[DNSOP] DNSSEC, additional special names & draft-chapin-additional-reserved-tlds-00.txt
Jim Reid <jim@rfc1035.com> Thu, 27 February 2014 11:46 UTC
Return-Path: <jim@rfc1035.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0B121A0256 for <dnsop@ietfa.amsl.com>; Thu, 27 Feb 2014 03:46:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.548
X-Spam-Level:
X-Spam-Status: No, score=-0.548 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fz3lNsPQ8Tda for <dnsop@ietfa.amsl.com>; Thu, 27 Feb 2014 03:45:59 -0800 (PST)
Received: from shaun.rfc1035.com (smtp.v6.rfc1035.com [IPv6:2001:4b10:100:7::25]) by ietfa.amsl.com (Postfix) with ESMTP id C5D6E1A024F for <dnsop@ietf.org>; Thu, 27 Feb 2014 03:45:58 -0800 (PST)
Received: from gromit.rfc1035.com (gromit.rfc1035.com [195.54.233.69]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by shaun.rfc1035.com (Postfix) with ESMTPSA id 7673224212ED; Thu, 27 Feb 2014 11:45:53 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Jim Reid <jim@rfc1035.com>
In-Reply-To: <20140227074249.2972F107D273@rock.dv.isc.org>
Date: Thu, 27 Feb 2014 11:45:52 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <B67B8708-66D9-4372-B3E4-58FBC3297E9D@rfc1035.com>
References: <20140129055438.2402.qmail@joyce.lan> <97E20887-2B9C-4EAD-826B-043306605F88@fl1ger.de> <54BE75D7-E70B-46AB-93C1-042E655BB5E7@apple.com> <D0AC0015-63C3-4C03-A8D0-888C435D2775@virtualized.org> <20140226100311.E73CA1069B39@rock.dv.isc.org> <8FEAF0FC-2AC3-4F39-9825-7068AAA6E40D@hopcount.ca> <6F605B46-51AD-4A21-BA3E-5723AA843EC6@virtualized.org> <20140227021436.E957210702F7@rock.dv.isc.org> <7E284F2F-1A99-4E57-B7BD-46129AEDDD04@virtualized.org> <20140227074249.2972F107D273@rock.dv.isc.org>
To: Mark Andrews <marka@isc.org>
X-Mailer: Apple Mail (2.1510)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/qwRbrVGseccDN9OnVxD8jXSZsYI
Cc: DNSOP WG <dnsop@ietf.org>, David Conrad <drc@virtualized.org>
Subject: [DNSOP] DNSSEC, additional special names & draft-chapin-additional-reserved-tlds-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2014 11:46:01 -0000
On 27 Feb 2014, at 07:42, Mark Andrews <marka@isc.org> wrote: > DNSSEC will eventually be on by default and squatting like this will have negative consequences. Er, no. Vendors who pluck domain names out of the ether and use them in their products will by definition not have the DNS clue required for deploying a viable DNSSEC. Besides, in the case of CPE, they won't even *need* DNSSEC because the offending domain names (router.home or whatever) get looked up on the internal net. Most likely those names will be used by web browsers that do not have a validating resolver and are already relying on the CPE for DNS. Those lookups will almost never go to the outside, far less validate a signed referral for .whatever from the root. > There may be a need for a reserved suffix. It doesn't have to be .HOME. Rewarding bad > behaviour leads to more bad behaviour. IMO, the draft aims to document existing bad behaviour and explains why people should stop doing those bad/stupid/wrong things. Or at least appreciate the consequences. This is a Good Thing. It might even mean fewer instances of bad behaviour in future. Whether of course the writers of CPE crapware will ever read this RFC, let alone act on it, is another matter. At least the IETF will have produced a useful document on the topic. Which is all it could do. BTW, the latest thinking (ie as of yesterday) from ICANN is .home will be reserved indefinitely: http://www.icann.org/en/news/public-comment/name-collision-26feb14-en.htm. It doesn't matter now whether someone wants to call that "rewarding bad behaviour" or not. That train left the station a long, long time ago. [And I'm long past caring either way.] So it seems to me ICANN is acknowledging reality and taking prudent measures for overall security and stability of the DNS. Too much stuff is already (ab)using .home so this TLD can't go into the public root for the obvious reasons.
