IETF Logo Mail Archive

Re: [DNSOP] draft-wkumari-dnsop-alt-tld-04

Edward Lewis <edward.lewis@icann.org> Fri, 13 February 2015 15:04 UTC

Return-Path: <edward.lewis@icann.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FD061A86F5 for <dnsop@ietfa.amsl.com>; Fri, 13 Feb 2015 07:04:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.506
X-Spam-Level:
X-Spam-Status: No, score=-3.506 tagged_above=-999 required=5 tests=[BAYES_50=0.8, GB_I_LETTER=-2, HTML_MESSAGE=0.001, LOTS_OF_MONEY=0.001, MIME_BASE64_BLANKS=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q1IPsLUNKHfl for <dnsop@ietfa.amsl.com>; Fri, 13 Feb 2015 07:04:06 -0800 (PST)
Received: from out.west.pexch112.icann.org (pfe112-ca-1.pexch112.icann.org [64.78.40.7]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 757F71A1AA0 for <dnsop@ietf.org>; Fri, 13 Feb 2015 07:03:52 -0800 (PST)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.847.32; Fri, 13 Feb 2015 07:03:50 -0800
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.0847.030; Fri, 13 Feb 2015 07:03:50 -0800
From: Edward Lewis <edward.lewis@icann.org>
To: dnsop WG <dnsop@ietf.org>
Thread-Topic: [DNSOP] draft-wkumari-dnsop-alt-tld-04
Thread-Index: AQHQRo5WXFi8L1d3sEWKfcAJUd5g9pztF8yAgAE8zACAAEUNgIAASBGA
Date: Fri, 13 Feb 2015 15:03:49 +0000
Message-ID: <D1037672.8EE0%edward.lewis@icann.org>
References: <20150212063638.GD6950@mx1.yitter.info> <CAKr6gn302PSFdqVwH2m=drEZ02_kw+3ioQ4Wz++LnVyK6Z_PDA@mail.gmail.com> <6899C83F-BC3E-493D-ABC8-121B1BA72785@virtualized.org> <54DD8F8F.7030506@redbarn.org>
In-Reply-To: <54DD8F8F.7030506@redbarn.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.7.141117
x-originating-ip: [192.0.47.235]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="B_3506666627_8956763"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/hBdDw0U2RDQF27PmdqTpWsxXnDc>
Subject: Re: [DNSOP] draft-wkumari-dnsop-alt-tld-04
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Feb 2015 15:04:12 -0000

What Paul mentions below raises the specter of name collisions - the
activation of a name resulting in undermining a errant system which, until
the activation, wasn’t all that bothered by the name being inactive.  Search
lists have been one root cause suggested and sometimes even observed as
contributing to this problem.

The issue here is that there are strings that humans use for identification
and there is the DNS.  There’s an overlap when DNS names are transliterated
into printable format - what I mean is that “example.com.” isn’t what the
DNS passes over port 53, it passes
“0x07’e’’x’’a’’m’’p’’l’’e’0x03’c’’o’’m’0x00”.   But we read and write that
as example.com.

There’s a barbershop near the ICANN offices (ironically enough) that has
this on their store front: minibar.ber.shop.  That’s not a domain name, it
is the name of a store.  They did also have “www.minibarbershop.com” on the
banner announcing they’d open in June 2014.  (They advertise beer and
haircuts - I just hope the person with sharp objects isn’t drinking as they
snip.  And I’m not sure how you drink beer and keep your head still.  But I
digress.)

I see the problem as creating a way to use dotted names (that look like
transliterated domain names) that will never resolve in the DNS.  (I think
that’s pretty obvious.)  To do this, what’s needed is a space in the DNS
that will just not be used.  Here “ALT” is proposed.

I am supposed to be working on (as in, I’d be doing it now if I weren’t
responding to email) a draft to propose that the strings corresponding to
the ISO 3166("mumble-mumble" as Warren says) two letter codes for counties
and regions what are categorized as “user assigned” be set aside as TLDs
that won’t ever happen.  (For example - “xx”)  I’m just throwing this out
here as an idea - please respond privately to me until I can get a coherent
draft together on this.  (In the mean time, Wikipedia has a short
description of these codes at
http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#User-assigned_code_elements.
)

What’s promising about reserving the user assigned two-letter codes is that
there is already a $policy (perhaps it’s folklore) that when it comes to the
two letter codes, IANA heeds the advice of the ISO 3166 documents.  Except
for dotUK (and that is noted in Wikipedia’s article).

(An aside, if anyone knows of a formal statement of such a policy, I’d
appreciate it if you can send that to me privately for the draft.  I’ve
heard it said many times over the years, but I don’t know that it was ever
formalized.  Perhaps in some old RFC…)

The only way for all this is to build a convention, because there’s no
protocol solution, for classifying dotted string formatted identifiers as
DNS transliterations or, well, something else.  The only way for the DNS to
not be part of the problem is to burn in the convention so that it doesn’t
undermine errant applications - and by errant here I mean applications using
a legitimate identifier space assuming that it’s part of the DNS space.

On 2/13/15, 0:45, "Paul Vixie" <paul@redbarn.org> wrote:

> 
> 
>> David Conrad <mailto:drc@virtualized.org>
>> Thursday, February 12, 2015 5:38 PM
>> George,
>> 
>>> The politics response is really simple: "this idea is doomed." -I wish I
>>> felt otherwise, but I think given the context of the debate over ICANN, who
>>> 'owns' names, $180,000 application fees, IAB directions to IANA, NTIA role,
>>> this is mired.  I don't want to be a prophet of doom, but this is my honest
>>> perspecive.
>> 
>> As with most "really simple" answers, the reality is a bit more complicated.
>> My impression of this draft is that it creates a space that would avoid some
>> of the risks associated with RFC 6761. Politically, I suspect this is
>> desirable, even to all the parties you mention. As for the fee, ICANN already
>> defers to the IETF in protocol-related matters, so I don't see why a new gTLD
>> fee would be applicable.  With my ICANN hat on, I'll look into this and
>> report what I hear back.
> 
> can we sit back and ponder what it will mean if .ALT becomes an implicit extra
> search list for many end users, and then xyzzy.alt is created, and later,
> .xyzzy is created. i expect this eventuality to spur considerable interest
> from icann, perhaps coming in the form of "since we can't control what the
> ietf does with implicit search list behaviour, we're skittish about allowing
> something like .ALT to come into existence that would, when combined with
> implicit search lists, lead to complete and utter chaos."
> 
> this is not in other words simply a protocol-related matter.
> 
> -- 
> Paul Vixie

v2.23.0 | Report a Bug | By Email