IETF Logo Mail Archive

Re: [DNSOP] Some distinctions and a request - Have some class?

Suzanne Woolf <suzworldwide@gmail.com> Fri, 03 July 2015 16:26 UTC

Return-Path: <suzworldwide@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CF531B309A for <dnsop@ietfa.amsl.com>; Fri, 3 Jul 2015 09:26:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Level:
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F2TzedKplJJT for <dnsop@ietfa.amsl.com>; Fri, 3 Jul 2015 09:26:12 -0700 (PDT)
Received: from mail-ig0-x229.google.com (mail-ig0-x229.google.com [IPv6:2607:f8b0:4001:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93ACF1B30AA for <dnsop@ietf.org>; Fri, 3 Jul 2015 09:26:12 -0700 (PDT)
Received: by igrv9 with SMTP id v9so80171864igr.1 for <dnsop@ietf.org>; Fri, 03 Jul 2015 09:26:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=85X7cGbSsG3oiKE86cAN6igOpOYnIEkup54Oi3bZTkQ=; b=YIZHmhA+btTpm/RcQ3n/wNO/9rext0vBeRVPigP+jtaN33eUAgF+IpXi+DZ3IAZcm+ Qiu7pEvuJb7VwBrj5VMRN3fY8u/+O9tAEyIuo5BrdH2BaWXBsW34kw4AiQmiKBjjF4Ve scpGIrMiwIeWByupRA9v6+k/Y2wbcV55uQh/NE94OfZSEqHtIqqhTDd6Xwf+MT7DX0Pm m9bdw5fHFZRLosLaPwD+1Nb+5mzWHtkoHsRs0lNdPOnp4nvy9g6HtQ0oMLHk4ODc/sSv BkViWik72lAS/EDhiDL6mT49f0qbpJs0HGCawPIe0TxMPfoiI3n0mgzdohDNUQfiNnYb 4kaw==
X-Received: by 10.50.87.38 with SMTP id u6mr51469125igz.39.1435940772018; Fri, 03 Jul 2015 09:26:12 -0700 (PDT)
Received: from ?IPv6:2601:181:c002:25ee:8cbb:1dd7:5289:2975? ([2601:181:c002:25ee:8cbb:1dd7:5289:2975]) by smtp.gmail.com with ESMTPSA id o19sm3733927igs.18.2015.07.03.09.26.10 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 03 Jul 2015 09:26:11 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_19A45EB5-7B85-48EC-B81D-742B145480B4"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Suzanne Woolf <suzworldwide@gmail.com>
In-Reply-To: <1A6EA045-998D-487D-821C-D96716756F91@frobbit.se>
Date: Fri, 03 Jul 2015 12:26:08 -0400
Message-Id: <23A02478-6E3C-4B59-AEC5-C300A5F9DF40@gmail.com>
References: <6CB05D82CE245B4083BBF3B97E2ED470C27498@ait-pex01mbx01.win.dtu.dk> <D1BAA21E.CA2E%edward.lewis@icann.org> <6CB05D82CE245B4083BBF3B97E2ED470C2759F@ait-pex01mbx01.win.dtu.dk> <6CB05D82CE245B4083BBF3B97E2ED470C275B2@ait-pex01mbx01.win.dtu.dk> <E225C721-7279-4053-97A2-2D63A155DA14@karoshi.com> <6CB05D82CE245B4083BBF3B97E2ED470C27602@ait-pex01mbx01.win.dtu.dk> <88E49F4B-64BD-4832-BD02-D1A882874E92@karoshi.com> <20150702234423.GB23022@mycre.ws> <EBDBDD70-046F-4E31-BDAC-A619EECD4F13@karoshi.com> <20150703012146.GA29948@mycre.ws> <DC13E07F-2203-4FE9-A67F-B5851A54298F@karoshi.com> <986E07DA-B174-4F81-BFB5-F5EAD46C506F@karoshi.com> <CAHw9_iJMZzrCM24gaMJpDNTHbKwF20DeVX7UszCMZuUvGnLaXw@mail.gmail.com> <BB0813DF-DF9D-4CD9-BDB8-26A437146986@karoshi.com> <1A6EA045-998D-487D-821C-D96716756F91@frobbit.se>
To: Patrik Fältström <paf@frobbit.se>
X-Mailer: Apple Mail (2.1510)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/QwnAtyE_7bMYf6h13IFjJZhCWKU>
Cc: Robert Edmonds <edmonds@mycre.ws>, manning <bmanning@karoshi.com>, dnsop@ietf.org, Andrew Sullivan <ajs@anvilwalrusden.com>
Subject: Re: [DNSOP] Some distinctions and a request - Have some class?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jul 2015 16:26:15 -0000

Hi,

On Jul 3, 2015, at 11:18 AM, Patrik Fältström <paf@frobbit.se> wrote:

> Unfortunately I think we all in this discussion [again] mix up discussion about DNS with the discussion about the name space that is in use for example by what we know as "the domain name system rooted at the root zone managed by IANA".
> 
> I think we just must force ourselves to stay focused on namespace management. A portion of that name space is to be accessed using DNS. Some other portions of that very same name space is access using other mechanisms.

