Re: [DNSOP] Please review and provide feedback -- draft-stw-6761ext

Warren Kumari <> Fri, 23 August 2019 22:35 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0967512002E for <>; Fri, 23 Aug 2019 15:35:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id n2EjCDmMnPDM for <>; Fri, 23 Aug 2019 15:35:49 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BBB7812002F for <>; Fri, 23 Aug 2019 15:35:49 -0700 (PDT)
Received: by with SMTP id t12so12754253qtp.9 for <>; Fri, 23 Aug 2019 15:35:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=siPFv832hbCOz70BNSfn1ZqBxKKeruD28mrTpEQaBVg=; b=kFuBpuYe7Y4+jTKQfg+hQcJNj4wD03PTKR5lVEqa9qgxBs90wSFs7WEocJYqxy8iAA B8fNNGVST/T5OOikkigQBX9wNserPb2pdDnoVsT216TFmbQa9EjfHof+R/R0wTkeW39h epXu5Xlzj4AsrFqz2/AvBn5QANhukl0SIba2dt16RJNk6LO6/OESixVNR6VztbPVWCcv aUhRF1S9FvxFTpZtykrw8gS1hx0mAdHhMpp4tXbVAZKv8G2TT8/qz5OzKFLNWcLCJ6Dg Dha/nIftLmcjSq1yo4CMaUGkN+KNjz4sPAMPdjDzktRF5wjy8tXbMkHhrYROHmkSxlIf RndQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=siPFv832hbCOz70BNSfn1ZqBxKKeruD28mrTpEQaBVg=; b=VoKQZf+AELobmThM2b2ZH6b1l+fLfOVPT/ae9FbEutDa0XiluqRF8J81X26YiZCJ2f 7StWGqN2CJcmYDH4ewD2ylbYaNZj1wl3IM3PMFg1y7X0j7ARkIaMWia48P046xIo3iL9 Kila+TzdKSfo7XuPih+DuQWDoLrM02qs7HYOBo8cELm99BDcFXtATsxM1UToI3oYNNNH e0pGFBe9gKF0taUU2h1OR4sRebT55qkrbCv9Mp6h53y1bhy73PPflZLSXJMwcb6Sm6m4 EU3UEjYwUAoBwNexsEdXzoV0UdjqBECczAVoyBQ+s4MPr+4c3qJRxfQJ8df68/ST3eO8 IN3Q==
X-Gm-Message-State: APjAAAXG9gAYrKlUfHUPVl6S2LyUL4ZGJD6skkcfO8Rfx+TMoYfqfOwH nmLxHHssSh05rMaNejctpxqexWFTG71M8JPJ+zeQww==
X-Google-Smtp-Source: APXvYqz5iyux0P3JLhq+0daTW8ebEhauVs0153HmdoRZG7tAGGWssXREU+k/qRu4BvFTDIXAGDhN/Up8ebZHCdivGY0=
X-Received: by 2002:aed:2fe1:: with SMTP id m88mr7021328qtd.77.1566599748102; Fri, 23 Aug 2019 15:35:48 -0700 (PDT)
MIME-Version: 1.0
References: <> <20190818182935.F172A87452C@ary.qy> <> <>
In-Reply-To: <>
From: Warren Kumari <>
Date: Fri, 23 Aug 2019 18:35:11 -0400
Message-ID: <>
To: Joe Abley <>
Cc: John Levine <>, dnsop <>, Suzanne Woolf <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [DNSOP] Please review and provide feedback -- draft-stw-6761ext
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 23 Aug 2019 22:35:52 -0000

On Fri, Aug 23, 2019 at 5:39 PM Joe Abley <> wrote:
> Hi Warren,
> On 23 Aug 2019, at 17:18, Warren Kumari <> wrote:
> > On Sun, Aug 18, 2019 at 2:29 PM John Levine <> wrote:
> >>
> >>> So it would be helpful to know if you think the recommendations are in fact reasonable.
> >>
> >> I think they're reasonable but I would more clearly distinguish cases
> >> by where the protocol switch is, where I think these are the
> >> interesting ones:
> >>
> >> 1. Names handled totally unlike the DNS with nothing like an IP address (.onion)
> >>
> >> 2. Names handled through mutant DNS which can returns IP addresses (.local, .localhost, .homenet/
> >>
> >> 3. Names that have other problems such as conflicting prior use (.test, .example, .invalid, also .home, .belkin)
> >>
> >> For 1, we can reserve if if there's a compelling argument and evidence
> >> of clear use.  This leads to a catch 22 where the only way to get the
> >> evidence is to squat on it, but I don't see any way around it.  I
> >> particularly do not want to reserve names just because someone claims
> >> to have a great plan.  I think this probably includes Warren's great
> >> plan for .alt.
> >
> > .... hey, that's my cue!
> I have never been very excited about your ALT proposal. However, I don't think it will do any harm beyond thwarting any secret plans anybody might have to apply for a string in a future round of gTLD applications that is ALT or is confusingly similar to it.

Thank you.

> I do have my doubts as to whether reservation of ALT as proposed will actually help with the problem it ostensibly seeks to solve.

Yup, you might be right.

> People have always been able to anchor their non-DNS naming schemes to domain names they control in the DNS as a way to avoid collisions, and nobody has seemed to think that's a good idea. Is it more likely that someone would anchor their ARTICHOKE alternative naming scheme under ARTICHOKE.ALT than it was for them to use (say) ARTICHOKE.NZ or ARTICHOKE.GLOBAL or something?

Yes. Having ONION.NZ means that my privacy sensitive query flows to
the root, and then .NZ before being discarded, and then probably some
nameservers for ARTICHOKE.NZ. A number of the alternate resolution
systems are specifically designed around privacy, and this makes them

>Even within the IETF we struggled slightly to convince people to use HOME.ARPA instead of HOME, right?
> Q: has anybody ever indicated that they would use ALT to anchor a non-DNS but domain-like naming scheme?
> A: not so far as we know.

Actually, I had an off-linst discussion with Christian Grothoff who
said that if this had existed the GNUnet Gnu Naming System might have
used it. Because there wasn't something that they could use, they have
decided to just sit at the top (and so conflict with everything)
There was presented at DINRG @ IETF104 -

There was also some discussions with Jacob (or perhaps Alec) saying
that if this had existed when they started, they probably would have
used onion.alt instead of .onion.

Whether or not people would *actually* have used it is unknowable, but:
1: at least now they *do* have the option and
2: in the future we can point at this instead of just having to agree
that they didn't have an option other than squatting.

> However, I appreciate we can't tell whether it will solve any problem until we try it.

> I stand ready to eat some kind of at least passably-edible hat if called to do so five years from now.
> Joe

I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.