IETF Logo Mail Archive

Re: [DNSOP] Fwd: [homenet] WGLC on "redact" and "homenet-dot"

Ted Lemon <mellon@fugue.com> Wed, 14 December 2016 17:08 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F2C9129B91 for <dnsop@ietfa.amsl.com>; Wed, 14 Dec 2016 09:08:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s8kKoNWWATKu for <dnsop@ietfa.amsl.com>; Wed, 14 Dec 2016 09:08:44 -0800 (PST)
Received: from mail-wm0-x22b.google.com (mail-wm0-x22b.google.com [IPv6:2a00:1450:400c:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E27CD12950F for <dnsop@ietf.org>; Wed, 14 Dec 2016 09:08:43 -0800 (PST)
Received: by mail-wm0-x22b.google.com with SMTP id g23so123035126wme.1 for <dnsop@ietf.org>; Wed, 14 Dec 2016 09:08:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=e7rXtOWHrid9eTGyLk3AgN/zNqO0vfs+5eKW+SdBhmw=; b=Mc3Wz5pDtdxXdWjjoSsdTYcjcob6CbPIL93/PVOXuI47Fpycowp8YiUVItdNv9bFIT R9cRjgq6JQbTCYpVhFuqVFh7cdUQVFvlLDAfkg+YnHJKTGWwTgDhyIsOZj9oLfwbR6+3 wVmoQu7Mer3ZiKUx8II/C56vnwaXiQ7ioqdtU/u8WNXg5RcMLsYTlKx212vaBfq/rLV9 AHSbNdUCkWtEPbmUJVcR3UZIIif4uBXm3o5jvZXaOsHMTthqOj5YDbj9ZrDFDW+xTAKg FGf5Ac6B0Xr0lGxKe/Uqigh+qIX1gAItNLCYGJHp2k8GSNWFsdCfbNWGf90q/N4oaZrp t/vw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=e7rXtOWHrid9eTGyLk3AgN/zNqO0vfs+5eKW+SdBhmw=; b=TlHhLwV8NBR/BH0jh619IKgLmQyoa7yyuy0BICws+ESJ7+BGNGw5/hOw/zkAeIhd8r lrPSIaeFYuXETNxGvupXqqZQs0HhCejGqHcVP4MyDQlfqmYDuskDqobaXpGJXbW7CllT zF88Y1crOP0taWOU5WBQRbBlLfRJYM7G6C0HpcMHs8FCHkHWGtVBnNXoPBTNdYTUpPOt D7DQbEmbml35NpXgWpvK51yPDfB75p2EfB5/y4UMpSDh+kA6smXSWVMzUt+AgbPWmkeg CSBy7rJtn0XADwN+xkm76fQRloOGxO30fOM57FR1zXMYtR7ZcWrmTXytyftoUUCTCq8s 7GBw==
X-Gm-Message-State: AKaTC01SKH59LOKtFQj6CmOkJzmpu7B8xsMurCKuMwN2rgsGLE6HF7b2ehafoxNhej/4bZCpLet6o4m5fl41Pg==
X-Received: by 10.46.75.17 with SMTP id y17mr5432797lja.1.1481735322232; Wed, 14 Dec 2016 09:08:42 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.165.8 with HTTP; Wed, 14 Dec 2016 09:07:20 -0800 (PST)
In-Reply-To: <CE36578B-780B-4222-B5A8-F6A252259234@shinkuro.com>
References: <4ab2a538-603e-4e7a-3be9-ad75ed459006@bellis.me.uk> <E773C5B4-BA00-488C-9854-C729B671DFBD@gmail.com> <95E95A61-2079-498B-91C6-E98B50B84044@shinkuro.com> <CAPt1N1nCWgEtsMY4s669CHicWppyz9wCVYA9HR0QR_rGOPXSfA@mail.gmail.com> <CE36578B-780B-4222-B5A8-F6A252259234@shinkuro.com>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 14 Dec 2016 12:07:20 -0500
Message-ID: <CAPt1N1n+PcuJ+AU-6U4TFiJvjNWz1PRNNp+y=zbnMSxZVKZ57A@mail.gmail.com>
To: Steve Crocker <steve@shinkuro.com>
Content-Type: multipart/alternative; boundary="f403045ea6bc88815a0543a163e3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ZsGee8PwbT0bLtZ-6aYF41K1wUU>
Cc: joel jaeggli <joelja@bogus.com>, Suzanne Woolf <suzworldwide@gmail.com>, dnsop <dnsop@ietf.org>, Terry Manderson <terry.manderson@icann.org>
Subject: Re: [DNSOP] Fwd: [homenet] WGLC on "redact" and "homenet-dot"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Dec 2016 17:08:46 -0000

I hope it was obvious that I was pretty confident that you actually had a
reason.   :)

The issue what what you are saying is that sometimes it is technically
correct for a name to not be validatable.   The reason we want an unsecured
delegation for .homenet is that .homenet can't be validated using the root
trust anchor, because the name is has no globally unique meaning.   So the
reason that you've given doesn't apply to this case, although I completely
agree with your reason as it applies to the case of names that are globally
unique.

