Re: [DNSOP] Last Call: <draft-ietf-dnsop-sutld-ps-05.txt> (Special-Use Domain Names Problem Statement) to Informational RFC

[Ted Lemon <mellon@fugue.com>]

On Jun 12, 2017, at 9:52 AM, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
> Biggest point: the IESG decided to freeze the RFC 6761 process
> <https://www.ietf.org/blog/2015/09/onion/> I regret this decision (RFC
> 6761 is still in force, it has not been deprecated or updated) and,
> unfortunately, registration of new Special-Use Domain Names is now
> impossible (pending an action on RFC 6761 that will probably never
> come). So, de facto, a regular process has been shut down, leaving the
> IETF without a possibility to register these domain names.

The point of publishing this document is to get a step closer to fixing this problem.

> Now, on the draft:
> 
> * Section 3 says "No formal coordination process exists between the
> IETF and ICANN" This is not true, there is a formal liaison
> <https://www.ietf.org/liaison/managers.html> and it is even mentioned
> laster, in section 4.1.4. This issue was mentioned during the WGLC
> <https://mailarchive.ietf.org/arch/msg/dnsop/OWt8DkBJ_JpIITF-R2YpwEhiwFs>

What is meant here is not that the IETF and ICANN don't communicate, but rather that the IETF doesn't have a formal process for saying to ICANN, specifically, "don't use this name."   It's all informal.   It is done through the liaison, it's true, but there's no set of instructions to follow which, having been followed, we can point to and say "we followed the process."

We could replace the first sentence as follows: "Although the IETF and ICANN do have a liaison relationship through which special-use allocations can be discussed, there exists no formal process for coordinating these allocations."

Would that work?

> * Section 3 says "Use of the registry is inconsistent -- some
> Special-Use Domain Name RFCs specify registry entries, some don't;
> some specify delegation, some don't." There is no inconsistency
> here. RFC 6761 says (in its section 5) that the reservation of a
> Special-Use Domain Name is free to choose the rules regarding
> resolution, as long as they are properly explained.

The point here is not that every name should be treated the same, but that every RFC that does a 6761 allocation should specify how/whether the name is delegated every 6761 allocation should be added to the special-use names registry.

How about the following change:

   o  Use of the registry is inconsistent -- some Special-Use Domain
      Name RFCs specifically add registry entries, some don't; some specify
      how and whether special-use name delegations should be done, 
      some don't.

> * Section 4.2.2 says "the fact of its unilateral use by The Tor
> Project without following the RFC 6761 process" The onion TLD was in
> use in Tor since 2004, nine years before the publication of RFC
> 6761. It is grossly unfair to reproach not following an unpublished
> RFC. It was mentioned a long time ago
> <https://mailarchive.ietf.org/arch/msg/dnsop/nr4ECaVw6PT09o2xdM3jrKllHBI>

This was not intended as a reproach, but I see why you read it that way.   How about this:

      The situation was somewhat forced, both by the fact of its
      unilateral use by The Tor Project before the RFC 6761
      process became available,

> * Section 4.2.3 says "But it shares the problem that such names cannot
> be assumed either to be unique or to be functional in all contexts for
> all Internet-connected hosts." Unfortunately, because of the wide use
> of censorship through lying DNS resolvers, this problem is now part of
> our daily life. It would be nice if a name had the same global
> signification, but it is no longer true.

Andrew McConachie brought up the same issue.   Unfortunately I think this is out of scope for this document, but several people have expressed interest in formally documenting this issue—I think Andrew Sullivan expressed a similar sentiment at the mic in Chicago.   You might want to discuss this with them and see if there's work to do.