IETF Logo Mail Archive

Re: [DNSOP] DNS names for local networks - not only home residental networks ...

Warren Kumari <warren@kumari.net> Sun, 03 September 2017 00:30 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18764132D0C for <dnsop@ietfa.amsl.com>; Sat, 2 Sep 2017 17:30:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7mBDLStaLc_U for <dnsop@ietfa.amsl.com>; Sat, 2 Sep 2017 17:30:05 -0700 (PDT)
Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F31E132F6B for <dnsop@ietf.org>; Sat, 2 Sep 2017 17:30:05 -0700 (PDT)
Received: by mail-wm0-x22f.google.com with SMTP id i145so3564118wmf.1 for <dnsop@ietf.org>; Sat, 02 Sep 2017 17:30:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=RdbQReSwtjDiwSaYtPy4+l6BM9RFtjKtGVs6/tYUJac=; b=xxDvU0A0YGOEInwpXRZG7wYZw6eIRMw2eU3FzKuwrMCnD85F/2OpzbSo7Np75yr7DB c1eUvCOLKclxtY3XfBIuBRT1GMKr4ztT1puPdGspZeTbOs8Gu1o7kU7l5yfOAL5TQBkj DWBAGZsTsRlLaTdc3g350TYChUbKySPS6DfbVz7DzoXRVB5mGcDEmos7C18h2ctZDxYk ideEzZqtbvrQt1P0cy08CZcHzQeMgmNO3oiv6okgDJXZMlMu9v00Rf+UPA5+slZOvcPj aHIQkjIfVs15auG76CxVM1Ty6P3yX+xnPg1q3r7/BXrB0kAkfXXs3c7yafnMegZg4HDu dVCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=RdbQReSwtjDiwSaYtPy4+l6BM9RFtjKtGVs6/tYUJac=; b=ckrB89S70ibWiO7PuCfSNmv7hfNF1L8boAiJI21h3qeiHdezran3mP1dJ4vP1nHdqP yZ6T524gVCuG9exwAmDOL/KoWYIYj+T4y8f3Rar7CzFbjVfJE2iAOa79kAef2Rqur+MU V5UyBeIZvFn4gR/ezFa/49ryD9BGo7ykKN2Jj8G++VnyhRM0MGSfELmiYtWeabwGOwlz gvp+yR/Grmzpjw3faO7Zm+PiCUjBvwo41RueckRwjn1um5LPOPunaGto8xnxEs+9lTV0 +gusvrJu5/mFAnTuqDI109XP/n5HxKSROe0HZ3LMRV0UmqZ6Sxxdin65T68Tburzf7KZ nrSg==
X-Gm-Message-State: AHPjjUgSRjtPQxgKZ0jI62SKdyK7axMkxcU3FXl3aw6e9KK4uTAK6Zf/ m1fUZtdfs+lxesuN9D82BotZZxG6WN/VTJQooA==
X-Google-Smtp-Source: ADKCNb5SmKBTnY9hPjUI+kfc6QkV4QvbID5E3/vwhc4fZYfKTN1gICjZKdcd5VLw40LU5iaA7bCkuDJP+liEWGFg2uM=
X-Received: by 10.28.101.132 with SMTP id z126mr1421118wmb.133.1504398603438; Sat, 02 Sep 2017 17:30:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.164.135 with HTTP; Sat, 2 Sep 2017 17:29:22 -0700 (PDT)
In-Reply-To: <alpine.LRH.2.21.1709011612470.12556@bofh.nohats.ca>
References: <150428805872.6417.9525310755360551475@ietfa.amsl.com> <59A9B760.2060209@mathemainzel.info> <alpine.LRH.2.21.1709011556280.12556@bofh.nohats.ca> <59A9BD75.5010408@mathemainzel.info> <alpine.LRH.2.21.1709011612470.12556@bofh.nohats.ca>
From: Warren Kumari <warren@kumari.net>
Date: Sat, 02 Sep 2017 20:29:22 -0400
Message-ID: <CAHw9_iKKDFj4SJtpxV=egNB0D=jkBFnQ68N5kOgUBFieexvsTA@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: "Walter H." <Walter.H@mathemainzel.info>, "dnsop@ietf.org" <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/oRagp3bs5AcV2zBf8bt-2WSo17Y>
Subject: Re: [DNSOP] DNS names for local networks - not only home residental networks ...
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Sep 2017 00:30:07 -0000

On Fri, Sep 1, 2017 at 4:14 PM, Paul Wouters <paul@nohats.ca> wrote:
> On Fri, 1 Sep 2017, Walter H. wrote:
>
>>> If you are a company and you are using a hardcoded domain of "local",
>>> then you have been and still are, completely broken. The only fix is to
>>> rename your network.
>>
>> ACK and which non public domain name I can use for this
>>   that doesn't conflict now and will not conflict in the future?
>
>
> Something that's yours and not squatted. For example
> internal.mathemainzel.info.
>
> Please see the last three years of dnsops and homenet working group list
> archives.
>

... perhaps the other way of looking at the last thirty three years of
DNS is that people *do* actually want something like this, and that
perhaps it is time to actually create something specifically for it.
Our smacking people on the nose with rolled up newspapers and saying
"no, bad operator" ignores the fact that people still want this, and
still do this, and there ain't nothing we can do to stop them...

And so: https://tools.ietf.org/html/draft-wkumari-dnsop-internal-00

This asks for a Special Use Name, specifically for this sort of thing
(and, yes, for building test networks, and for labeling devices which
have no Internet connection, etc). The desire and need for something
like this has been identified / discussed for a long time - the most
recent was probably when we decided that .alt would only be for
non-DNS contexts, and that someone should go make something like this
for the DNS - think of it like RFC1918 for names.
 It will require an unsecured delegation, for which we currently have
no process, and this (if people think it is a good idea!) will require
process to be created -- which A: will take many many years, and B: if
at least somewhat unlikely to happen -- but, if we don't at least ask,
we certainly won't get it...

And yes, this is somewhat of a straw-man.
W


>
> Paul
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

v2.23.0 | Report a Bug | By Email