Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-internal and DNAME
Kim Davies <kim.davies@icann.org> Sun, 12 November 2017 02:51 UTC
Return-Path: <kim.davies@icann.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08088124BFA for <dnsop@ietfa.amsl.com>; Sat, 11 Nov 2017 18:51:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level:
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6LR9q1DsbIq6 for <dnsop@ietfa.amsl.com>; Sat, 11 Nov 2017 18:51:08 -0800 (PST)
Received: from smtp01.icann.org (smtp01.icann.org [192.0.46.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5669127B52 for <dnsop@ietf.org>; Sat, 11 Nov 2017 18:51:07 -0800 (PST)
Received: from dhcp-9fc3.meeting.ietf.org (unknown [10.32.60.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp01.icann.org (Postfix) with ESMTPS id 22DCFE01A5; Sun, 12 Nov 2017 02:50:55 +0000 (UTC)
Date: Sun, 12 Nov 2017 10:50:51 +0800
From: Kim Davies <kim.davies@icann.org>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Cc: Matt Larson <matt@kahlerlarson.org>, dnsop@ietf.org
Message-ID: <20171112025047.GA69215@dhcp-9fc3.meeting.ietf.org>
References: <20171110121241.GA2621@laperouse.bortzmeyer.org> <0C063F76-BFBD-4E54-AFBE-51B00678020B@kahlerlarson.org> <20171110142818.GB4062@laperouse.bortzmeyer.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20171110142818.GB4062@laperouse.bortzmeyer.org>
User-Agent: Mutt/1.9.1 (2017-09-22)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/lGdwGFO58iJ_dYYM9UR87Er9F5c>
Subject: Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-internal and DNAME
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Nov 2017 02:51:09 -0000
Quoting Stephane Bortzmeyer on Friday November 10, 2017: > > > I'll note that from a technical/mechanical perspective, ICANN's and > > Verisign's root zone management systems already know how to deal > > with delegations. A DNAME in the root would require an unknown level > > of development by both parties. > > I've never read the source code of the root zone management system, > but it seems surprising that it could be a non-trivial level of > development. I assume this system is complicated because it is highly > sensitive, and because it needs to incorporate a lot of defenses > against both mistakes and attacks, but they should be more or less the > same for DNAME and NS/A/AAAA, no? ... > Wild guess (and I pay beers if I'm wrong): the technical work will > take much less time than the process one. I suspect that would be a distinction without a difference. Any process changes need to be mapped into technical changes to the systems, as the whole business process from beginning to end is processed in the systems. Allowing DNAME records in the root zone is adding a new concept into root zone management that hasn't been catered to before. Just one of the many things that would need to be looked at is how to transmit DNAME provisioning requests via EPP. I don't know if there is even an EPP mapping for this. We haven't studied what would be involved, but I feel confident in predicting the whole exercise would be non-trivial. kim
- [DNSOP] draft-wkumari-dnsop-internal and DNAME Stephane Bortzmeyer
- Re: [DNSOP] draft-wkumari-dnsop-internal and DNAME Matt Larson
- Re: [DNSOP] draft-wkumari-dnsop-internal and DNAME Stephane Bortzmeyer
- Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-interna… Kim Davies
- Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-interna… Joe Abley
- Re: [DNSOP] draft-wkumari-dnsop-internal and DNAME Stephane Bortzmeyer
- Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-interna… Joe Abley
- Re: [DNSOP] draft-wkumari-dnsop-internal and DNAME Stephane Bortzmeyer
- Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-interna… Petr Špaček
- Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-interna… Warren Kumari
- Re: [DNSOP] [Ext] Re: draft-wkumari-dnsop-interna… Brian Dickson