Re: [DNSOP] ALT-TLD and (insecure) delgations.
Suzanne Woolf <suzworldwide@gmail.com> Fri, 03 February 2017 20:49 UTC
Return-Path: <suzworldwide@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80E8212998E for <dnsop@ietfa.amsl.com>; Fri, 3 Feb 2017 12:49:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7uU5gKynjb9d for <dnsop@ietfa.amsl.com>; Fri, 3 Feb 2017 12:49:14 -0800 (PST)
Received: from mail-qt0-x236.google.com (mail-qt0-x236.google.com [IPv6:2607:f8b0:400d:c0d::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08FA012997F for <dnsop@ietf.org>; Fri, 3 Feb 2017 12:49:13 -0800 (PST)
Received: by mail-qt0-x236.google.com with SMTP id x49so53280089qtc.2 for <dnsop@ietf.org>; Fri, 03 Feb 2017 12:49:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=D4o+XeOawiEWuzYHmG3OgNqDMf9PoRlHJnHS0yJLRKY=; b=kCfD2kYMDUWitvOv0tpN2HOsk7L6SkoRFx+thdhwCR47bUdFErWEfbCEa95hRSsZfN 8mPkVhhA/iaOIbJxtCFxRFedSX1K8rzGGrac9zHEFcdVxAFsz86jVDRmLE7Wa5vvJ0ma MLhZN3YiuXnp8HY1m19gUbfDvrYVAqfG/sFlrnnxvTrdlSxTx4DE2yEAc5SqueWijtRn jBVdwl/pEynnU/t7vQ2fHeF5/jiypPk3xc+4ayuHQHvh6EYFzLhut4k/Ij4MSX3bziqZ KmQsJrjvZcQtYsUf2vaWeN8Tk5Pf2SYwu6dYTgPXNKyo2iELPzsmXtSe1zJiXItWwSho RQZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=D4o+XeOawiEWuzYHmG3OgNqDMf9PoRlHJnHS0yJLRKY=; b=HZR6rMQ/ehhmgylFZAfC5hYeOwRxOZMOnpkkHQ3IPcOV9X6Zy5VQiLDw+WVyczZdSk PUOsc1ZKvXZrAPwyf/4I3jCgvghpOV66/djUUt09ORjevCDQh2VmiZ4x3CxYYKHFz+xE nG8TALhtt6zukWO3CMEhhsY4cOq3mg1WFyjjrWBDl5FNSjr6Tha3/ipnTcKq1kXP8Aub WNFmWDZi8NVDbhAUq0cRI6l8JwdCwrjMTIE2hwXUFSuM7oZG/gZJaNQiKz57eOFItHEw 4jaUiMlIoLJDhXfZpT3nrK5OMnN0KcmK+3IvpL7vVUqpP9qbS78pMwiLMb6q5L5NNi0z lZHg==
X-Gm-Message-State: AIkVDXKJ2K0pzSQdtjQF+mdG3QHDlmDtiOBfV8uifUm0eDg9rnRtsx3i3ill3QUar50vQg==
X-Received: by 10.237.51.37 with SMTP id u34mr16147489qtd.40.1486154952998; Fri, 03 Feb 2017 12:49:12 -0800 (PST)
Received: from [10.0.0.19] (c-24-63-89-87.hsd1.ma.comcast.net. [24.63.89.87]) by smtp.gmail.com with ESMTPSA id y189sm25428154qky.39.2017.02.03.12.49.12 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 03 Feb 2017 12:49:12 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: Suzanne Woolf <suzworldwide@gmail.com>
In-Reply-To: <9E3BFAAD-1F39-457B-95F1-A9E99B75151E@gmail.com>
Date: Fri, 03 Feb 2017 15:49:10 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <7A477809-D794-4443-AA0F-E3CCF1203A4B@gmail.com>
References: <CAHw9_i+8PA3FQx8FqW-xQ_96it7k-g5UrMB7fxARUi1gwQ++hw@mail.gmail.com> <CA+nkc8AhLe7nbPRkGixi93SGNZQhw+TACUDa8=pGsWM5YHJE0w@mail.gmail.com> <C75FC005-ED38-436B-A93E-C2D2B7CDDE9C@gmail.com> <1B8E640B-C38E-4B76-A73D-7178491A9D7B@fugue.com> <20170201214226.66A4061165DC@rock.dv.isc.org> <9E3BFAAD-1F39-457B-95F1-A9E99B75151E@gmail.com>
To: Ralph Droms <rdroms.ietf@gmail.com>
X-Mailer: Apple Mail (2.2104)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/QFz4P4I02mdSKtr6v0Af-9hp2U4>
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] ALT-TLD and (insecure) delgations.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Feb 2017 20:49:15 -0000
Hi, To sharpen the question slightly…. > On Feb 1, 2017, at 5:11 PM, Ralph Droms <rdroms.ietf@gmail.com> wrote: > > >> On Feb 1, 2017, at 4:42 PM, Mark Andrews <marka@isc.org> wrote: >> >> >> In message <1B8E640B-C38E-4B76-A73D-7178491A9D7B@fugue.com>, Ted Lemon writes: >>> >>> On Feb 1, 2017, at 3:50 PM, Ralph Droms <rdroms.ietf@gmail.com> wrote: >>>>> It appears to me that requesting an insecure delegation is the right >>>>> thing to do, as a "technical use". We have, so far, been very careful in >>>>> what we ask for. If ICANN does not agree, then we can discuss other >>>>> options. >>>> >>>> I agree. >>> >>> I'm confused. The .ALT TLD is expected to be used for non-DNS name >>> lookups. So isn't a secure denial of existence exactly what we want for >>> .ALT? >> >> No. >> >>> What is the utility in having an un-signed delegation? >> >> Alt can be used for whatever purpose that the user wants to use it >> for including names served using the