Re: [DNSOP] DNSSEC, additional special names & draft-chapin-additional-reserved-tlds-00.txt

Jim Reid <jim@rfc1035.com> Thu, 27 February 2014 12:55 UTC

Return-Path: <jim@rfc1035.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7493C1A028E for <dnsop@ietfa.amsl.com>; Thu, 27 Feb 2014 04:55:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_64=0.6, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J1hspOScc4YU for <dnsop@ietfa.amsl.com>; Thu, 27 Feb 2014 04:55:35 -0800 (PST)
Received: from shaun.rfc1035.com (smtp.v6.rfc1035.com [IPv6:2001:4b10:100:7::25]) by ietfa.amsl.com (Postfix) with ESMTP id 4FC4D1A0256 for <dnsop@ietf.org>; Thu, 27 Feb 2014 04:55:35 -0800 (PST)
Received: from gromit.rfc1035.com (gromit.rfc1035.com [195.54.233.69]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by shaun.rfc1035.com (Postfix) with ESMTPSA id B34E524212ED; Thu, 27 Feb 2014 12:55:30 +0000 (UTC)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Jim Reid <jim@rfc1035.com>
In-Reply-To: <alpine.LSU.2.00.1402271219440.13302@hermes-1.csi.cam.ac.uk>
Date: Thu, 27 Feb 2014 12:55:30 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <DC2770FB-A9E7-472D-A16D-2BFE5CA153AD@rfc1035.com>
References: <20140129055438.2402.qmail@joyce.lan> <97E20887-2B9C-4EAD-826B-043306605F88@fl1ger.de> <54BE75D7-E70B-46AB-93C1-042E655BB5E7@apple.com> <D0AC0015-63C3-4C03-A8D0-888C435D2775@virtualized.org> <20140226100311.E73CA1069B39@rock.dv.isc.org> <8FEAF0FC-2AC3-4F39-9825-7068AAA6E40D@hopcount.ca> <6F605B46-51AD-4A21-BA3E-5723AA843EC6@virtualized.org> <20140227021436.E957210702F7@rock.dv.isc.org> <7E284F2F-1A99-4E57-B7BD-46129AEDDD04@virtualized.org> <20140227074249.2972F107D273@rock.dv.isc.org> <B67B8708-66D9-4372-B3E4-58FBC3297E9D@rfc1035.com> <20140227115518.D4628107FA73@rock.dv.isc.org> <D27FE132-502B-46EE-8B55-CB71908BBEB8@rfc1035.com> <alpine.LSU.2.00.1402271219440.13302@hermes-1.csi.cam.ac.uk>
To: Tony Finch <dot@dotat.at>
X-Mailer: Apple Mail (2.1510)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/OY6QMgs3S0fsCVHN2nxU7a8SaC4
Cc: DNSOP WG <dnsop@ietf.org>
Subject: Re: [DNSOP] DNSSEC, additional special names & draft-chapin-additional-reserved-tlds-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2014 12:55:36 -0000

On 27 Feb 2014, at 12:21, Tony Finch <dot@dotat.at>; wrote:

> The problem occurs when common operating systems start shipping validating
> resolvers, then users will not be able to browse to http://router.home to
> configure their device.

An what do these users currently do when router.home or whatever doesn't resolve regardless of whether DNSSEC is involved?

IMO there is no actual problem apart from perhaps a minor inconvenience that's no different from the current (unsigned) failure mode.

Nothing to see here, move along...