Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
Paul Vixie <paul@redbarn.org> Sun, 24 June 2018 03:36 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD73A129619 for <dnsop@ietfa.amsl.com>; Sat, 23 Jun 2018 20:36:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UZoRQAEN9XEL for <dnsop@ietfa.amsl.com>; Sat, 23 Jun 2018 20:36:11 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A169124BE5 for <dnsop@ietf.org>; Sat, 23 Jun 2018 20:36:11 -0700 (PDT)
Received: from [IPv6:2001:559:8000:c9:884e:32fa:afac:1c20] (unknown [IPv6:2001:559:8000:c9:884e:32fa:afac:1c20]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id E1B0189298; Sun, 24 Jun 2018 03:36:10 +0000 (UTC)
Message-ID: <5B2F11AA.1050002@redbarn.org>
Date: Sat, 23 Jun 2018 20:36:10 -0700
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 5.0.25 (Windows/20180328)
MIME-Version: 1.0
To: Joe Abley <jabley@hopcount.ca>
CC: dnsop@ietf.org
References: <b73f3dc7-b378-d5d8-c7a2-42bc4326fbae@nic.cz> <alpine.DEB.2.11.1806191428250.916@grey.csi.cam.ac.uk> <CAJhMdTO2kj+nUqESg3ew=wwZuB9OzkJE6pST=mae7pHiEk4-Qw@mail.gmail.com> <20180623210416.GA12346@mournblade.imrryr.org> <CAJhMdTNzOUSjTmnorzrJze9F7Gcc+eWAjqii_4uJ4UmJPvQC-Q@mail.gmail.com> <5B2F05AE.3060306@redbarn.org> <CAJhMdTNzvQe3=vrRODYTrfr7JEfqU9R0QBf9o=P2BMBhJdxrJA@mail.gmail.com>
In-Reply-To: <CAJhMdTNzvQe3=vrRODYTrfr7JEfqU9R0QBf9o=P2BMBhJdxrJA@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/O_cErPhAlAkPRi3a10l-gOx30iw>
Subject: Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Jun 2018 03:36:13 -0000
Joe Abley wrote: > On Jun 23, 2018, at 22:45, Paul Vixie<paul@redbarn.org> wrote: > >> Joe Abley wrote: >>> I think a pragmatic solution needs to work in unsigned zones. >>> >>> ... >> can someone ask the IAB to rule on whether any new internet technology standard should address unsigned DNS zones, or for that matter, IPv4 networks? >> >> "let's move on." > > I agree with the sentiment, but in practical terms in 2018 I think > this is just a recipe for more DNS extensions without standardisation, > which will not help customers who want diversity in providers or who > want to be able to switch providers easily. yes, i know, and i'm strangely OK with that. market chaos will be painful, and could drive dnssec adoption, if the only standard way to get some cool new thing is if you have an NSEC bitmap to work with. we should have cut off EDNS-incompatible name service clients and servers who could not either implement, or signal nonimplementation successfully, after 2004. five years should be enough, but only ever will be enough if there's Tough Love somewhere in the equation. > To the example at hand, enterprise DNS providers have already > implemented XNAME-like functionality in unsigned zones and and are > selling it. If they can't easily support a standardised mechanism, > they're going to carry on selling what they have. right, which will hurt their addressable market calculations. bring it on! > ... > > If there was a visible horizon where DNSSEC was in widespread demand > and a zone being unsigned was unusual, I would think differently. "cart, meet horse." -- P Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] faux BNAME, was abandoning ANAME and … John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Jan Včelák
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Ebersman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… David Conrad
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ondřej Surý
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Wouters
- Re: [DNSOP] abandoning ANAME and standardizing CN… Matthew Pounsett
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Colm MacCárthaigh
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Anthony Eden
- Re: [DNSOP] abandoning ANAME and standardizing CN… Erik Nygren
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Jared Mauch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Wouters
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Lanlan Pan
- Re: [DNSOP] abandoning ANAME and standardizing CN… tjw ietf
- Re: [DNSOP] abandoning ANAME and standardizing CN… Colm MacCárthaigh
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- [DNSOP] abandoning ANAME and standardizing CNAME … Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Viktor Dukhovni
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Shumon Huque
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Viktor Dukhovni
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… 神明達哉
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Shumon Huque
- Re: [DNSOP] abandoning ANAME and standardizing CN… Warren Kumari
- Re: [DNSOP] abandoning ANAME and standardizing CN… John R Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Lanlan Pan
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… John R Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Warren Kumari
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- Re: [DNSOP] Creating a query/record for A and AAAA Michael Sheldon
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- [DNSOP] Creating a query/record for A and AAAA Michael Sheldon
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Wouters
- Re: [DNSOP] Creating a query/record for A and AAAA Mark Andrews
- Re: [DNSOP] Creating a query/record for A and AAAA Tony Finch
- Re: [DNSOP] Creating a query/record for A and AAAA Ondřej Surý
- Re: [DNSOP] Creating a query/record for A and AAAA Jared Mauch
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Wouters
- Re: [DNSOP] Creating a query/record for A and AAAA Ray Bellis
- Re: [DNSOP] Creating a query/record for A and AAAA Ray Bellis
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tim Wicinski
- Re: [DNSOP] abandoning ANAME and standardizing CN… Brian Dickson
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Hoffman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Matthijs Mekking
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Dan York
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… JW
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman