IETF Logo Mail Archive

Re: [DNSOP] Some distinctions and a request - Have some class?

Steve Crocker <steve@shinkuro.com> Sat, 04 July 2015 16:16 UTC

Return-Path: <steve@shinkuro.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71F4C1A8A28 for <dnsop@ietfa.amsl.com>; Sat, 4 Jul 2015 09:16:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.117
X-Spam-Level: *
X-Spam-Status: No, score=1.117 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_EQ_DSL=1.129, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O8j19FLTMq2G for <dnsop@ietfa.amsl.com>; Sat, 4 Jul 2015 09:16:18 -0700 (PDT)
Received: from execdsl.com (remote.shinkuro.com [50.56.68.178]) by ietfa.amsl.com (Postfix) with ESMTP id A13CD1A88FA for <dnsop@ietf.org>; Sat, 4 Jul 2015 09:16:18 -0700 (PDT)
Received: from dummy.name; Sat, 04 Jul 2015 16:16:18 +0000
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (1.0)
From: Steve Crocker <steve@shinkuro.com>
X-Mailer: iPhone Mail (12B466)
In-Reply-To: <017CF015-8A06-40D5-9ECF-B7B7E208C7AF@frobbit.se>
Date: Sat, 04 Jul 2015 09:16:17 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <6F830DF3-9FD6-43A1-8E9A-5854958BA848@shinkuro.com>
References: <20150704063120.2380.qmail@ary.lan> <017CF015-8A06-40D5-9ECF-B7B7E208C7AF@frobbit.se>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/VLHkNX_gar_zBSvPSNg7XJp_k3c>
Subject: Re: [DNSOP] Some distinctions and a request - Have some class?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Jul 2015 16:16:19 -0000

See the end for something provocative.

> ICANN do say what strings in the name space should be TLDs.
> 
> IETF do say what strings in the name space should NOT be TLDs.
> 
> The rest are just strings waiting to end up in one of the two groups.
> 
>   Patrik

Perfectly stated.  There is really just one name space.  Once a string is designated by the IETF for some purpose other than allocation as a top level domain, it is, IMO, permanently barred from being allocated as a TLD.

As a practical matter, non-TLD strings regularly leak into the public domain name system and wind up at the root.  In principle, this should not be a problem except for the additional load it places on the root servers, EXCEPT we have also seen end systems depend on the NXDOMAIN response from the root servers as part of their processing.  This creates a nasty security hole.

I propose augmenting the DNS to include entries in the root that serve the purpose of giving slow NXDOMAIN responses instead of quick responses for those strings that the IETF has identified as not TLDs.  local, corp, home, mail, and others are what I have in mind.  This is intended to incentivize developers not to release code that improperly depends on the NXDOMAIN response in their search path.

Steve

v2.23.0 | Report a Bug | By Email