Re: [DNSOP] Fundamental ANAME problems

Thomas Peterson <hidinginthebbc@gmail.com> Wed, 21 November 2018 11:58 UTC

Return-Path: <hidinginthebbc@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E71C2128CF2 for <dnsop@ietfa.amsl.com>; Wed, 21 Nov 2018 03:58:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7S4nt6-rc5c7 for <dnsop@ietfa.amsl.com>; Wed, 21 Nov 2018 03:58:57 -0800 (PST)
Received: from mail-wm1-x330.google.com (mail-wm1-x330.google.com [IPv6:2a00:1450:4864:20::330]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31B8012EB11 for <dnsop@ietf.org>; Wed, 21 Nov 2018 03:58:54 -0800 (PST)
Received: by mail-wm1-x330.google.com with SMTP id p2-v6so5456035wmc.2 for <dnsop@ietf.org>; Wed, 21 Nov 2018 03:58:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:references:message-id:date:user-agent:mime-version :in-reply-to:content-language; bh=2NJzbCOyN9TAtqQODGpL8rDEMyIFHnOg1iSjJ0o56LQ=; b=pAigalhJhL8jdZlLqq6UHX2rPsgzX79tSOB0K7i9irjcw0Yv7BOqqNrC4CoInAvp4o 3GTD8Zp+VD+oTCyp5qqqxS/2ft7IbEbdLh6E2uC8KzSH6XuDi93wCkRMwATZrkK0hLkw 4syRMIEWwYPJ6TzsxSInb7uIJWhi06gT6EVw2m/PAlbSFSWeSdDALA/ptUwiXqY1OEVw 9uNHLtvxnBx0ok3czt5Zpf96ty7oJ9L2X2Hsc/3bTUSm3XpcLf8/BWEnu3pJFYVMOrXp bLtv1zEc304tzeq9KnWO7XJvuXfBlVQUp3JNeAwY9TzyMlR8Ti2UApu70ZT4eb1xfcRe aRCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:references:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=2NJzbCOyN9TAtqQODGpL8rDEMyIFHnOg1iSjJ0o56LQ=; b=bSUmex2wX8aLbJNqAdx1VnyGkQErZYFTSslcmeJekDyzHa8o5q5ZXa82nMjvmzlB5X JDtNbJIMGkS8GqpsMVL7Fyr+m6XpLYtb+hAA2wiLy//0FldYKvoqTA+hRuQj1bka2Ftm Aud8kYs6Ge2OwHdvpQHtcx3OZ4lWPHKBfRnmGVCv+j/5osOrHWt0LnDnMsAOqoN0I/Dl Y0hdgl6YI3iNyHzDyDj5z1ITJOhaSwaDTceG/oaXmAk+VjAQpJ9xAvEEcl7nxFdM9QRf uUZuiYhU7NIMl9glDh5FVs0r6QlORBxikfoWa8cHIYF+az+K/iDPVRBh4zzz+/4vcUxO LFhg==
X-Gm-Message-State: AA+aEWakHkXlq6GFT16SaKpZLMHy49y4LBV4FvZb7XGx8Ttf/ewaO3Im SZLldFHjuFB3EAm1jqd4IrtaKAvW
X-Google-Smtp-Source: AFSGD/Xh0ZoFmEmZo7hToXJ6/aNlcQEUNBxXwmytZU72Cb3SoRGDkikvdmUvxQmASjtaAWo4g/GubA==
X-Received: by 2002:a1c:c483:: with SMTP id u125mr5500827wmf.14.1542801532120; Wed, 21 Nov 2018 03:58:52 -0800 (PST)
Received: from ROADKILL.local ([132.185.158.35]) by smtp.gmail.com with ESMTPSA id z3-v6sm541276wma.6.2018.11.21.03.58.50 for <dnsop@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Nov 2018 03:58:51 -0800 (PST)
From: Thomas Peterson <hidinginthebbc@gmail.com>
To: dnsop@ietf.org
References: <CAH1iCirXYsYB3sAo8f1Jy-q4meLmQAPSFO-7x5idDufdT_unXQ@mail.gmail.com> <CA+nkc8C6yVT62cW5QP-ec2ZT7FY_n48Ecr=CLeE6FS_1duBO8g@mail.gmail.com> <CAJhMdTOwU88BkukodL_zXcK1=JenExX4HL46Zzbw=+btLbDG2A@mail.gmail.com> <20181103193258.GE20885@besserwisser.org> <3E93AE5D-C8AC-496E-85DB-57E6F8E92DF5@frobbit.se> <00158263-85dd-69ce-5299-13ff4c2411c5@bellis.me.uk> <DCBDB76E-E9E8-4FAE-9EF4-56EABFFA9AD1@frobbit.se> <17c409ef-207a-2e53-3496-d98727ecb71d@bellis.me.uk> <CABrJZ5EWGZcxhxf+VxuRsS+b7eX8cYsLGrHOrVzk_qmoFDKh7A@mail.gmail.com> <6B40705F-3C7A-4E78-BCD0-B4E199C606AA@gmail.com>
Message-ID: <96ebed06-3f87-ead3-0e11-73915e575312@gmail.com>
Date: Wed, 21 Nov 2018 11:58:50 +0000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.3.0
MIME-Version: 1.0
In-Reply-To: <6B40705F-3C7A-4E78-BCD0-B4E199C606AA@gmail.com>
Content-Type: multipart/alternative; boundary="------------45309DD1C42A6B74CC7E0EC1"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/XlN9V8JjPWURo2dAjm6qlxgZtbk>
Subject: Re: [DNSOP] Fundamental ANAME problems
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 11:59:00 -0000

To hopefully awaken and further inform the discussion around the ANAME 
and HTTP draft specifications that have been put forward, I've done some 
further analysis across the Alexa top 1 million domains - my initial 
findings are available at https://thpts.github.io/a_or_cname/ .

A brief summary of what I have found across the entire dataset:

* 51% of www records return an A record
* 47% of www records return a CNAME
   * 64% of those point www back to apex (i.e. www.example.com. IN CNAME 
example.com.)
* 17 www records are DNAME

Any feedback, corrections, and suggestions would be greatly appreciated.

Regards

On Tue, 6 Nov 2018 at 10:22, Thomas Peterson <hidinginthebbc@gmail.com 
<mailto:hidinginthebbc@gmail.com>> wrote:

    That may be the case from your own (presumably anecdotal)
    experience, however I took the Alexa top 1 million websites and
    queried for A* and CNAME against the www records for the top 10 000
    domains. What I found is that approximately 44% returned CNAME
    records, 56% returning A records.

    Code is
    https://gist.github.com/thpts/eb5cec361867170a0ffd6ede136c6649 here
    if anyone wishes to look.

    Regards

    * I realise that I could have added AAAA. My presumption is that the
    top 10k websites are not v6 only and at least have an A record in place.

    *From: *DNSOP <dnsop-bounces@ietf.org
    <mailto:dnsop-bounces@ietf.org>> on behalf of Olli Vanhoja
    <olli@zeit.co <mailto:olli@zeit.co>>
    *Date: *Tuesday, 6 November 2018 at 08:24
    *To: *<dnsop@ietf.org <mailto:dnsop@ietf.org>>
    *Subject: *Re: [DNSOP] Fundamental ANAME problems

    In fact if you look at the DNS records some big Internet companies

    they rarely use CNAMEs for www but instead you'll see an A record,
    that might

    be even backed by a proprietary ANAME solution.