IETF Logo Mail Archive

Re: [DNSOP] AS112 for TLDs

Mark Andrews <Mark_Andrews@isc.org> Fri, 04 April 2008 23:08 UTC

Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@lists.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BE6473A6996; Fri, 4 Apr 2008 16:08:00 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D85F43A6909 for <dnsop@core3.amsl.com>; Fri, 4 Apr 2008 16:07:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.404
X-Spam-Level:
X-Spam-Status: No, score=-2.404 tagged_above=-999 required=5 tests=[AWL=0.195, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MCh9cWc5o8la for <dnsop@core3.amsl.com>; Fri, 4 Apr 2008 16:07:59 -0700 (PDT)
Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) by core3.amsl.com (Postfix) with ESMTP id B5F733A68AA for <dnsop@ietf.org>; Fri, 4 Apr 2008 16:07:58 -0700 (PDT)
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.2/8.14.1) with ESMTP id m34N7svX071381; Sat, 5 Apr 2008 09:07:54 +1000 (EST) (envelope-from marka@drugs.dv.isc.org)
Message-Id: <200804042307.m34N7svX071381@drugs.dv.isc.org>
To: bmanning@vacation.karoshi.com
From: Mark Andrews <Mark_Andrews@isc.org>
In-reply-to: Your message of "Fri, 04 Apr 2008 15:56:38 -0000." <20080404155638.GA15372@vacation.karoshi.com.>
Date: Sat, 05 Apr 2008 10:07:54 +1100
Cc: dnsop@ietf.org, David Conrad <drc@virtualized.org>, Andrew Sullivan <ajs@commandprompt.com>
Subject: Re: [DNSOP] AS112 for TLDs
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org

> On Fri, Apr 04, 2008 at 07:37:31AM -0700, David Conrad wrote:
> > On Apr 4, 2008, at 7:02 AM, Andrew Sullivan wrote:
> > > On Fri, Apr 04, 2008 at 02:16:32PM +1100, Mark Andrews wrote:
> > >>> 	er, it (the bogus ttraffic) still reaches the root.
> > >>> 	just your copy of the root, not mine.
> > >> 	Yep.  This should be seen as a good thing.  The information
> > >> 	leakage to the root servers is enormous.
> > > This sounds to me like a cure that is quite possibly worse than the
> > > disease.
> > 
> > In what way?
> 
> 	Mark made the claim that a local copy of the root would stop the
> 	traffic, which is false. a local copy of the root simply diffuses
> 	the traffic.
> 
> 	the down sides to local copies of the root as seen from the 
> 	peanut gallery:
> 
> 	) coherence of the avowed single namespace.  There have been
> 	  a few threads over the past decade on "bit rot" in the root-hints
> 	  data.  Local copies of the root zone will have the same bit-rot
> 	  characteristics
> 	) the IANA sanctioning alternate roots/namespaces ... "let a 
> 	  thousand roots bloom..." 
> 	) just how is the poor application/end user supposed to know 
> 	  or discriminate some local, walled garden root varient from
> 	  the one true ICANN root varient?

	I said COPY.  I did not say "THEIR OWN ROOT".  A copy needs to
	be kept up to date or it ceases to be a copy.  It becomes a
	snapshot.

	zone "." {
		type slave;
		masters { <addresses of root servers>; };
	};

	Mark

> 	but you, no doubt, see a much clearer picture.  please convince
> 	me that my doubts are groundless... that bit-rot won't happen,