If I've followed the discussion so far-- which has been very good, and exactly what I think we've been working towards for quite awhile now-- this is key to making any kind of progress beyond beauty contests for the IETF to judge about "things that look like TLDs" and confusion for developers of new technology who want to use DNS-compatible names.

> This is not easy, but I think that is the way to attack the problem.
> 
> And given such a view, IETF is to decide what strings are to be used "by other mechanisms" so that [for example] they can and should never ever be accessed by the domain name system.

As long as administrators can configure their own namespaces, the IETF has limited power in this area, and IMHO shouldn't chase more. We can provide advice, however, such as encouraging the use of .alt names in the same kind of "protocol switch signal" names that people are starting to scatter arbitrarily through the namespace.

> This while ICANN have processes for deciding what string should be TLDs, based on the standards created by for example the IETF.

It does seem to me that an important feature here is that "TLD" as we're using it is "name in the root zone (or root zone space), to be managed within a context that assumes DNS protocol and semantics as well as DNS-compatible name space." (That is, people using the term "TLD" to refer to single-label DNS-compatible name are incorrect-- "onion" is not a TLD, and that's largely the point.)
> 
> Maybe a document is needed that describes that namespace? How it is partitioned?

Andrew requested on the list last week that we discuss the possibility of 6761bis in Prague, and the draft agenda (to be posted in the next couple of days) does include a slot for that. In the meantime, let's continue here.


best,
Suzanne

> On 3 Jul 2015, at 16:21, manning wrote:
> 
>> Thanks for that.  The original claim was that these name spaces were global in scope, but not part of the Internet.
>> So I took that as face value.  Your example, while perhaps a valid interpretation, is not what was asked for.
>> If it is, then namespace/class specific applications/extentions need to be developed/deployed, OR folks need to suck it up and just use the Internet portion of the DNS (and its associated rules, e.g. new TLDs are defined by ICANN)
>> 
>> /bill
>> 
>> 
>> On 3July2015Friday, at 7:01, Warren Kumari <warren@kumari.net> wrote:
>> 
>>> On Fri, Jul 3, 2015 at 9:43 AM, manning <bmanning@karoshi.com> wrote:
>>>> Actually, there IS an escape method already defined.  We just don’t use it much these days.
>>>> It’s called  “class”
>>>> 
>>>> There is no reason these alternate namespaces should sit in the IN class.  they could/should be in their
>>>> own class, like the old CHAOS protocols.   So  a class  “ONION” or “P2P” would work out very nicely.
>>> 
>>> Yup, but the problem is that people want to be able to enter the
>>> alternate namespace names into existing applications (like browsers,
>>> ssh, etc), just like a "normal" DNS name. They want to be able to
>>> email links around (like https://facebookcorewwwi.onion/ ) and have
>>> others click on them, etc.
>>> 
>>> There is no way that I know of to tell e.g Safari to look this up in a
>>> different class... and, even if there were, they would *still* leak,
>>> because people are lazy...
>>> 
>>> W
>>> 
>>>> 
>>>> After all it’s the Domain Name System.  (can comprehend names in multiple domains, not just the Internet)
>>>> 
>>>> manning
>>>> bmanning@karoshi.com
>>>> PO Box 12317
>>>> Marina del Rey, CA 90295
>>>> 310.322.8102
>>>> 
>>>> 
>>>> 
>>>> On 2July2015Thursday, at 20:56, manning <bmanning@karoshi.com> wrote:
>>>> 
>>>>> 
>>>>> On 2July2015Thursday, at 18:21, Robert Edmonds <edmonds@mycre.ws> wrote:
>>>>> 
>>>>>> manning wrote:
>>>>>>> There in lies the problem.  These systems have no way to disambiguate a local v. global scope.
>>>>>>>   It seems like the obvious solution is to ensure that these nodes do NOT have global scope, i.e. No connection to the Internets
>>>>>>>   and no way to attempt DNS resolution.   Or they need to ensure that DNS resolution occurs after every other “name lookup technology”
>>>>>>>   which is not global in scope.
>>>>>> 
>>>>>> I don't understand this point.  Since Onion hidden service names are
>>>>>> based on hashes derived from public keys surely they're globally scoped
>>>>>> (barring hash collisions)?
>>>>>> 
>>>>>> --
>>>>>> Robert Edmonds
>>>>> 
>>>>> If they _are_ globally scoped,  what part of the local system decides which namespace to use, the ONION, the LOCAL, the P2P, the BIT, the BBSS, the DECnetV, the IXP, or the DNS…
>>>>> where is search order determined?  Does first match in any namespace win?  What is the tiebreaker when there are label collisions between namespaces?
>>>>> 
>>>>> 
>>>>> /bill
>>>> 
>>>> _______________________________________________
>>>> DNSOP mailing list
>>>> DNSOP@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/dnsop
>>> 
>>> 
>>> 
>>> -- 
>>> I don't think the execution is relevant when it was obviously a bad
>>> idea in the first place.
>>> This is like putting rabid weasels in your pants, and later expressing
>>> regret at having chosen those particular rabid weasels and that pair
>>> of pants.
>>> ---maf
>>> 
>>> _______________________________________________
>>> DNSOP mailing list
>>> DNSOP@ietf.org
>>> https://www.ietf.org/mailman/listinfo/dnsop
>> 
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email