Re: [DNSOP] More complete review of draft-grothoff-iesg-special-use-p2p-names-01

Stephane Bortzmeyer <bortzmeyer@nic.fr> Mon, 06 January 2014 08:53 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E0C91AE001 for <dnsop@ietfa.amsl.com>; Mon, 6 Jan 2014 00:53:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.088
X-Spam-Level:
X-Spam-Status: No, score=-2.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_FR=0.35, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uhMbbDkho4Kb for <dnsop@ietfa.amsl.com>; Mon, 6 Jan 2014 00:53:13 -0800 (PST)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) by ietfa.amsl.com (Postfix) with ESMTP id 9B6141ADEB7 for <dnsop@ietf.org>; Mon, 6 Jan 2014 00:53:13 -0800 (PST)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 1307E2803DD; Mon, 6 Jan 2014 09:53:05 +0100 (CET)
Received: from relay1.nic.fr (relay1.nic.fr [192.134.4.162]) by mx4.nic.fr (Postfix) with ESMTP id 0C4B42803C3; Mon, 6 Jan 2014 09:53:05 +0100 (CET)
Received: from bortzmeyer.nic.fr (batilda.nic.fr [IPv6:2001:67c:1348:8::7:113]) by relay1.nic.fr (Postfix) with ESMTP id 09A654C007C; Mon, 6 Jan 2014 09:52:35 +0100 (CET)
Date: Mon, 6 Jan 2014 09:52:35 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Joe Abley <jabley@hopcount.ca>
Message-ID: <20140106085234.GA29707@nic.fr>
References: <20131231000412.GV4291@mx1.yitter.info> <52C323CE.3090909@grothoff.org> <67A7E258-BE45-4A7E-8D00-D3FEB31762C1@hopcount.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <67A7E258-BE45-4A7E-8D00-D3FEB31762C1@hopcount.ca>
X-Operating-System: Debian GNU/Linux 7.3
X-Kernel: Linux 3.2.0-4-686-pae i686
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: Christian Grothoff <christian@grothoff.org>, IETF DNSOP WG <dnsop@ietf.org>, Andrew Sullivan <ajs@anvilwalrusden.com>, hellekin@gnu.org, wachs@net.in.tum.de, jacob@appelbaum.net
Subject: Re: [DNSOP] More complete review of draft-grothoff-iesg-special-use-p2p-names-01
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2014 08:53:15 -0000

On Tue, Dec 31, 2013 at 05:41:13PM -0500,
 Joe Abley <jabley@hopcount.ca> wrote 
 a message of 106 lines which said:

> The key question for me is, why do any of these uses necessarily
> require reservation of a TLD label, or something that looks like
> one?

"require" is a strong word. But there are many reasons why a TLD is
better:

* shortness and memorability, that you already mentioned in your message

* dependency. For systems that are intented to allow independance from
organisations like the US governement, using a domain name which is
under a TLD controlled by the US rules may be a problem. Let's assume
Tor people are ready to switch from .onion to .onion.eff.org. For
normal Tor requests (which stay outside of the DNS protocol), it is
not a problem. Now, for leaked requests, something that will certainly
happen, .onion.eff.org depends on two more actors, besides the root,
and that may be seen as contradictory with the political goal of Tor
services.

> (a) instruct all the resolver operators in the world to maintain configuration that special-cases a growing list of DNS names. or
> 
> (b) chose your naming scheme (again, think ONION.EFF.ORG) such that the NXDOMAINs, negative caching, sinkholing, whatever can be controlled by someone who cares about Tor (the EFF.ORG administrator) without requiring any special handling elsewhere.
> 
> Option (b) is much more friendly to the Internet.

But the ship already sailed: RFC 6761 choosed a)