23 Mar 2018 11:40:00 -0700 (PDT)
Received: from [] (unknown []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id 93A087594C; Fri, 23 Mar 2018 18:39:53 +0000 (UTC)
Message-ID: <>
Date: Fri, 23 Mar 2018 11:39:46 -0700
From: Paul Vixie <>
User-Agent: Postbox 5.0.24 (Windows/20180302)
MIME-Version: 1.0
To: =?UTF-8?B?T25kxZllaiBTdXLDvQ==?= <>
CC: Bob Harold <>, dnsop <>
References: <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 23 Mar 2018 18:40:02 -0000

Ondřej Surý wrote:
> What’s so wrong of using TYPExxx for these if you absolutely need
> them to run the ancient technology while at the same time running the
> latest version of BIND (or your favorite DNS server)?

because i am loathe to break existing working configurations. when isc 
changed the value of allow-query to be LAN only, it took years to do as 
safely as we knew how, and even so there was some breakage.

> Your argument feels like strawman to me. And I am not the one sitting
> on a pile of passive DNS data, so I can’t pull the numbers...

we don't see a lot of intranet data, so that would not be dispositive. 
however, i urge you to reconsider your strawman-ish feelings. we are 
forever rebuilding the airplane in flight. the long tail matters.

> We are not taking the ability to put random TYPEnnn records into the
> zone, we are just saying the tools just won’t understand them
> anymore. Again nothing is going to break on the day one.

as long as people know what they're doing and are willing to convert 
their zones using tools unspecified, that's true. but you are chewing on 
the narrowest part of bert's camel here, at some risk, little gain.

P Vixie