Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02

Andrew Sullivan <ajs@anvilwalrusden.com> Thu, 01 February 2018 17:00 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A5E112EB61 for <dnsop@ietfa.amsl.com>; Thu, 1 Feb 2018 09:00:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=BZfVSDrW; dkim=pass (1024-bit key) header.d=yitter.info header.b=B8cbJ1o8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7C74CJGQBpWD for <dnsop@ietfa.amsl.com>; Thu, 1 Feb 2018 09:00:52 -0800 (PST)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30EFE13169C for <dnsop@ietf.org>; Thu, 1 Feb 2018 09:00:27 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id 4E268BE072 for <dnsop@ietf.org>; Thu, 1 Feb 2018 17:00:26 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1517504426; bh=28nv9l5ktop9nzb4OC13ZUXl1Asclt3iG76Br10AeTk=; h=Date:From:To:Subject:References:In-Reply-To:From; b=BZfVSDrWcGEKXqULVF6nWXeGiE/npOgjZLpfmkUAZYsclqaXuJWo1Fi+ORimve2tu 8E40QQ6bzKC/PB7gENtcU9EDnTQpiQTr3JelN4fjYPMKIO+H76qqCnk3mNw7TWMeN4 L7Azl1h/QXS7fIE8Gt9IxDsiElDJrfBVqC/TeD84=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JiYaTZC8aVr0 for <dnsop@ietf.org>; Thu, 1 Feb 2018 17:00:21 +0000 (UTC)
Date: Thu, 1 Feb 2018 12:00:19 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1517504421; bh=28nv9l5ktop9nzb4OC13ZUXl1Asclt3iG76Br10AeTk=; h=Date:From:To:Subject:References:In-Reply-To:From; b=B8cbJ1o8K+TAXGom4T6DTDPFCT3wpQCFbc35cvzQ38EQJC2rvab2ZBqM9WxUQHU1U OEVxPR1RLEci1dx+jIXLpFTgNzYOT9s5omFgjYngw0Ia13AaphSOeaNQkqFJWqHtOr gL5wRrd/vf+FMbMMJiIxWWBRiNNatyBeaL/R92Dc=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnsop@ietf.org
Message-ID: <20180201170019.GC26453@mx4.yitter.info>
References: <9DCE2F63-EE37-4865-B9D6-6B79BBE05593@gmail.com> <20180129155112.GC16545@mx4.yitter.info> <5A6F5CF1.4080706@redbarn.org> <CA+nkc8D7tne5SxGOUhvJqstmDa=1=RmvcHQte1byAab5dUd5sQ@mail.gmail.com> <AE634FC4-0EAF-4F54-8860-61E41284F873@fugue.com> <20180130185919.GJ19193@mx4.yitter.info> <3b57a486-df8e-ca57-ab89-c167cea0dcc9@bellis.me.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3b57a486-df8e-ca57-ab89-c167cea0dcc9@bellis.me.uk>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/lSjJ1bvSGBu_6lyHzbM9LqnOZ3Q>
Subject: Re: [DNSOP] WGLC for draft-ietf-dnsop-let-localhost-be-localhost-02
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Feb 2018 17:00:54 -0000

On Wed, Jan 31, 2018 at 10:04:03AM +0000, Ray Bellis wrote:
> 
> Won't that cause the resolver to cycle through every root server letter
> hoping for one that doesn't give that answer?

It might, yes.  But that's a poor reason to give an authoritative
answer that a name which does exist instead does not.  Such resolvers
are broken under 6761 anyway, and shouldn't be making such a request.
But lying about the answer is not in keeping with 6761.  There remains
some controversy about what the right answer would be, given some
interpretations of REFUSED.

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com