Re: [DNSOP] DNS names for local networks - not only home residental networks ...

Andrew Sullivan <ajs@anvilwalrusden.com> Sun, 03 September 2017 07:21 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1EFD12421A for <dnsop@ietfa.amsl.com>; Sun, 3 Sep 2017 00:21:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=XVWxXNOU; dkim=pass (1024-bit key) header.d=yitter.info header.b=JVB5En33
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bR_FzjWKOtjd for <dnsop@ietfa.amsl.com>; Sun, 3 Sep 2017 00:21:25 -0700 (PDT)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 647EF12ECEC for <dnsop@ietf.org>; Sun, 3 Sep 2017 00:21:25 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id C83E6BEA1E for <dnsop@ietf.org>; Sun, 3 Sep 2017 07:21:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1504423281; bh=cPlpG5/qI3dQXR4K8/2/eZCaLXHwNrysq2coi689nFw=; h=Date:From:To:Subject:References:In-Reply-To:From; b=XVWxXNOUdSmanGy0iFcytL5b28LSQALyX5t9v5YPDfgZ3d/k63V92fXnPdUHBN0WQ LDpEZQLPyoyav6YeaAD51oFkazaJ2528USYSYb2Zt0x026Q03U4tvO9t6QJZ40Ch6p CZkv7RAShhvvfqxaAOM4GZqR/BF0Qs/ke71mD62Q=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9VuO-fAfxL12 for <dnsop@ietf.org>; Sun, 3 Sep 2017 07:21:15 +0000 (UTC)
Date: Sun, 03 Sep 2017 03:21:19 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1504423275; bh=cPlpG5/qI3dQXR4K8/2/eZCaLXHwNrysq2coi689nFw=; h=Date:From:To:Subject:References:In-Reply-To:From; b=JVB5En33bgBuwf26GsldWqkmt4LGd5nuqduP0Q/kPwVrvlyJpV51j1lKa8vnHB4rh KSOp6JgNgQCScA5k12V69A53OtsOrP+W9I6ISz9iDj0lLe0d6j5TKB3+BNU1ctSO4Q /Vm7RgZ88tek6pEPNfjiyRtbNKKyvROocK2UGqtU=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnsop@ietf.org
Message-ID: <20170903072119.s2q43ejytoofdx3x@mx4.yitter.info>
References: <150428805872.6417.9525310755360551475@ietfa.amsl.com> <59A9B760.2060209@mathemainzel.info> <alpine.DEB.2.11.1709012044210.2676@grey.csi.cam.ac.uk> <59A9BCA2.6060008@mathemainzel.info>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <59A9BCA2.6060008@mathemainzel.info>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ezMv4v6FGOMDGjTgrMPSaPc4qVI>
Subject: Re: [DNSOP] DNS names for local networks - not only home residental networks ...
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Sep 2017 07:21:27 -0000

Hi,

On Fri, Sep 01, 2017 at 10:01:38PM +0200, Walter H. wrote:
> >   Internal networks should either use a subdomain of the
> > company's public domain, or register a second domain for internal use.
> > 
> such a registry where you can register domains for internal use doesn't
> exist ...
> not one registry is willing to give me a domain - even when I pay for this -
> which I only use in a LAN,
> and the authoritativ DNS servers would then just be  127.0.0.1 or ::1

I respectfully disagree.  You could register any domain you like today
and fence it off just as effectively as you might wish.  Please
provide an example where you cannot.

> there is a security reason why companies often use .local for this case ...,

Any company that uses .local for any security reasons is one that I
want as my competitor.  I'd love to know the names of such companies!

Best regards,

A
-- 
Andrew Sullivan
ajs@anvilwalrusden.com