Return-Path: X-Original-To: dnsop@ietfa.amsl.com Delivered-To: dnsop@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D2CC12DF72 for ; Mon, 4 Feb 2019 16:31:05 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.7 X-Spam-Level: X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=Uk3spj8t; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=HBQ1c9+s Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oAGOHRXhaqPB for ; Mon, 4 Feb 2019 16:31:02 -0800 (PST) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B86D112DDA3 for ; Mon, 4 Feb 2019 16:31:02 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 7A64822269; Mon, 4 Feb 2019 19:31:01 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Mon, 04 Feb 2019 19:31:01 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm1; bh=/ mDwCAJZ/IMn+RG0NWPgl5IvGMIm2zMeBUDL7U93lzo=; b=Uk3spj8tUjFAzKeIV pwCOuDioLtDqtquoeezZxBCquyf66oV40EZUuFY/j71TmQrFlmrn3x4Ah0Zf9ROi M0mquHltVDm/XgSTQAHZ85B4Ij3nTPoQkxLYcGKjxjaw+Bgo7NWOwsDoT9hyqvsV p3Sq12vo2XyvnMSFla3+W4xSKyuEouxZK8n5mB+06bBeAdVqWWh4pEdWPXtbm4ZM AsVLuQ9orzwSJ1tRa5vvGhdi2lBLscORa5YXdYujHH2rmf5LT+dxoN77Nxu5pq9/ 3wIO3ofGwsN4y37BBfzgePHtN64dvyrSjkzOLv+1W2VziyGCegSuYliKERcIKrT7 dVx9g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=/mDwCAJZ/IMn+RG0NWPgl5IvGMIm2zMeBUDL7U93l zo=; b=HBQ1c9+s+Hz4r7kBFFYfKjQGYBTqlt3Omi7gnIcpkqiLwqINnZQB1Vw7B 5I28ICFFAsb+gg8QYDTjpMAYH/iMMxfublceFm4Vt57DvObLDOSTxhd24sXP19RB Bm7H2s4anLbbDUSmWX+MzoE2Wdx81JJ2E5S7l5XlXlyf3D6eMXKqbR4JiK1HAYwg 75iqyIPQ7l6d7AbEI54E+5qYpWjO6yFgvJzR1bbfrIGjVsa4lEE4zji6D0J/Ytib HTC/6wykhqz3SUXoGeeU2Ze9oY9/uWjaqjJg3fyhPeYeQtnPVW9KjEQPkm99i8ur 6scgzlT0jb1o/vK/ptpxbCDiRy0DQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrkeehgddvvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthenuceurghilhhouhhtmecufedt tdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurheptggguffhjgffgf fkfhfvofesthhqmhdthhdtvdenucfhrhhomhepofgrrhhkucfpohhtthhinhhghhgrmhcu oehmnhhothesmhhnohhtrdhnvghtqeenucffohhmrghinhepughothgrthdrrghtpdhmnh hothdrnhgvthenucfkphepudeggedrudefiedrudejhedrvdeknecurfgrrhgrmhepmhgr ihhlfhhrohhmpehmnhhothesmhhnohhtrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from attitudadjuster.mnot.net (unknown [144.136.175.28]) by mail.messagingengine.com (Postfix) with ESMTPA id AF10D10318; Mon, 4 Feb 2019 19:30:55 -0500 (EST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) From: Mark Nottingham In-Reply-To: Date: Tue, 5 Feb 2019 11:30:50 +1100 Cc: Tony Finch , "dnsop@ietf.org WG" Content-Transfer-Encoding: quoted-printable Message-Id: <057BE2A8-2F36-4458-AE7A-8FC06ACF7C11@mnot.net> References: <0A018ACB-9958-4202-9263-00EA864E2C5C@mnot.net> To: Brian Dickson X-Mailer: Apple Mail (2.3445.102.3) Archived-At: Subject: Re: [DNSOP] Accounting for Special Use Names in Application Protocols X-BeenThere: dnsop@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IETF DNSOP WG mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2019 00:31:05 -0000 I've modified that slightly to come up with this proposal: """ HTTP and HTTPS URIs rely on some name resolution mechanism(s) to = interpret the authority field and ultimately convert it into an = identifier (typically, IPv4 or IPv6 addresses). Often, this is DNS = [ref]. When DNS is consulted for resolution of the authority field, this = specification requires adherence to the requirements that all registered = special use names [RFC6761] place upon applications; if they are not = honoured, security, privacy and interoperability issues may be = encountered. """ Make sense? Thanks, > On 9 Jan 2019, at 1:23 pm, Brian Dickson = wrote: >=20 >=20 > On Tue, Jan 8, 2019 at 4:21 AM Tony Finch wrote: > Brian Dickson wrote: >=20 > > I think it might be good to scope the 6761 issue, with something = like the > > following: >=20 > [SNIP] >=20 > > > I.e. it is necessary to recognize all special use names, and = necessary to > > > not resolve such names via DNS. >=20 > That's going too far: special-use domain names must have specific > instructions to application authors, which might say not to use the > DNS or might say to use the DNS as usual. >=20 > Hi, Tony, > You are, of course, right. I think what I meant was, for the specific = case of .onion, (what I said), > and for the general case, (what you said). I.e. wherever an RFC for = specific special use name exists, > as linked by the IANA registry, those particular instructions MUST be = followed, especially if not following > those rules might/would break things (like the case of .onion vs DNS). >=20 > Brian >=20 > =20 > David Schinazi's comment on the GitHub issue about referring to the = IANA > registry is good, and perhaps more useful than referring to RFCs = directly. >=20 > Tony. > --=20 > f.anthony.n.finch http://dotat.at/ > Trafalgar: Northeast 3 or 4, increasing 5 at times. Moderate. Fair. = Good. -- Mark Nottingham https://www.mnot.net/