DNS protocol. > > The draft restricts use of .alt as follows: > > This label is intended to be used as > the final (rightmost) label to signify that the name is not rooted in > the DNS, and that normal registration and lookup rules do not apply. > > ...which would lead me to believe .alt would not be used for names served using the DNS protocol. > > However, the phrase "not rooted in the DNS" might need some clarification. > > In particular, would ".homenet.alt" be OK, as it is a locally-served zone, not a subdomain of the root zone? As a slightly broader question, what does the WG want .ALT to do? More specifically, perhaps, what problems discussed in draft-ietf-dnsop-sutld-ps-02.txt do we want it to solve? The WG can agree to change the current text, but I think the WG needs to agree on the purpose of ALT, as that seems likely to make it easier to decide what behavior we want to specify for it and, in turn, how it should be implemented. Suzanne
- [DNSOP] ALT-TLD and (insecure) delgations. Warren Kumari
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Robert Edmonds
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Bob Harold
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ralph Droms
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Mark Andrews
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Bob Harold
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Mark Andrews
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ralph Droms
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ralph Droms
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Warren Kumari
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Warren Kumari
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Mark Andrews
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Stephane Bortzmeyer
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Suzanne Woolf
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Suzanne Woolf
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Suzanne Woolf
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ralph Droms
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Andrew Sullivan
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. George Michaelson
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Andrew Sullivan
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Andrew Sullivan
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ray Bellis
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Mark Andrews
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Mark Andrews
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Suzanne Woolf
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Olafur Gudmundsson
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. John Levine
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. John R Levine
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ólafur Gudmundsson
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Jim Reid
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ralph Droms
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ray Bellis
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ólafur Gudmundsson
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Suzanne Woolf
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ray Bellis
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Suzanne Woolf
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ray Bellis
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Tony Finch
- Re: [DNSOP] ALT-TLD and (insecure) delgations. John Levine
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ray Bellis
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Woodworth, John R
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Stephane Bortzmeyer
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Stephane Bortzmeyer
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Ted Lemon
- Re: [DNSOP] ALT-TLD and (insecure) delgations. Stephane Bortzmeyer