Re: [DNSOP] .arpa

Paul Wouters <paul@nohats.ca> Thu, 23 March 2017 18:03 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBC3E128B37 for <dnsop@ietfa.amsl.com>; Thu, 23 Mar 2017 11:03:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4HyqFf97rKby for <dnsop@ietfa.amsl.com>; Thu, 23 Mar 2017 11:03:43 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 226EC129B1B for <dnsop@ietf.org>; Thu, 23 Mar 2017 11:03:43 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3vpvYm6Mqwz1Kk; Thu, 23 Mar 2017 19:03:40 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1490292220; bh=vIY7WDTdAVZRDRGIeOBRSOl3adW+qaGisDbXdHk+7tI=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=khS8NbVvGqWZtqki5y3rx2fmpGOy+gisQsnfSEJGkZEjEAEugAhfkZ3gTulrL3yPn ODGQX8dTFvEi6VzujIQ/Un7+rqRznOTxUJ8VLv9JJ9L7RU4JIvrz6DwFUQvD0hOFH4 mNf2CcMlRXoTblQgyMw61YiyhC9dTD7muhGv/pYg=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id RaG3P0VbrK8K; Thu, 23 Mar 2017 19:03:39 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Thu, 23 Mar 2017 19:03:39 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 3D1944CA350; Thu, 23 Mar 2017 14:03:38 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 3D1944CA350
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 223C5421C500; Thu, 23 Mar 2017 14:03:38 -0400 (EDT)
Date: Thu, 23 Mar 2017 14:03:37 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Suzanne Woolf <suzworldwide@gmail.com>
cc: dnsop <dnsop@ietf.org>
In-Reply-To: <850A8729-8762-4375-90EF-50CDF4AC232E@gmail.com>
Message-ID: <alpine.LRH.2.20.999.1703231351490.2262@bofh.nohats.ca>
References: <20170323042741.79108.qmail@ary.lan> <2C6B4EB6-D0F0-44A8-95E4-68DF32244639@fugue.com> <20170323163205.GD19105@mx4.yitter.info> <500af1ed-5425-4452-ad8e-c2d511ee738d@bellis.me.uk> <850A8729-8762-4375-90EF-50CDF4AC232E@gmail.com>
User-Agent: Alpine 2.20.999 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/jzgTCosExJyg0qZKRy7qhxoaNL4>
Subject: Re: [DNSOP] .arpa
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Mar 2017 18:03:46 -0000

On Thu, 23 Mar 2017, Suzanne Woolf wrote:

> 1. The protocol is sufficiently functional for deployment without working capability for DNSSEC validation.

No, what was said was there wasn't very much dnssec validating stubs out
there to cause visible problems at this moment.

> 2. Having a single-label name is more important for the functioning of the protocol than having DNSSEC validation work.

The phrase "more important" is pretty meaningless. And as was indicated,
it is all based on the levels of DNSSEC deployment on stubs, which could
change dramatically if one phone vender would suddently enable
validation or default to DNS-over-TLS to 8.8.8.8.

I would also want to add that dnsop (including myself!) pretty much
failed the homenet WG. We were asked to review docs before RFC-7788
got published in April 2016. Then we raised the alarm about .home
and I remember .homenet being a very early alternative, maybe even
suggested by dnsops. And now a year later dnsops is back to telling
homenet they cannot use this string either. I don't think they deserve
another one or two years waiting time to talk about homenet.arpa or
homenet.ietf.

I would again like to suggest that Special Use Names is moved to be
discussed outside dnsops.

Paul