Re: [DNSOP] WG review of draft-ietf-homenet-dot-03

Andrew Sullivan <ajs@anvilwalrusden.com> Tue, 21 March 2017 04:23 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F33A8129521 for <dnsop@ietfa.amsl.com>; Mon, 20 Mar 2017 21:23:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=UAbG4pAf; dkim=pass (1024-bit key) header.d=yitter.info header.b=UaL3H+Wl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZyiH2nRPx_5N for <dnsop@ietfa.amsl.com>; Mon, 20 Mar 2017 21:23:23 -0700 (PDT)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D08212949F for <dnsop@ietf.org>; Mon, 20 Mar 2017 21:23:23 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id 99F72BB807 for <dnsop@ietf.org>; Tue, 21 Mar 2017 04:22:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1490070172; bh=qJlhWifmZSbIrvL5j/QWG9zmylgNENZFl9DtTQh3hR8=; h=Date:From:To:Subject:References:In-Reply-To:From; b=UAbG4pAfYkdRme+TuE0GqLpZAF4DnsTn0bKW1tdqcf2B3OgShDM6agSuC4YWCDkrI 4zXHHeNyJBTVodnOWdHdXX7i9KYVdTOtVTpPJ9Jo28z2kLbSZmjf1eMhITOIjCCN2t Zk5sW9ZnIfFcWVT3nRu/7BniSKze9U1M4+OFu1hM=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HThAdqnPxMwT for <dnsop@ietf.org>; Tue, 21 Mar 2017 04:22:51 +0000 (UTC)
Date: Tue, 21 Mar 2017 00:22:49 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1490070171; bh=qJlhWifmZSbIrvL5j/QWG9zmylgNENZFl9DtTQh3hR8=; h=Date:From:To:Subject:References:In-Reply-To:From; b=UaL3H+WlJCMbXKfqLbAAKHNsrpzlU/qXo4YQhH/QlHho5xrl0JvZRlKwbKHRh0QTr kgFKnfcVWH2dFBiHVa5YiNui4jzTqcH9/De/edFvGEwLdTJJwTJiqGJlXz1VDBBune 9okHBd7X9CIzxuCyX3ge56yV1L4kMFdTXo7ZesNM=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnsop@ietf.org
Message-ID: <20170321042249.GK27276@mx4.yitter.info>
References: <1E14B142-680B-4E30-809B-68E03EB6E326@gmail.com> <61FD3EE3-3043-4AB1-9823-6A9D61B1438C@vigilsec.com> <BE2A3845-D8AA-433A-9F00-1056ECFD335F@fugue.com> <21C8F856-FE3F-42A6-A8ED-888D0797B68B@vigilsec.com> <60C85486-E351-4C42-ADEB-FCBB56F4EA27@fugue.com> <AB11455F-7E43-4CB3-9F13-DB6A09F739EB@vigilsec.com> <CEC8CC6A-861A-471C-B7FA-4BB05C81CCF0@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CEC8CC6A-861A-471C-B7FA-4BB05C81CCF0@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/XQNlcIHFc8QRe03q6iNaCwdHMv0>
Subject: Re: [DNSOP] WG review of draft-ietf-homenet-dot-03
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 04:23:25 -0000

Hi,

On Mon, Mar 20, 2017 at 01:14:25PM -0400, Ralph Droms wrote:

> Russ - In my opinion, the special-use domain registry is not being
> used to put the name in the root zone.  The observation is that the
> special-use definition of this TLD requires both an entry in the
> special-use domain name registry, and an entry in the root zone

I am having a hard time making the above two sentences consistent.
This special-use case requires an entry in the root zone, and so by
definition the entry into one (the special-use registry) with
processing rules that require normal DNS processing, combined with the
request for a provably-insecure delegation, is either incoherent or
else links the two registries.  I don't know which it is, but I see no
way it can be other than one of them.

Best regards,

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com