IETF Logo Mail Archive

Re: [DNSOP] Interim DNSOP WG meeting on Special Use Names: some reading material

David Conrad <drc@virtualized.org> Fri, 08 May 2015 19:25 UTC

Return-Path: <drc@virtualized.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B1511B2B18 for <dnsop@ietfa.amsl.com>; Fri, 8 May 2015 12:25:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0oFNM_dbG4J0 for <dnsop@ietfa.amsl.com>; Fri, 8 May 2015 12:25:30 -0700 (PDT)
Received: from mail-pa0-f53.google.com (mail-pa0-f53.google.com [209.85.220.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 433231B29BB for <dnsop@ietf.org>; Fri, 8 May 2015 12:25:30 -0700 (PDT)
Received: by pabsx10 with SMTP id sx10so57330987pab.3 for <dnsop@ietf.org>; Fri, 08 May 2015 12:25:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:mime-version:content-type:from :in-reply-to:date:cc:message-id:references:to; bh=Kdw91sL8znTZABej2b83HhgPkZENZLq+KMWRwop/1gs=; b=AObRL1mfi3FWlXWuutUUHH4vXZxb/kqb7xcc7pL0ct4hikUSf/STNCvDGNyHxeu8r3 dOeIPunAOyodJLKJ/GM1Ptay/blp5Zf4fG3sWTBV8tfDNgZ9YYDTye7Clov6qganv1CI hY0rHDm0qPBWjjwGBT15APlZqphMRWKUQsvTaznsSTMNfsaSmBSnZn9EosZKeyT2qr46 bb4T22H2ONDRG4vJ7PyqxQhLqb/UyMgcV4X4eKtbrg0DUdXrAZ+3iRMeXoYHX4OgOauu b5LLD2NkA+p5BBHEBR4bBuH3JsWJ4DmkDdkcq78izjw61gIBnjeK9zxllct9/GjcIO1V ixIQ==
X-Gm-Message-State: ALoCoQkcHN/yv7EO7hXtshaF9m2OKW1CLzAAyF2ziUwK3giP+eYzfCmDyBUcn2xuPz0eaxBQtLnn
X-Received: by 10.70.46.161 with SMTP id w1mr1072047pdm.16.1431113129728; Fri, 08 May 2015 12:25:29 -0700 (PDT)
Received: from [10.0.0.5] (c-50-184-24-209.hsd1.ca.comcast.net. [50.184.24.209]) by mx.google.com with ESMTPSA id kn7sm5971671pab.10.2015.05.08.12.25.28 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 08 May 2015 12:25:28 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
Content-Type: multipart/signed; boundary="Apple-Mail=_D5792225-4727-4330-84A6-30DE95D7E08B"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5b6
From: David Conrad <drc@virtualized.org>
In-Reply-To: <554CF750.6000807@gnu.org>
Date: Fri, 08 May 2015 12:25:26 -0700
Message-Id: <3C0ED4EA-F613-47EE-B85B-55B3B05BD7F8@virtualized.org>
References: <D5D3A5AC-41B5-4872-B973-2752275D651E@gmail.com> <D170E3E4.1011F2%jason_livingood@cable.comcast.com> <20150508013042.3B9252DEAD71@rock.dv.isc.org> <EF4521EF-8D06-403E-8869-8F2D4DDE76B8@virtualized.org> <554CF750.6000807@gnu.org>
To: hellekin <hellekin@gnu.org>
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/PyqbMsDrl70L359XMRNIkKcOrkI>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Interim DNSOP WG meeting on Special Use Names: some reading material
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 May 2015 19:25:32 -0000

Hellekin,

On May 8, 2015, at 10:50 AM, hellekin <hellekin@gnu.org> wrote:
> >> "home", "corp" and perhaps "mail" need special handling if we really
> >> want to not cause problems for those using those tlds internally.
> >
> > Why?
> >
> these are the 3 names that were identified as posing operational
> hazards by SSAC and both ICANN name collision studies.

Yes, quite aware of Lyman's and Mark's draft, in fact I commented on it earlier on this mailing list (http://www.ietf.org/mail-archive/web/dnsop/current/msg13604.html).

The justification for removing home/corp/mail primarily appears to be "because they showed up 'a lot' at the root servers". Without characterizing this a bit better, it seems to me it would be trivial to set up situations to move pretty much any undelegated name to the "Special Names" registry -- just fire up a few thousand zombies to query names in the TLD you want removed using random source addresses.

Perhaps something like two or three standard deviations over normal noise at the root servers for undelegated TLDs over a period of months? Of course, that would require an ability to actually collect that sort of data over long periods of time and wouldn't completely protect against the trivial attack above, but I figure it'd be better than subjective evaluations of 'a lot'...

Regards,
-drc
(ICANN CTO, but speaking for myself only. Really.)

v2.23.0 | Report a Bug | By Email