Re: [DNSOP] meta issue: WG to discuss DNS innovation (was Re: draft-hzhwm-start-tls-for-dns-00)

Patrik Fältström <paf@frobbit.se> Sun, 16 February 2014 16:39 UTC

Return-Path: <paf@frobbit.se>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C85341A002C for <dnsop@ietfa.amsl.com>; Sun, 16 Feb 2014 08:39:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.799
X-Spam-Level:
X-Spam-Status: No, score=-1.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, MIME_8BIT_HEADER=0.3, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8Y6UeEmAHUyo for <dnsop@ietfa.amsl.com>; Sun, 16 Feb 2014 08:39:41 -0800 (PST)
Received: from mail.frobbit.se (mail.frobbit.se [85.30.129.176]) by ietfa.amsl.com (Postfix) with ESMTP id C6F031A00F0 for <dnsop@ietf.org>; Sun, 16 Feb 2014 08:39:37 -0800 (PST)
Received: from ix-2.local (frobbit.cust.teleservice.net [85.30.128.225]) by mail.frobbit.se (Postfix) with ESMTPSA id 979701FF55; Sun, 16 Feb 2014 17:39:33 +0100 (CET)
Message-ID: <5300E9C5.9090702@frobbit.se>
Date: Sun, 16 Feb 2014 17:39:33 +0100
From: =?ISO-8859-1?Q?Patrik_F=E4ltstr=F6m?= <paf@frobbit.se>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <CAESS1RPh+UK+r=JzZ9nE_DUqcvNtZiS6TNt1CDN-C0uiU7HP=A@mail.gmail.com> <52FEF407.30405@redbarn.org> <20140215140133.GA6990@sources.org> <alpine.LFD.2.10.1402151449280.23619@bofh.nohats.ca> <D82F49E8-9A06-4F52-8E3E-DF5C8D0B7549@virtualized.org> <53006595.5010207@frobbit.se> <784CF51A-937B-4131-85BC-AED579FA746D@vpnc.org>
In-Reply-To: <784CF51A-937B-4131-85BC-AED579FA746D@vpnc.org>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="fs1tR17aUmxgV8HWN3p3JbgXEwrXQBTci"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/oQPq3j7AoAtjsIQ5oJoniECslqY
Cc: dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] meta issue: WG to discuss DNS innovation (was Re: draft-hzhwm-start-tls-for-dns-00)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Feb 2014 16:39:43 -0000

On 2014-02-16 16:52, Paul Hoffman wrote:
> On Feb 15, 2014, at 11:15 PM, Patrik Fältström <paf@frobbit.se> wrote:
> 
>> > On 2014-02-16 03:04, David Conrad wrote:
>>> >> Perhaps DNSOP actually is the DNS innovation WG (if perhaps only as a seeding ground)?
>> > 
>> > The largest problem for IETF and DNS innovation is that the consensus in
>> > IETF seems to be that innovation of DNS is not possible unless it
>> > involves reuse of the TXT resource record.
>
> Sorry, friend, but this is trolling. Or do you believe that DANE is not an innovation?

I think so, and I like DANE, I am all in favor of innovation, but I see
strong forces against DANE, inside IETF.

Yes, I am just starting to investigate and try to mitigate, but the
forces against are the ones I see too often:

- We can not use new RR Types, lets use A and TXT
- DNSSEC will never take off
- Lets just use HTTP for transport

My point is that to get innovation, we have to over and over and over
again address these issues.

Ok, I take Daves point that there is no consensus from a process
definition of consensus in the IETF, but the _feeling_ is that there is
consensus as there is no consensus that we CAN add new RR-Types etc.

Just look at the SPF discussion, or the cert-for-secure-xmpp which is
what I refer to regarding "we can not use DANE as DNSSEC is not deployed".

I see too many similarities between the two.

And as I wrote, I claim those views block innovation more than anything
else in IETF at the moment.

   Patrik