IETF Logo Mail Archive

Re: [DNSOP] Questions on draft-ietf-dnsop-private-use-tld-01.txt

Joe Abley <jabley@hopcount.ca> Wed, 28 April 2021 11:24 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A1343A25D7 for <dnsop@ietfa.amsl.com>; Wed, 28 Apr 2021 04:24:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hopcount.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-op94GEHyff for <dnsop@ietfa.amsl.com>; Wed, 28 Apr 2021 04:24:16 -0700 (PDT)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92DB13A25D4 for <dnsop@ietf.org>; Wed, 28 Apr 2021 04:24:16 -0700 (PDT)
Received: by mail-qt1-x832.google.com with SMTP id o21so18253811qtp.7 for <dnsop@ietf.org>; Wed, 28 Apr 2021 04:24:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=gU4dqpAM6fSIAADX5tAz3Z0izOb8hepDXgoEDJKfjYE=; b=F7sl5eGBdBiWJpvD785a2t2GDYWAw/XnbrJSwhiw1hiphHy5VbsyjmrJzI2iiCOeyZ uPlFqyCyiT8aHEHsd+vNhgfL8F5F1eOHcAmeZN69Zjl+Hll57ZBqXK8Ca6eQareBznXb c2nWsxSCoi8BUd7CuVQLAtkEK3WFAiDRKRweM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=gU4dqpAM6fSIAADX5tAz3Z0izOb8hepDXgoEDJKfjYE=; b=Vud+9zvQmU9vBAdQiyG9i9Q4/WJTBypCmOwtS7DKyO1VR3Z16wpj9HI7cTY4xS4Qmt NsYoT1By3Z6PODEzCg2yvNYM9ytGiWJ1k4sheQ1jW1cIVOVuwiNDgEfUbWSUDYBDwMZ1 NDZ4yI1dKRx3bOFFGglP6rmlqfApymPd3wkg+3sY+pS+6DZnXoHGH4sWgqTuK9I9+ONW VR9pEGoQf7qBl6ZIPUcGmLQC4+lF4TeaEext5qwegkZh2zrCHbHI8JI8qf4nTcXOO3WG GqkYsVp1qXqw0VJWGb3pfCT8nT/wIKTZRvMRO3adljGEzg0xgoOnJX6XWTBzxGRHN2NJ 0zgA==
X-Gm-Message-State: AOAM5325aOuPl2VzTJJ4/zSiwHwtkdNDUQ6saVcoTU/yjdK7OG8aBlWs +nFh/ucQWNnkbSn0Q+Sk4LLKVw==
X-Google-Smtp-Source: ABdhPJyXtwTJdKJmmlQm/Ot5V1FgxXsT9vgSO4SksuRxT3+sO4/3HL0/myEBzaS7XQ5Pkv75YlaOuQ==
X-Received: by 2002:a05:622a:507:: with SMTP id l7mr27195231qtx.362.1619609054922; Wed, 28 Apr 2021 04:24:14 -0700 (PDT)
Received: from [192.168.1.149] (23-233-20-74.cpe.pppoe.ca. [23.233.20.74]) by smtp.gmail.com with ESMTPSA id w81sm4804313qkb.1.2021.04.28.04.24.13 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 28 Apr 2021 04:24:13 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
From: Joe Abley <jabley@hopcount.ca>
In-Reply-To: <CAF4+nEFxggFvT-x7L-iqYxT0MTA5ODrR8BLx35VvQdzsmHt89A@mail.gmail.com>
Date: Wed, 28 Apr 2021 07:24:11 -0400
Cc: Paul Hoffman <paul.hoffman@icann.org>, DNSOP Working Group <dnsop@ietf.org>, Andrew McConachie <andrew@depht.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <6EAD88B5-E6E1-4709-BB33-10EDF4B1A3D2@hopcount.ca>
References: <161805873252.19178.11471347094062424385@ietfa.amsl.com> <88395F35-AF22-489C-B9D6-2FFE4EB1A767@depht.com> <5F3F8198-23EA-4BA9-A07E-EF7AB035CE72@icann.org> <CAF4+nEFxggFvT-x7L-iqYxT0MTA5ODrR8BLx35VvQdzsmHt89A@mail.gmail.com>
To: Donald Eastlake <d3e3e3@gmail.com>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/mTvb_65rFg9Ecn04nnMPHuBkqxU>
Subject: Re: [DNSOP] Questions on draft-ietf-dnsop-private-use-tld-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Apr 2021 11:24:21 -0000

