IETF Logo Mail Archive

Re: [DNSOP] Interim DNSOP WG meeting on Special Use Names: some reading material

Ted Lemon <Ted.Lemon@nominum.com> Sat, 09 May 2015 16:13 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FF721A0211 for <dnsop@ietfa.amsl.com>; Sat, 9 May 2015 09:13:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hzZYZUbftK7l for <dnsop@ietfa.amsl.com>; Sat, 9 May 2015 09:13:00 -0700 (PDT)
Received: from sjc1-mx02-inside.nominum.com (sjc1-mx02-inside.nominum.com [64.89.234.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B8421A01AA for <dnsop@ietf.org>; Sat, 9 May 2015 09:13:00 -0700 (PDT)
Received: from webmail.nominum.com (cas-04.win.nominum.com [64.89.235.67]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by sjc1-mx02-inside.nominum.com (Postfix) with ESMTPS id C0A43DA008E; Sat, 9 May 2015 16:12:59 +0000 (UTC)
Received: from [192.168.1.3] (67.184.177.30) by CAS-04.WIN.NOMINUM.COM (192.168.1.101) with Microsoft SMTP Server (TLS) id 14.3.224.2; Sat, 9 May 2015 09:12:54 -0700
References: <20150508193400.55273.qmail@ary.lan> <FF464258-0C33-45CC-A684-BAB7BCE8A8FB@gmail.com>
MIME-Version: 1.0 (1.0)
In-Reply-To: <FF464258-0C33-45CC-A684-BAB7BCE8A8FB@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID: <72906C68-B182-4865-BFCB-DEBFC1694298@nominum.com>
X-Mailer: iPad Mail (12F69)
From: Ted Lemon <Ted.Lemon@nominum.com>
Date: Sat, 09 May 2015 12:12:53 -0400
To: Suzanne Woolf <suzworldwide@gmail.com>
X-Originating-IP: [67.184.177.30]
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/h_Mz-XUrgZ-ts4mBELOEd_fOSjA>
Cc: "<dnsop@ietf.org>" <dnsop@ietf.org>, John Levine <johnl@taugh.com>, "<drc@virtualized.org>" <drc@virtualized.org>
Subject: Re: [DNSOP] Interim DNSOP WG meeting on Special Use Names: some reading material
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 May 2015 16:13:01 -0000

On May 8, 2015, at 7:10 PM, Suzanne Woolf <suzworldwide@gmail.com> wrote:
> 
> I share David’s reservations about this— how do we objectively and reproducibly distinguish “people are using these in private networks” from “people are generating arbitrary traffic to the roots for these”?

I think doing so would be a fool's errand. It probably could be done, but you asked some good questions which I think show that it's pointless to try. 

> Is there any concern for the IETF in a policy that says “If you start using an arbitrary name that isn’t currently in the root zone, you can just get the IETF to protect it for you”?

I think clearly we should not have such a policy. The point of special use names is to serve some purpose, not to put a bandaid on misuses.  I think there is some value in things like .corp, .home and .lan, which can be justified without resorting to data collection, and that is how we should approach it.

> Furthermore, given that ICANN has already said they won’t delegate these names in particular, how is it helpful for the IETF to also add them to the Special Use Names registry?

As you clearly intended to imply with your rhetorical question, there is no point in the IETF doing any such thing, to which I will add one slight caveat: unless there is some reason why writing up how these names are used would actually be useful and beneficial.   If it would be useful and beneficial, and someone wants to do it, then I think that should be allowed, and if consensus can be achieved, then we can add such names as are described in this document to the special names registry.   But absent such a document, we should not. 

I hasten to add that "consensus" ought not to mean "nobody is offended," but rather "there is a clear protocol-related use case for doing it, and nobody can raise a clear technical reason _not_ to do it."

v2.23.0 | Report a Bug | By Email