IETF Logo Mail Archive

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

Ted Lemon <mellon@fugue.com> Mon, 09 May 2016 18:59 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87D5D12D5D0 for <dnsop@ietfa.amsl.com>; Mon, 9 May 2016 11:59:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jXzP6Sp6jx9C for <dnsop@ietfa.amsl.com>; Mon, 9 May 2016 11:59:05 -0700 (PDT)
Received: from mail-lf0-x22b.google.com (mail-lf0-x22b.google.com [IPv6:2a00:1450:4010:c07::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9965F12D5CF for <dnsop@ietf.org>; Mon, 9 May 2016 11:59:04 -0700 (PDT)
Received: by mail-lf0-x22b.google.com with SMTP id m64so210521179lfd.1 for <dnsop@ietf.org>; Mon, 09 May 2016 11:59:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TApcmdC77FieKLR98hRYKmr87lTmDpq62Wjr13ZNK1Y=; b=y9KMolrTp4Ys+wKsHzHoAmukBA1QRwxgcb3QDhisjZXguLPUotzCMS3tULMxey6lDb FhuuFC2aTMfRT4i/uCDUWW2wRFDnepc2HLesYvAP0RZmyZSaRfnUB3DeMXgtLOWM/Gb4 l4JEQLbjbRVRgDAcM4pHfj6TiDI0bufHobQQDe8NIjndpmIFH9u20Vii1Ei+ELjOdzEA kNsVC2PrecKWX5y+OcNf09Zhf0Zn0dchlujvv62C45yMe4hUJCPUmvsSh/TSgHkK0wFd PUzezhcXOjxxFI0B/c0zfr0uO871qRrzK2cNziwQFCP0tD7tBkvKa7rL4TJbNB6RJcem pvrw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TApcmdC77FieKLR98hRYKmr87lTmDpq62Wjr13ZNK1Y=; b=hu5rNp5xFZP1yNU3ZSw1tD816QkWwv82PzndnZaNLUzJ/XqxlD9CcGbOG3/t9GmABT faEizMvEIAMAhz1/p+xkszZNQ5daOYF6SuQ5X5PClLQ2kOsTm0Zu8vV/Z2FiB5XuHfXV aB5dvy+RIn+D4xB9sso/iOm/bh6VsNkvIA6GPc1O/fZDn+jgWl8bnk/KXQ0VbHA7sgkp mhKV7TIG/QvSBXPULtgku88rvMh25YnWB2ypTgIY0ZMGyUVb8MSAzejNzNgYKRSb2ZOl IVeYW0EdjGBITn+j9FOFKuuujEpiHSCwK7tclwo2gZ0b9tsAvxDnriIfOa/G/DvDX6z7 xr4Q==
X-Gm-Message-State: AOPr4FWJWflAFTAo53BSrPEDyd/Z8z2DKI9dG8VeGm10nnm8amIbMk8VX4pIbqDsQXbH8s3osq/X9ZWBtuem9w==
X-Received: by 10.25.79.132 with SMTP id d126mr2286989lfb.119.1462820342956; Mon, 09 May 2016 11:59:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.213.19 with HTTP; Mon, 9 May 2016 11:58:23 -0700 (PDT)
In-Reply-To: <0867A10E-05DB-4427-8BA4-05432E81D9C1@twcable.com>
References: <9c79a64e-9317-75fd-6592-25fd76cfd47f@gmail.com> <CAJE_bqchx1FDhUpzFSGw3C1205KxutpwYXBFPGLZn+ArNNxKPA@mail.gmail.com> <CAPt1N1mJBwUzsjeQGd7mpQz26ZO=BpOvunZ0dcq6p1kZ+kSz-Q@mail.gmail.com> <CAJE_bqfOgzi1zOXB10Jz1g4m8E--GSfmCPTH2=NLwmoyHGM+Jg@mail.gmail.com> <CAPt1N1=iSaFnoCVds6F1KWNQfKgTNudHbW1RZfymwfcTWHo0jA@mail.gmail.com> <CAJE_bqeK1wj-8UOq6Ap4-iAjLUBJ8cvbM-j7sOiqOK6ZWD567g@mail.gmail.com> <0867A10E-05DB-4427-8BA4-05432E81D9C1@twcable.com>
From: Ted Lemon <mellon@fugue.com>
Date: Mon, 09 May 2016 14:58:23 -0400
Message-ID: <CAPt1N1msyvi1uvxiucgv-Sw+Ozh1Dgx49d5jBfv8MNsCPckXRw@mail.gmail.com>
To: "Howard, Lee" <lee.howard@twcable.com>
Content-Type: multipart/alternative; boundary="001a114251aae9a88905326d66b4"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/UYDdUQhh7LRQ67SoU6_xnXh3A18>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 May 2016 18:59:20 -0000

Yes, that's my recollection as well.   We've been working on some version
or another of this draft for kind of a long time, and that's why the
current document is as neutral as it is.   I think that neutrality really
does represent wg consensus, not in the sense that everybody is neutral,
but that there is nothing other than being neutral that will not raise
strong objections.