On Wed, Dec 14, 2016 at 11:59 AM, Steve Crocker <steve@shinkuro.com> wrote:

> The latter.  All DNS answers at all levels should be signed to assure the
> querier of the integrity of the answer.  This has been the goal and best
> practice for a very long time.  For example, it was the explicit objective
> of the quote substantial DNSSEC effort funded by the US Dept of Homeland
> Security starting in 2004.
>
> Within ICANN, in 2009 we made it a formal requirement of all new gTLDs
> must be signed.  The ccTLDs are not subject to ICANN rules but they have
> been gradually moving toward signed status.  Most of the major ccTLDs are
> signed and many of the others are too.  Detailed maps are created every
> week by ISOC.
>
> I will also try to contribute to the homenet mailing list.
>
> Steve
>
> Sent from my iPhone
>
> On Dec 14, 2016, at 11:36 AM, Ted Lemon <mellon@fugue.com> wrote:
>
> Is this a matter of religious conviction, or is there some issue with
> unsecured delegations in the root that you are assuming is so obvious that
> you don't need to tell us about it?   :)
>
> On Wed, Dec 14, 2016 at 11:18 AM, Steve Crocker <steve@shinkuro.com>
> wrote:
>
>> I am strongly opposed to unsecured delegations in the root zone.  No
>> matter what the problem is, an unsecured delegation is not the answer.
>>
>> Steve
>>
>> On Dec 14, 2016, at 11:11 AM, Suzanne Woolf <suzworldwide@gmail.com>
>> wrote:
>>
>> Hi all,
>>
>> DNSOP participants who are interested in the special use names problem
>> might want to review draft-ietf-homenet-redact (
>> https://datatracker.ietf.org/doc/draft-ietf-homenet-redact/) and
>> draft-ietf-homenet-dot (https://datatracker.ietf.org/
>> doc/draft-ietf-homenet-dot/) for the WGLC on them in the HOMENET wg.
>>
>> WGLC comments should go to the WG list, homenet@ietf.org.
>>
>> If you do, it will also be helpful to look at RFC 7788, which specifies
>> the Home Networking Control Protocol for homenets.
>>
>> The redact draft is intended to remove the inadvertent reservation of
>> “.home” as the default namespace for homenets in RFC 7788.
>>
>> The homenet-dot draft is intended to provide a request under RFC 6761 for
>> “.homenet” as a special use name to serve as a default namespace for
>> homenets. It also asks IANA for an unsecured delegation in the root zone to
>> avoid DNSSEC validation failures for local names under “.homenet”. The root
>> zone request to IANA has caused some discussion within the WG, as there’s
>> no precedent for such a request.
>>
>> Terry Manderson mentioned the homenet-dot draft briefly at the mic in
>> Seoul.
>>
>> The WGLC ends this week.
>>
>>
>> Suzanne
>>
>> Begin forwarded message:
>>
>> *From: *Ray Bellis <ray@bellis.me.uk>
>> *Subject: **[homenet] WGLC on "redact" and "homenet-dot"*
>> *Date: *November 17, 2016 at 11:27:08 PM EST
>> *To: *HOMENET <homenet@ietf.org>
>>
>> This email commences a four week WGLC comment period on
>> draft-ietf-homenet-redact and draft-ietf-homenet-dot
>>
>> Please send any comments to the WG list as soon as possible.
>>
>> Whilst there was a very strong hum in favour of ".homenet" vs anything
>> else during the meeting, and there's some discussion of that ongoing
>> here on the list - I'd like us to please keep the discussion of the
>> choice of domain separate from other substantive comment about the
>> drafts' contents.
>>
>> thanks,
>>
>> Ray
>>
>> _______________________________________________
>> homenet mailing list
>> homenet@ietf.org
>> https://www.ietf.org/mailman/listinfo/homenet
>>
>>
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>>
>>
>>
>> _______________________________________________
>> DNSOP mailing list
>> DNSOP@ietf.org
>> https://www.ietf.org/mailman/listinfo/dnsop
>>
>>
>

v2.23.0 | Report a Bug | By Email