Re: [DNSOP] "anything goes" (was Re: Should we try to work on DNS over HTTP in dnsop?)
Tim Wicinski <tjw.ietf@gmail.com> Mon, 21 December 2015 00:34 UTC
Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 381491A6FB2 for <dnsop@ietfa.amsl.com>; Sun, 20 Dec 2015 16:34:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lb2aY7gAXEN9 for <dnsop@ietfa.amsl.com>; Sun, 20 Dec 2015 16:34:56 -0800 (PST)
Received: from mail-io0-x230.google.com (mail-io0-x230.google.com [IPv6:2607:f8b0:4001:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 128BD1A6FAE for <dnsop@ietf.org>; Sun, 20 Dec 2015 16:34:56 -0800 (PST)
Received: by mail-io0-x230.google.com with SMTP id o67so139688482iof.3 for <dnsop@ietf.org>; Sun, 20 Dec 2015 16:34:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=YKaiLh/O6mDJKXGr8FqXx/iozJ/8vmXsA14l2zK3AFY=; b=lFRPYXMl5pBJcgoleFtKWtNMq/I9Cyp/LzmwtGLchsJfzvXdbzhqg6X5XhprgRDp2M bEQbOhGEmrpRW6jpYsZto59T1ecXgLw7DObA6I4UOkMk2GXkMW1PEC7CX0B1CH6aNR99 ecact5qj4GD3cwLzcvok77oxiQRinYthtklfn6JCPbIVzAGKWIuQWogoNtTTZeoR87Mv IT3n0KqaaUNMhtPwDJoUhswfAw2EQ4FuzLFbyM3rzx2ATwJpzX5hQrQ8krTw4nXil10Y vdS07ZHl/BiLvHWhgvc3naAVqKfRQw3S8KKKuFB+lQPLS6E0ofhpIojTW3iP0FIqxqlE p+/g==
X-Received: by 10.107.185.6 with SMTP id j6mr10979322iof.111.1450658095456; Sun, 20 Dec 2015 16:34:55 -0800 (PST)
Received: from still.local ([184.13.114.26]) by smtp.googlemail.com with ESMTPSA id b36sm691885iod.29.2015.12.20.16.34.54 for <dnsop@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Sun, 20 Dec 2015 16:34:54 -0800 (PST)
To: dnsop@ietf.org
References: <20151217020754.6915b71c@pallas.home.time-travellers.org> <20151218180733.GZ3294@mx2.yitter.info> <5676D3B6.6060909@bogus.com> <2356548.sfrx6z2Xr5@linux-85bq.suse>
From: Tim Wicinski <tjw.ietf@gmail.com>
Message-ID: <46932ca1-d5e4-2220-15f8-9c90138d307e@gmail.com>
Date: Sun, 20 Dec 2015 19:34:54 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.0a2
MIME-Version: 1.0
In-Reply-To: <2356548.sfrx6z2Xr5@linux-85bq.suse>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/_a1PLe3QulIIX3ENyuDvffHNZoM>
Subject: Re: [DNSOP] "anything goes" (was Re: Should we try to work on DNS over HTTP in dnsop?)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Dec 2015 00:34:57 -0000
On 12/20/15 1:31 PM, Paul Vixie wrote: > On Sunday, December 20, 2015 08:13:42 AM joel jaeggli wrote: > >> > >> I think we dramatically better off, if we are willing to critically > >> consider the implications of proposals someplace and expose the record > >> of that, and I don't have a better location on offer then here. > > > > i was not trying to stifle discussion. what a wg chair told me was that > the essence of a dnsop rfc was, "if you're trying to accomplish thing X, > here's one way to do it." sadly for me, because of the ietf's > imprimatur, such specifications will be used in industry as if they were > recommendations. > > > > in the specific example of edns client subnet, i have previously > supplied extensive technical argument against the systemic costs of > expanding the Q-tuple in this way. those arguments did not find > consensus in the WG, and are not reflected in the draft. see also > "afasterinetnet.com". > the edns-client-subnet is a very specific edge case - it has security/privacy issues, it's done poorly, and even the current authors want to fix what is there. In the shepherd document I wrote the following: "There are security issues with this version, as raised by various people. They are correct, and the intent is not to correct the security flaws with this document, but to describe how this option behaves currently. It is suggested a new version will be worked on in a year which addresses the security issues, and addresses other issues about this option." While you are right that such specifications may be used in industry as recommendations, having several large vendors deploying something has the same effect. My current employer was convinced that client-subnet was already a 'standard' and wanted to know why didn't everyone support it. Educating employers have always been the rock some of us push uphill every day. tim
- [DNSOP] Should we try to work on DNS over HTTP in… Shane Kerr
- Re: [DNSOP] Should we try to work on DNS over HTT… George Michaelson
- Re: [DNSOP] Should we try to work on DNS over HTT… Robert Edmonds
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Shumon Huque
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Wouters
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Shane Kerr
- Re: [DNSOP] Should we try to work on DNS over HTT… Mark Delany
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Tim Wicinski
- Re: [DNSOP] Should we try to work on DNS over HTT… Mark Delany
- [DNSOP] "anything goes" (was Re: Should we try to… Andrew Sullivan
- Re: [DNSOP] "anything goes" (was Re: Should we tr… joel jaeggli
- Re: [DNSOP] "anything goes" (was Re: Should we tr… Andrew Sullivan
- Re: [DNSOP] "anything goes" (was Re: Should we tr… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Mark Delany
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Mark Delany
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] "anything goes" (was Re: Should we tr… Tim Wicinski
- Re: [DNSOP] Should we try to work on DNS over HTT… Tony Finch
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Hoffman
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Tony Finch
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… George Michaelson
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… George Michaelson
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Phillip Hallam-Baker
- Re: [DNSOP] Should we try to work on DNS over HTT… George Michaelson
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Vixie
- Re: [DNSOP] Should we try to work on DNS over HTT… Paul Hoffman
- Re: [DNSOP] Should we try to work on DNS over HTT… Tony Finch