IETF Logo Mail Archive

Re: [DNSOP] [Ext] draft-schanzen-gns and draft-ietf-dns-alt-tld

"Schanzenbach, Martin" <mschanzenbach@posteo.de> Wed, 03 August 2022 07:36 UTC

Return-Path: <mschanzenbach@posteo.de>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1710CC14CF16 for <dnsop@ietfa.amsl.com>; Wed, 3 Aug 2022 00:36:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=posteo.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aPrAUG06vNPH for <dnsop@ietfa.amsl.com>; Wed, 3 Aug 2022 00:36:35 -0700 (PDT)
Received: from mout01.posteo.de (mout01.posteo.de [185.67.36.65]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A15A4C14F72C for <dnsop@ietf.org>; Wed, 3 Aug 2022 00:36:35 -0700 (PDT)
Received: from submission (posteo.de [185.67.36.169]) by mout01.posteo.de (Postfix) with ESMTPS id 24FFF240027 for <dnsop@ietf.org>; Wed, 3 Aug 2022 09:36:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017; t=1659512192; bh=s0+DBWEuRtDwogcMY8U2eSjiBCwAaJoetNR6mhahKAA=; h=From:Subject:Date:To:From; b=citIeAv4GsibicFvFdziff7rxqBQz/92CInRDCdSZeEmR5Fid1AqFUnTFTAmI9IJe agtguKUBbldvKK4KiuTgHXFEeXzKNBMe5gBIspbqNyYCPkMXiWwhX4dY4pBXYk45co yxvcxFtb0nyWUPwG8BxwrVb5JFf3Qy62nL9SbE6CJOJxLlXu7KsV72N289kKC0vWxe RWjttgb1uOn1vIvxOAetBRzV2ijQB+aDjM4KQw/PcInXVlnYIYmk5SZhV0lO0bA8Zr vRMF4/vuKluY/DkB7x7OlpdtU9mP9U8Lo4n6V0tXhbeUXjMWBAEux/nvwN1L5a9rQZ ekV/yNbw6Szlw==
Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4LyNvz0C2Qz6tnX for <dnsop@ietf.org>; Wed, 3 Aug 2022 09:36:30 +0200 (CEST)
From: "Schanzenbach, Martin" <mschanzenbach@posteo.de>
Content-Type: multipart/signed; boundary="Apple-Mail=_2656C1A1-7F18-4299-AC03-22807030FDAB"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\))
Date: Wed, 03 Aug 2022 07:36:28 +0000
References: <91abb9ac-9d3b-87bf-5639-174581d625fd@rfc-editor.org> <5D598E6D-932F-4855-8D5F-C2DEDD20738C@icann.org> <20220802193440.2btqhcys6f3cqpwz@crankycanuck.ca> <1659470522-sup-5316@werkbank>
To: dnsop <dnsop@ietf.org>
In-Reply-To: <1659470522-sup-5316@werkbank>
Message-Id: <79B41983-E6C8-4F6F-A5BD-16F58B035068@posteo.de>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/QbJDBCAmXVatCJ0pv3Wb9jXj1V4>
Subject: Re: [DNSOP] [Ext] draft-schanzen-gns and draft-ietf-dns-alt-tld
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2022 07:36:40 -0000

Having now read further I am pretty convinced that the advisory is not useful in the context of this thread discussion.
Ist sais at the end that [1] was the "impetus" for the advisory.
However, [1] states that

"Why not use .alt?
   The proposed .alt presudo-TLD is specifically only for use as a
   pseudo-TLD for non-DNS resolution contexts.  At one point .alt was
   being considered both for DNS and non-DNS resolution contexts, but,
   after much discussion it was decided that the DNSSEC implications
   (and desired behavior) meant that .alt should be reserved
   specifically for non-DNS resolution."

and

"
Why not use something.arpa?
   This is indeed an interesting idea.  I suspect that it fails the
   semantically desirable / understandable case, but is definitely worth
   further discussion.  It may also cause issues when server operators
   override part of the .arpa domain in order to instantiate
   something.arpa.
"

So, I am pretty sure we are back to square one and this advisory (or rather its result) is specifically NOT meant for systems like GNS.
In fact, I would even argue that the advisory itself argues that this work is supposed to be done by IETF (see page 5 of the document):
"
In this document, the SSAC limits its discussion to private-use TLDs intended for use with the DNS protocol and for private use only. Many private-use TLDs, such as .onion and .gnu, do not use the DNS protocol or DNS infrastructure. The reservation and usage for such TLDs would require special handling and is not discussed in this document; there have been efforts in the IETF to address them.
"

While I must admit that I am a bit ignorant when it comes to what is considered official ICANN position, at least the authors of this advisory seem to think that private TLDs not meant for DNS resolution should be/can be/are(!) worked on by the IETF.

[1] https://datatracker.ietf.org/doc/html/draft-wkumari-dnsop-internal-00#section-3

BR

> On 2. Aug 2022, at 22:09, Martin Schanzenbach <mschanzenbach@posteo.de> wrote:
> 
> Signed PGP part
> I just read it and on page 5 it specifically excludes .onion and .gnu as
> those do not use the DNS protocol (citing also the alt draft here).
> So this is equivalent to the .alt draft only if the private-use TLD is
> not limited to private-use DNS queries as investigated in the document.
> I find this to be quite odd as I thought this is what .arpa was for
> (RFC8375)!
> .home is even listed in the table of the SAC document and one of the
> motivations.
> 
> So, we would have to see what the actual proposed *use* of this private
> TLD would be. If it is limited to DNS, then it is of no use for
> alternative name systems and we would still need .alt.
> 
> Excerpts from Andrew Sullivan's message of 2022-08-02 15:34:40 -0400:
>> Disclaimer: I work for the Internet Society but I am not speaking for them.
>> 
>> On Tue, Aug 02, 2022 at 07:11:38PM +0000, Paul Hoffman wrote:
>>> 
>>> recommends that the ICANN board to pick a string that will never be put into the DNS root, and thus is usable for systems like GNS.
>> 
>> This was, of course, the whole point of the .alt draft in the first place, at least when I was involved in preparing it.  I don't think any of us involved then cared whether it was alt or one of thousands of other strings that it could have been.  The main point was to come up with something that would not pad total length too much and that could be a clear "protocol switch".  The registration in the IANA sutld registry was suppossed to ensure the same outcome as what is going through SSAC, but it makes no difference to me what the characters are.  Note that because of the old-timey restriction, I suspect the characters must all be alphabetic, though perhaps that rule has been superseded by IDNA.
>> 
>> A
>> 
> 
>

v2.23.0 | Report a Bug | By Email