Re: [DNSOP] Status of "let localhost be localhost"?

George Michaelson <ggm@algebras.org> Wed, 02 August 2017 22:55 UTC

Return-Path: <ggm@algebras.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1A181321A0 for <dnsop@ietfa.amsl.com>; Wed, 2 Aug 2017 15:55:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=algebras-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ICnJj3eKUvas for <dnsop@ietfa.amsl.com>; Wed, 2 Aug 2017 15:55:43 -0700 (PDT)
Received: from mail-ua0-x235.google.com (mail-ua0-x235.google.com [IPv6:2607:f8b0:400c:c08::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5D0513219B for <dnsop@ietf.org>; Wed, 2 Aug 2017 15:55:42 -0700 (PDT)
Received: by mail-ua0-x235.google.com with SMTP id w45so27135751uac.5 for <dnsop@ietf.org>; Wed, 02 Aug 2017 15:55:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=O99IbdsfEyJ6msZFtDhaO2VC+Sp3BLYpCzdDwWgSl+U=; b=YKMOjvKlT4xTqianBiUe7igMdHz9WpQ5n34GGq6SGUhXGKOl+nPgFSi6hOEzqxJQXC j4JHtqTeZzpQgUdqmbnvpBy1vq1yr7chVfewJkiScpo4wTZpCA1heLklXC/5Kg1el7uI ip3UZLBwCdYt9jUTZVeqhwd177rfkkZvbM7j2V961ECjKIqGi8Sg1D0DWgERrw9Z5YB6 XAl1kYRpjFlQTWnCfkUeak6YJ10GRAuV3HyRSwEuNGH6lArcWzsZ/2p0PkEYLdeHnD/T cGv6x/wKGPK6HVI1WOnfwuXspaZJgnD0wgHGzFpnCK4uQVDTxW4vI8qYQnUGxkYiZKSC MWfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=O99IbdsfEyJ6msZFtDhaO2VC+Sp3BLYpCzdDwWgSl+U=; b=Vhg+MMmX22dl2XqeMaIm1R5aZXhT/krxFNI0BVBUVZBijGicPjYTf2lHrfLLEH9MHG bdIeKBeq24GsMD8ML/zvad4nHiXJOrXl/oaeGp4cNcW0quBEXJfMplflxYU+L3npljqT JkDSq07W5qulhDMC6PwVf68BUqifWo+MMZePmvr1FOVaZg7FeIAnP6lWHZlOPNoZrqKF hHVj1heU02ktrZq8lbnmPEZBpqrQYt9F3CdUFPGIxRR5yiSzZhzIzKtky4kDhO2DRl1M tcAQP8OOb5kTQsuT5ex1Vqj0mo5JXcHzvzJBkAg6svTPno/2a7gAwlSkJYqY9e5Dq57h W4xw==
X-Gm-Message-State: AIVw110BcMkL3PNK9OTyPEIlx5eiUJ05XMT9SQZ1/BypIBtjrwIsxaaL kcqlJwKw//0gz1ni6vPFxIUrFt6lmiU96Nw=
X-Received: by 10.176.94.100 with SMTP id a36mr18078136uah.85.1501714541658; Wed, 02 Aug 2017 15:55:41 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.146.194 with HTTP; Wed, 2 Aug 2017 15:55:41 -0700 (PDT)
X-Originating-IP: [2001:dc0:2001:210:19b4:4f3:c347:76ab]
In-Reply-To: <2ef550a8-3e55-7fa0-9e00-fdf07093b25e@eff.org>
References: <05e469cf-1325-89fc-4a81-661f8647e869@eff.org> <CAKXHy=ctB=LZkX9j=8-Jy0NkTAs2tAesa4gmFhfp94O5=9U4TA@mail.gmail.com> <1dbb47a4-c6e2-97d2-a1d7-ce6c65a4042a@eff.org> <20170802012345.2CE2680BCC5E@rock.dv.isc.org> <121adcc6-55c5-4f90-2797-999f3f1f1ef8@eff.org> <CAAiTEH9=RNDrUmSOs8Rg2Ea4+as9pg=j5jnU6Y=nc8A4Z1aPog@mail.gmail.com> <2ef550a8-3e55-7fa0-9e00-fdf07093b25e@eff.org>
From: George Michaelson <ggm@algebras.org>
Date: Thu, 3 Aug 2017 08:55:41 +1000
Message-ID: <CAKr6gn39DP1CgfnL+idV+XFNEpz_Zyv869ouy34sMs7Yc6LevQ@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/hMvRvB8ArKtvMS8hjoZ6GBLzpfQ>
Subject: Re: [DNSOP] Status of "let localhost be localhost"?
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Aug 2017 22:55:44 -0000

A possibly stupid random thought: is there a strong barrier in *all*
kernels which enforces 127.0.0.0/8 and ::1 to actually *have* to be
local?

The 240/4 problem is 5-6 lines of code in *some* UNIX. It wasn't in
any sense globally applied.

I suspect localhost is somewhat more strongly coded, but I did wonder
because Ted's suggestion that use of the literal IP address in either
family would the stronger 'keep it local' made me think: what if
somebody hand installed a route which somehow took it off-box?

I think proscriptive/definitive language over the FQDN/label localhost
in DNSSEC is probably still a good thing.  IETF is defining behaviours
for home.arpa in HOMENET which logistically fall into a very similar
bucket (for me at least) so its not like we can't chose to say what
behaviours we expect of a label.

-G