Hi Donald,

On 27 Apr 2021, at 22:34, Donald Eastlake <d3e3e3@gmail.com> wrote:

> I am not comfortable with grabbing all the permanently unassigned 2-letter country codes for DNS private use.
> 
> Note: I was the primary author of RFC 2606 and have been involved in this sort of thing before. See
> https://datatracker.ietf.org/doc/draft-eastlake-2606bis/
> https://datatracker.ietf.org/doc/draft-ellermann-idnabis-test-tlds/
> https://datatracker.ietf.org/doc/draft-ietf-dnsind-local-names/
> 
> At one early point I considered the addition of a number of additional TLDs for testing purposes to the draft that became RFC 2606 including, as I recall, one that was 63 octets long and a number 2-letter codes taken from the permanently unassigned 2-letter ISO country codes. John Postel rejected such efforts and in particular, if I recall correctly, indicated that as IANA (at the time when essentially all registries were Expert Review and John was the universal expert) he would reject any effort to assign any DNS use to any ISO 2-letter code, other than as a national country code, unless a liaison was received from ISO explicitly permitting such use regardless of public statements by ISO that ISO would not assign a use to such any or all such code in the future. That may have been an earlier era but I think John Postel's position should still have some weight. And I would note that more recently, the IESG has wanted a liaison to be crystal clear about permissions from other standards development organizations for anything that is at all questionable.

Thank you for that. I think that's helpful.

There is much that is anecdotal and surprisingly informal in the way that decisions around top-level domains are made, and it is not surprising to me that this topic is difficult to address as an engineering problem.

The current co-editors of this draft are not in tight agreement about the correct path forward. One of us, in fact, (not me) is waiting for public, crystal clarity from ISO about their future plans, for example. We have asked the working group in past meetings what their preference is, but I don't think we asked clearly, one of the presenters had connectivity issues during the working group slot, etc. The document is not currently clear on its approach and it is unsurprising that people are expressing a variety of discomfort.

Personally, I favour the approach that if the IETF has anything useful to say it should minimise the scope of its pronouncements with the goal of balancing useful engineering with the avoidance of politics. My suggestion was that there is a logical argument here that doesn't involve assignment ("grabbing") but is still useful. Here it is:

1. Certain ISO-3166-2 codepoints are designated as being for private use by ISO and will not be assigned for use by countries, economies, etc;

2. Those ISO-3166-2 codepoints continue to be used for correspondingly-private applications in a variety of applications that have nothing to do with the DNS, so the designation from (1) is recognised and widely used;

3. ICANN does not assign two-character labels as TLDs except by reference to ISO-3166-2;

4. Use of ISO-3166-2 private-use codepoints will not clash with any TLD assigned for use in the public DNS.

[So far all we have done is made reference to other organisations' policies and observations about how those policies are used. We have not assigned or recommended anything.]

5. Since the policies referred to by (1) and (3) have existed for some time in the past, it is possible that people have used these codepoints as private-use TLDs, and (perhaps more importantly) we cannot know that they have not been used in this way;

[This argument makes no assumptions about ICANN or ISO policy in the future; it simply observes that certain policies have existed in the past.]

6. Collisions between private-use namespaces and the public DNS namespace are harmful;

7. The IETF restricts future use of these code-points in protocols in order to avoid the possibility of collisions: the public DNS namespace should not include these code-points.

This argument, I think, opens the door for the IETF to say something useful but does not need to predict future policy decisions by other organisations or impinge on any other organisation's policy agenda: the IETF retires code-points all the time because they have been burnt in the wild, and this is just another example.

I think even without declaring these code-points to be assigned for private use in the DNS, such a document would be sufficient to document their use for that purpose and to be explicit that such use will continue to be possible and safe from collisions with the public DNS namespace.

As I mentioned earlier, this is just my opinion of how to proceed. The current draft contains a mixture of various approaches and the result, I think, is unsatisfying. I am very prepared to be wrong here, however, and I am trying hard to express myself without pushing any particular agenda :-)


Joe

v2.23.0 | Report a Bug | By Email