IETF Logo Mail Archive

[DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Adoption: draft-davies-internal-tld

Joe Abley <jabley@strandkip.nl> Tue, 06 May 2025 06:52 UTC

Return-Path: <jabley@strandkip.nl>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id D43B62536EB5 for <dnsop@mail2.ietf.org>; Mon, 5 May 2025 23:52:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=strandkip.nl
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gBxxalxbb4zt for <dnsop@mail2.ietf.org>; Mon, 5 May 2025 23:52:00 -0700 (PDT)
Received: from outbound.qs.icloud.com (p-east3-cluster1-host2-snip6-1.eps.apple.com [IPv6:2a01:b747:3006:201::e]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C4A8C2536EA7 for <dnsop@ietf.org>; Mon, 5 May 2025 23:52:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=strandkip.nl; s=sig1; bh=Z1rp76LucLfw40d2S3jVicgjdu9ttDBos7uF3kwOFi0=; h=Content-Type:Mime-Version:Subject:From:Date:Message-Id:To:x-icloud-hme; b=KJPAIJ9eIDAspK7t7UKBADVvX11uFOJB4uIrQtKWQjzTTDdyeal8bBEMZyhqpQDJk HcLYVF9fKBBN7noMasOwrATQ04JofveuBxbmIjzNNDvzc0ekX2IvEo9QbPBYaZrecm 5WKr3vt+kPrakNBQyShu8fRsvobh7vpQfVgMgEf/WLhjpZzRDmVbVZFGQLNw7MSx/S X2fDQEttGGsSCvLr5I4AAbNkm+tyK+fnzptx0DMGHDgl+rLyoZ/yDFQcGHfPI5QhlC YObGRcbPTEwlhcV8CRiqIUVDFDwqONLt36qiTPi8OB8mV2rbC/KX3S4iw51a76o91I 0bCRRjcFY74AQ==
Received: from smtpclient.apple (qs-asmtp-me-k8s.p00.prod.me.com [17.57.155.37]) by outbound.qs.icloud.com (Postfix) with ESMTPSA id 0FDD718003A7; Tue, 6 May 2025 06:51:56 +0000 (UTC)
Content-Type: multipart/alternative; boundary="Apple-Mail-5ACEEE98-1BE0-4182-8FF4-94C28B9E9D3D"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)
From: Joe Abley <jabley@strandkip.nl>
In-Reply-To: <FE00BF24-D21A-4BF1-94EA-3836B52921A6@virtualized.org>
Date: Tue, 06 May 2025 08:51:44 +0200
Message-Id: <0A838F51-F8F1-4972-9B33-C905B1507909@strandkip.nl>
References: <FE00BF24-D21A-4BF1-94EA-3836B52921A6@virtualized.org>
To: David Conrad <drc@virtualized.org>
X-Mailer: iPhone Mail (22E252)
X-Proofpoint-GUID: uqZR28CFlbUi1zd-Od8XxT-cySSrTKdY
X-Proofpoint-ORIG-GUID: uqZR28CFlbUi1zd-Od8XxT-cySSrTKdY
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40 definitions=2025-05-06_03,2025-05-05_01,2025-02-21_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 adultscore=0 mlxlogscore=947 mlxscore=0 bulkscore=0 clxscore=1030 malwarescore=0 phishscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2308100000 definitions=main-2505060064
Message-ID-Hash: ZDBZHGHUPFO4N5TERAK6RC7KBMXSD4U3
X-Message-ID-Hash: ZDBZHGHUPFO4N5TERAK6RC7KBMXSD4U3
X-MailFrom: jabley@strandkip.nl
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Paul Hoffman <paul.hoffman@icann.org>, Ben Schwartz <bemasc=40meta.com@dmarc.ietf.org>, Roy Arends <roy@dnss.ec>, Philip Homburg <pch-dnsop-6@u-1.phicoh.com>, dnsop@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: [Ext] Re: [EXTERNAL] Re: Call for Adoption: draft-davies-internal-tld
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/OcoyHszonGBKQAeT5LilSaE_INE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

On 6 May 2025, at 02:12, David Conrad <drc@virtualized.org> wrote:

> Out of curiosity, do you think https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml should be limited only to protocols the IETF has "control and authority” and are “implicated in IETF specifications”?

I don't think that that registry is usefully similar to the root zone. There's a long history of service names and port numbers being reserved other than by IETF documents, and I don't think the same can be said for the root zone. Maybe that doesn't matter but it seems like a difference. 

>> Another question, what is the difference between:
> 
> I’ll play!

:-)

I don't remember an I-D that mentioned CORP but perhaps I've just blanked out the memory as a defence mechanism. And sure, almost all of my answers were terrible, almost as if they were rhetorical. However:

>> 3. Nothing, in the sense that none of them require any special handling by DNS servers or clients.
> 
> Since this thread has been discussing whether or not there needs to be special handling of .internal (e.g., DNSSEC goop), this answer appears to be wrong.

I think this is an example of how 6761 is a bit vague. 

Adding INTERNAL to the special use domain names registry is the only useful purpose for this document, I think, which is why I think the adoption decision hinges on whether INTERNAL can usefully be considered special. 

I think special in this case means software changes are required in clients and servers, e.g. "use this other protocol to resolve names under LOCAL". I don't see that for INTERNAL, or CORP, or oweifeowihfoihewfwe, or whatever private-use 3166-alpha2 code I mentioned. I don't think INTERNAL is special in this way, and I don't understand why people who think INTERNAL is, in fact, special don't find CORP and friends special. 

I think specifying an insecure delegation in the root zone is something that this document could do, but I think it shouldn't. I think an IETF document directing the IANA to make a change to the root zone would be crossing the streams in the Ghostbusters sense, by which I mean it is not something that should be attempted casually. Any document that does something like that ought to be anchored in the IAB and littered with liaison statements and protective charms that describe all the ways in which this is a special and unusual situation. It shouldn't be the product of a working group. Making the contents of the root zone a matter of working group consensus seems like a terrible idea. 


Joe

v2.31.3 | Report a Bug | By Email | System Status