IETF Logo Mail Archive

Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"

james woodyatt <jhw@google.com> Thu, 15 December 2016 20:10 UTC

Return-Path: <jhw@google.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17F4B129B6F for <dnsop@ietfa.amsl.com>; Thu, 15 Dec 2016 12:10:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.896
X-Spam-Level:
X-Spam-Status: No, score=-4.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-2.896, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JC-7ggILxWAr for <dnsop@ietfa.amsl.com>; Thu, 15 Dec 2016 12:10:11 -0800 (PST)
Received: from mail-pg0-x230.google.com (mail-pg0-x230.google.com [IPv6:2607:f8b0:400e:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D89D1299CD for <dnsop@ietf.org>; Thu, 15 Dec 2016 12:10:11 -0800 (PST)
Received: by mail-pg0-x230.google.com with SMTP id 3so23381415pgd.0 for <dnsop@ietf.org>; Thu, 15 Dec 2016 12:10:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc:message-id:references :to; bh=nwlWENhIXqsmTmb/7RCWShYonChRipQYRnAXqPRGuQI=; b=tqywst6IT/1TijR8p+xVwOtg9go29dFHaq2YeAF4HtGXrDcwCilzGDJuMpA9jd012w KZgHqnAi7H7h3c54DzcmmlFmMIC7qYgRXFwk8eauUrNgsIGU1u+HIeforJmQ89aNVUPp GCauzGv336GD9wizzMtNH4UIkB2A5DcafppwrBjRaVktcaM0TwkMuacFdBptrRktEHjd a0KdFgLn0+g4t9+F4QrF00PIQql8UOUQ10MUHqc0Dgbu+G8ZLPOwhSqVJ/oHcK3ON78G jYwr6k+RFPWHJlWkwWZvV8R4wBg74XovsWEOo56hqMplFF67R4n8zmmchukhyITvKSAc JWnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=nwlWENhIXqsmTmb/7RCWShYonChRipQYRnAXqPRGuQI=; b=tjI6EXPz/qapKtTf22v+F2LT7ltzu7mEve8TdhTBEjhSQ7Cyn55Y+FVGDGoCaXTgyc 88J83+1J1/cjKpFvwPay9UVgxypIKRGU2jp0nc2uZfpWI9lP1v8KtIXYi29GNh8Ay8bk SKSvveI89Nb5lOyZNiR+msW8UxpBxEFeE+sgGWZV7dS7W8OEJtmDxlytBgTGHpzgq0vB E/INNycfbLnN41yPuzrwiAFDog+n/EIyrLtBveK0A0F3q27wXkITOxvidwrOT6OkEbKG sXai3zbtDM0KwTa+kSQkLlIeN1EDCftwgsG0+75YBt1QcJJflSVqsqJ2Xv4R+gK8MvAT IxcA==
X-Gm-Message-State: AKaTC02AHI6ciTAtREITzpzpG91VctWnv7XofQjHm+4Ym3hSqPWp2Me4DAJHRtk7NdKw5xMg
X-Received: by 10.84.214.1 with SMTP id h1mr5987935pli.47.1481832610942; Thu, 15 Dec 2016 12:10:10 -0800 (PST)
Received: from ?IPv6:2620::10e7:10:6142:482d:f177:c524? ([2620:0:10e7:10:6142:482d:f177:c524]) by smtp.gmail.com with ESMTPSA id z9sm6464697pfd.29.2016.12.15.12.10.09 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 15 Dec 2016 12:10:10 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_B26A7135-9ABC-4F92-B8DF-A941A5380CF9"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: james woodyatt <jhw@google.com>
In-Reply-To: <CAPt1N1mwoGDuc8fn7mFd0R3cx_xQLBM3H=ye9L+ceE6kvUo-mQ@mail.gmail.com>
Date: Thu, 15 Dec 2016 12:10:09 -0800
Message-Id: <4195DBA6-6EAE-45CE-AD61-9236C62124D0@google.com>
References: <20161214220428.1688.qmail@ary.lan> <9EC2695D-5CC5-479F-9998-27810608E71E@fugue.com> <CAH1iCioPZiO78j478BV7t=pTN9LZXQbweeBZQF2w3O1gKwx3XA@mail.gmail.com> <20161215011803.A2B705CE7CAA@rock.dv.isc.org> <CAH1iCir6R=DG+RM1BoMn1s31x3ZoN4bHLO7dWdVL-yCD3u3R0A@mail.gmail.com> <CAPt1N1=Mw=LSQ+dwFX2MFKTzSHMzWKAMLrW9fQPaAggMb+GJ-A@mail.gmail.com> <CAH1iCirFZtCWVkMqFp8Fb=wJLzmBNb2k5PfxKBRNUtgVR7cMXA@mail.gmail.com> <CAPt1N1nHmrRwAGGJCTwD=PhW1w=QHHSnvi1D3GN4kNxHSgapEA@mail.gmail.com> <20161215041912.32A8F5CE9152@rock.dv.isc.org> <CAPt1N1mwoGDuc8fn7mFd0R3cx_xQLBM3H=ye9L+ceE6kvUo-mQ@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/pvR8PgsOo-jp3kKM2Dzkcmba3IY>
Cc: Brian Dickson <brian.peter.dickson@gmail.com>, "dnsop@ietf.org WG" <dnsop@ietf.org>, Michael StJohns <msj@nthpermutation.com>, John Levine <johnl@taugh.com>, HOMENET <homenet@ietf.org>
Subject: Re: [DNSOP] [homenet] Fwd: WGLC on "redact" and "homenet-dot"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2016 20:10:13 -0000

On Dec 15, 2016, at 06:35, Ted Lemon <mellon@fugue.com> wrote:
> [Mark Andrews <marka@isc.org> wrote:]
> Why shouldn't a iterative resolver work if we can make it work?
> 
> Putting an iterative resolver in a stub resolver is an attack on the DNS infrastructure.   If you are doing it because you are testing some theory in an experimental jig, that's perfectly fine; in that case, you are a consenting adult, and can configure it with a special delegation for .homenet if you need that to work.   If you are adding it to production code that will be installed in a billion devices, you are a vandal. 

I doubt any sane home gateway vendor would do this even if the DNS infrastructure were robust enough to handle it (which, hey— I thought it was supposed to be, why isn’t it?). The reason is that too many ISPs insist on enhancing the content of the public DNS with their own private horizon stuff, so that additional services they bundle to their customers will work only on their own networks. Competition! Oh and that’s before I mention the extra featurefulness that many content delivery networks are still using for selecting servers based on the source address of the iterative DNS query instead of something more meaningful.


--james woodyatt <jhw@google.com <mailto:jhw@google.com>>

v2.23.0 | Report a Bug | By Email