On Mon, May 9, 2016 at 2:31 PM, Howard, Lee <lee.howard@twcable.com> wrote:

>
>
>
>
>
> On 5/9/16, 2:15 PM, "DNSOP on behalf of 神明達哉" <dnsop-bounces@ietf.org on
> behalf of jinmei@wide.ad.jp> wrote:
>
> >At Fri, 6 May 2016 14:59:12 -0400,
> >Ted Lemon <mellon@fugue.com> wrote:
> >
> >> >   While a reverse mapping is generally useful for informational
> >> >   purposes, some people use it even more aggressively, such as for
> >> >   access control or host validation based on the existence of a
> >> >   reverse mapping, and often also on matching between the reverse and
> >> >   forward mapping.  It is believed that those practices are not very
> >> >   effective at best, especially for their side effect of punishing
> >> >   otherwise-legitimate users and their service providers.  Although an
> >> >   ideal solution to this is to encourage stopping those harmful
> >> >   practices possibly with replacing them with more effective ones,
> >> >   the sad operational reality is that it's less likely that the
> >> >   operators employing those practices will listen anytime soon.  Until
> >> >   then, the victim end users and their service providers will pay the
> >> >   cost of the practices, and the only realistic intermediate remedy is
> >> >   to provide required reverse mappings and often ensure the
> >> >   revers-forward match.  This document shows possible options on how
> >> >   to do this for those latter types of operators.
> >>
> >> The problem with this text when it was proposed before (it was proposed
> >> before!) is that not everybody agrees on it either.   So last time we
> had
> >> this discussion (which we have had more than once already, not counting
> >> this time), we decided to just be neutral, rather than either saying
> "this
> >> is a bad idea" or "this is a great idea."   I think the document is
> still
> >> useful, because honestly I do not think it is going to make much
> difference
> >> as far as host name checking goes.   I think if we want host name
> checking
> >> to die, we should talk to authors of open source software that support
> this
> >> feature into taking it out.   I think, for example, that openssh does
> this.
> >>   Maybe we should talk to them.
> >
> >To be clear, I didn't (yet) intend to suggest using the above text in
> >the draft.  It was just to see whether we are basically on the same
> >page if we described it without trying to be *too neutral* or whether
> >we are in disagreement on some more fundamental point.  Interpreting
> >the above response as it's the former, and hopefully some more share
> >the same view, I'd personally like to propose including some text like
> >this - it could be weakened if some part of it is considered
> >controversial, but I'd at least like to do the harm as a result of
> >being afraid of controversial and being too neutral (and therefore
> >ambiguous).
> >
> >Of course, this is just one personal feedback.  As you said it may be
> >that we can't simply agree on any kind of this text.  It's ultimately
> >up to the wg to decide.
>
> I think we tried this in 2006-2008 with reverse-mapping-considerations,
> and in 2009 with early versions of this draft, and occasionally in the
> following years. I think the existing document balances the considerations
> and represents, if not everyone's opinion, the best consensus that
> currently exists.
>
> Lee
>
> >
> >--
> >JINMEI, Tatuya
> >
> >_______________________________________________
> >DNSOP mailing list
> >DNSOP@ietf.org
> >https://www.ietf.org/mailman/listinfo/dnsop
>
> ________________________________
>
> This E-mail and any of its attachments may contain Time Warner Cable
> proprietary information, which is privileged, confidential, or subject to
> copyright belonging to Time Warner Cable. This E-mail is intended solely
> for the use of the individual or entity to which it is addressed. If you
> are not the intended recipient of this E-mail, you are hereby notified that
> any dissemination, distribution, copying, or action taken in relation to
> the contents of and attachments to this E-mail is strictly prohibited and
> may be unlawful. If you have received this E-mail in error, please notify
> the sender immediately and permanently delete the original and any copy of
> this E-mail and any printout.
>

v2.23.0 | Report a Bug | By Email