	It is possibFrom dnsop-bounces@ietf.org  Fri Apr  4 16:08:00 2008
Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@optimus.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id BE6473A6996;
	Fri,  4 Apr 2008 16:08:00 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id D85F43A6909
	for <dnsop@core3.amsl.com>; Fri,  4 Apr 2008 16:07:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.404
X-Spam-Level: 
X-Spam-Status: No, score=-2.404 tagged_above=-999 required=5 tests=[AWL=0.195, 
	BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id MCh9cWc5o8la for <dnsop@core3.amsl.com>;
	Fri,  4 Apr 2008 16:07:59 -0700 (PDT)
Received: from drugs.dv.isc.org (drugs.dv.isc.org
	[IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc])
	by core3.amsl.com (Postfix) with ESMTP id B5F733A68AA
	for <dnsop@ietf.org>; Fri,  4 Apr 2008 16:07:58 -0700 (PDT)
Received: from drugs.dv.isc.org (localhost [127.0.0.1])
	by drugs.dv.isc.org (8.14.2/8.14.1) with ESMTP id m34N7svX071381;
	Sat, 5 Apr 2008 09:07:54 +1000 (EST)
	(envelope-from marka@drugs.dv.isc.org)
Message-Id: <200804042307.m34N7svX071381@drugs.dv.isc.org>
To: bmanning@vacation.karoshi.com
From: Mark Andrews <Mark_Andrews@isc.org>
In-reply-to: Your message of "Fri, 04 Apr 2008 15:56:38 -0000."
	<20080404155638.GA15372@vacation.karoshi.com.> 
Date: Sat, 05 Apr 2008 10:07:54 +1100
Cc: dnsop@ietf.org, David Conrad <drc@virtualized.org>,
	Andrew Sullivan <ajs@commandprompt.com>
Subject: Re: [DNSOP] AS112 for TLDs
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
	<mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
	<mailto:dnsop-request@ietf.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org


> On Fri, Apr 04, 2008 at 07:37:31AM -0700, David Conrad wrote:
> > On Apr 4, 2008, at 7:02 AM, Andrew Sullivan wrote:
> > > On Fri, Apr 04, 2008 at 02:16:32PM +1100, Mark Andrews wrote:
> > >>> 	er, it (the bogus ttraffic) still reaches the root.
> > >>> 	just your copy of the root, not mine.
> > >> 	Yep.  This should be seen as a good thing.  The information
> > >> 	leakage to the root servers is enormous.
> > > This sounds to me like a cure that is quite possibly worse than the
> > > disease.
> > 
> > In what way?
> 
> 	Mark made the claim that a local copy of the root would stop the
> 	traffic, which is false. a local copy of the root simply diffuses
> 	the traffic.
> 
> 	the down sides to local copies of the root as seen from the 
> 	peanut gallery:
> 
> 	) coherence of the avowed single namespace.  There have been
> 	  a few threads over the past decade on "bit rot" in the root-hints
> 	  data.  Local copies of the root zone will have the same bit-rot
> 	  characteristics
> 	) the IANA sanctioning alternate roots/namespaces ... "let a 
> 	  thousand roots bloom..." 
> 	) just how is the poor application/end user supposed to know 
> 	  or discriminate some local, walled garden root varient from
> 	  the one true ICANN root varient?

	I said COPY.  I did not say "THEIR OWN ROOT".  A copy needs to
	be kept up to date or it ceases to be a copy.  It becomes a
	snapshot.

	zone "." {
		type slave;
		masters { <addresses of root servers>; };
	};

	Mark

> 	but you, no doubt, see a much clearer picture.  please convince
> 	me that my doubts are groundless... that bit-rot won't happen,

	It is possle to check the masters similarly to the way
	we check the roots servers today.

> 	that the avowed single namespace will remain intact,

	It will if you keep the copy up to date.

>	 and that
> 	there will be trival ways for end users to discover the root of
> 	the namespace they are using...

	dig NS .

>       if the recommendation to run your own copy of the root is approved.

	Note the zone will expire if you don't keep the masters up
	to date unlike failures to keep the root hints up to date.

	Mark

> --bill
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop


ible to check the masters similarly to the way
	we check the roots servers today.

> 	that the avowed single namespace will remain intact,

	It will if you keep the copy up to date.

>	 and that
> 	there will be trival ways for end users to discover the root of
> 	the namespace they are using...

	dig NS .

>       if the recommendation to run your own copy of the root is approved.

	Note the zone will expire if you don't keep the masters up
	to date unlike failures to keep the root hints up to date.

	Mark

> --bill
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email