IETF Logo Mail Archive

Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

Ted Lemon <mellon@fugue.com> Tue, 06 February 2018 05:17 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 268DF126D0C for <dnsop@ietfa.amsl.com>; Mon, 5 Feb 2018 21:17:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EjjgqdzCRrnH for <dnsop@ietfa.amsl.com>; Mon, 5 Feb 2018 21:17:11 -0800 (PST)
Received: from mail-qk0-x22b.google.com (mail-qk0-x22b.google.com [IPv6:2607:f8b0:400d:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 298121200C1 for <dnsop@ietf.org>; Mon, 5 Feb 2018 21:17:11 -0800 (PST)
Received: by mail-qk0-x22b.google.com with SMTP id y204so826015qkb.10 for <dnsop@ietf.org>; Mon, 05 Feb 2018 21:17:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=7H0gMEg6zc4yJ1TF12KBVCdpnl6L3NiSe04BnIqq3i0=; b=rbudbRk7kIx6EnOSU4x/ZOMtIJ/DXAKJKcIoEuTuzIdghYyUBjIvepatgWEVnpvZA6 wsSZ9sfbDHjCXnrl/+Se6AVdp4maQWct7CXuxT3gdQcDVeUoz4B8GWr5lgWDN5nOaYDY x8J5SZ3eFlxu6d6F6cvpDRu2nwF/CqqIW1Li+zkGcuIKaYfPxi5ZfFn5ghVMMQuuZZjf mlPuywuMaH6XsCQEPSZkbiMb1cvIq/yfvaA6vJDCiEYgMKcRYJysvK6EJcjyJVSV8SXL 6NW/UZlyhsmPs3hfbwBM+nCmZnNlQM41eHyz1mm1nZdG8wG+PeJlS2NRZ5yoZiUTYHlp C9Bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=7H0gMEg6zc4yJ1TF12KBVCdpnl6L3NiSe04BnIqq3i0=; b=YeofpTp6EPr7pG9WKyDfl6+RpFpL9y8gvpfIG5ds9CzOpeLJWaPKNjtPnRuE6Q6sbM NaDXPkpKDFglfAQeLrozF6RDka19jd2Xn2xj9cjlEf2eP2Kxut0xbcyR0tBn33SNRAVb 74RYIHBdfRII/2MX4YK24JWb5dvwq8idgHiYlG0V+1fAYqEZQbiREm4kZooSLQ9friuW MIUq25CX3zrU+X3xBpMnHBvoqmC2ZbYhHl9k4blNvpACWXpzHB4ykTL/YMw4+/wih3mg /1Odd9H249sQd1XfX6B64DyM8XajF6Ixzmuc7iXnBIa8cavh6UbjYCgOeoDxtDeTGnw9 UOgQ==
X-Gm-Message-State: APf1xPCgmdxql7sKrS0GkFB+sNnJ6FGgjlZwBbImfV3iaeefQ99F7rco E/G5dceG9eWwA95GOX0U+oFIaw==
X-Google-Smtp-Source: AH8x224e/9Rm9GxFEHDOWHZN7rq03vkpwkJWScAOpAS7rhuGlGHJoGAcFGMnkHyqjolJGFzkG2Ur4w==
X-Received: by 10.55.26.208 with SMTP id l77mr1660205qkh.150.1517894230317; Mon, 05 Feb 2018 21:17:10 -0800 (PST)
Received: from [10.0.30.153] (c-24-60-163-103.hsd1.nh.comcast.net. [24.60.163.103]) by smtp.gmail.com with ESMTPSA id j6sm3014023qke.11.2018.02.05.21.17.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Feb 2018 21:17:09 -0800 (PST)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <97783B49-11C9-47F1-8F73-3D909C9B4DC4@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_82D6ACEC-A298-40F2-BE99-DF5F30C2951A"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Date: Tue, 06 Feb 2018 00:17:06 -0500
In-Reply-To: <CANLjSvVd+vj8M+vBOokfpOL1fmq2iU9JAhSCd6eY_aoE1p5SMQ@mail.gmail.com>
Cc: Mark Andrews <marka@isc.org>, dnsop <dnsop@ietf.org>
To: Lanlan Pan <abbypan@gmail.com>
References: <9DCE2F63-EE37-4865-B9D6-6B79BBE05593@gmail.com> <20180129155112.GC16545@mx4.yitter.info> <5A6F5CF1.4080706@redbarn.org> <CA+nkc8D7tne5SxGOUhvJqstmDa=1=RmvcHQte1byAab5dUd5sQ@mail.gmail.com> <AE634FC4-0EAF-4F54-8860-61E41284F873@fugue.com> <20180130185919.GJ19193@mx4.yitter.info> <3b57a486-df8e-ca57-ab89-c167cea0dcc9@bellis.me.uk> <20180131161507.GP3322@mournblade.imrryr.org> <20180201172644.GD26453@mx4.yitter.info> <1D7693F7-000C-451A-8F7A-45B94366240F@fugue.com> <20180201204833.GA27125@mx4.yitter.info> <777C7B4A-A8D6-4E14-9DBF-360B6BDF4A95@fugue.com> <CA+nkc8D_JUaWhW8eZ3KuMKJsyVd1ddMtFLhk5Tne1oH2eEHhZg@mail.gmail.com> <01C3E853-A14F-4D1B-865D-5B74C9F1F999@isc.org> <CANLjSvUJ17pLEhpboEJfhum6gv-2-Ls5prKYUH0rumqSpkcpqw@mail.gmail.com> <2B1DC084-C6EA-41DA-9029-5E230874FCBE@isc.org> <29F25C57-31D1-4A07-875D-16E7612DB993@fugue.com> <E4C5AA7E-E9C1-4E53-ABE0-676A9B7B3269@isc.org> <618D31E1-8EC7-4F75-BD97-31D42CB1E681@fugue.com> <40992CF7-5740-43ED-8B78-8D8A9B50A15C@isc.org> <F28D0F1D-416E-4016-8A5A-95173FFFAA4E@fugue.com> <CANLjSvVd+vj8M+vBOokfpOL1fmq2iU9JAhSCd6eY_aoE1p5SMQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/RwcOYaajE9qBSoonoqzxNdkV2Ec>
Subject: Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Feb 2018 05:17:13 -0000

On Feb 5, 2018, at 11:58 PM, Lanlan Pan <abbypan@gmail.com> wrote:
> If we decide to ban localhost.example,

Nobody is proposing that we ban localhost.example.

> 1) how many security accidents have caused by this "localhost.example", is it a serious security problem with low attack cost ? 


Every security exposure has zero attacks until it is first successfully attacked.   Then the floodgates tend to open! :)

v2.23.0 | Report a Bug | By Email