- Re: [DNSOP] additional special names Fwd: I-D Act… John Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- [DNSOP] additional special names Fwd: I-D Action:… Suzanne Woolf
- Re: [DNSOP] additional special names Fwd: I-D Act… Stephane Bortzmeyer
- Re: [DNSOP] additional special names Fwd: I-D Act… Stuart Cheshire
- Re: [DNSOP] additional special names Fwd: I-D Act… George Michaelson
- Re: [DNSOP] additional special names Fwd: I-D Act… John Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… Jim Reid
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- Re: [DNSOP] additional special names Fwd: I-D Act… John R Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… Lyman Chapin
- Re: [DNSOP] additional special names Fwd: I-D Act… Stuart Cheshire
- Re: [DNSOP] additional special names Fwd: I-D Act… Stuart Cheshire
- Re: [DNSOP] additional special names Fwd: I-D Act… John Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- Re: [DNSOP] additional special names Fwd: I-D Act… Ralf Weber
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- Re: [DNSOP] additional special names Fwd: I-D Act… Ralf Weber
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Ralf Weber
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… Stephane Bortzmeyer
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… Andrew Sullivan
- Re: [DNSOP] additional special names Fwd: I-D Act… jonne.soininen
- Re: [DNSOP] additional special names Fwd: I-D Act… George Michaelson
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… George Michaelson
- Re: [DNSOP] additional special names Fwd: I-D Act… John Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… Andrew Sullivan
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… George Michaelson
- Re: [DNSOP] additional special names Fwd: I-D Act… Andrew Sullivan
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… jonne.soininen
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Vixie
- Re: [DNSOP] additional special names Fwd: I-D Act… Andrew Sullivan
- Re: [DNSOP] additional special names Fwd: I-D Act… John Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… Patrik Fältström
- Re: [DNSOP] additional special names Fwd: I-D Act… Jim Reid
- Re: [DNSOP] additional special names Fwd: I-D Act… Stephane Bortzmeyer
- Re: [DNSOP] additional special names Fwd: I-D Act… Stephane Bortzmeyer
- Re: [DNSOP] additional special names Fwd: I-D Act… Stephane Bortzmeyer
- Re: [DNSOP] additional special names Fwd: I-D Act… Andrew Sullivan
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Ferguson
- Re: [DNSOP] additional special names Fwd: I-D Act… Suzanne Woolf
- Re: [DNSOP] additional special names Fwd: I-D Act… John Levine
- Re: [DNSOP] possibly quite a lot of additional sp… John Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… joel jaeggli
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… Stuart Cheshire
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… Stuart Cheshire
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… David Conrad
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- Re: [DNSOP] additional special names Fwd: I-D Act… David Conrad
- Re: [DNSOP] additional special names Fwd: I-D Act… John Levine
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… Paul Hoffman
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- Re: [DNSOP] additional special names Fwd: I-D Act… David Conrad
- Re: [DNSOP] additional special names Fwd: I-D Act… Mark Andrews
- [DNSOP] DNSSEC, additional special names & draft-… Jim Reid
- Re: [DNSOP] DNSSEC, additional special names & dr… Mark Andrews
- Re: [DNSOP] DNSSEC, additional special names & dr… Jim Reid
- Re: [DNSOP] DNSSEC, additional special names & dr… Tony Finch
- Re: [DNSOP] DNSSEC, additional special names & dr… Tony Finch
- Re: [DNSOP] DNSSEC, additional special names & dr… Jim Reid
- Re: [DNSOP] DNSSEC, additional special names & dr… Tony Finch
- [DNSOP] admin note Re: additional special names F… Suzanne Woolf
- Re: [DNSOP] DNSSEC, additional special names & dr… John Levine
- Re: [DNSOP] DNSSEC, additional special names & dr… Joe Abley
- Re: [DNSOP] DNSSEC, additional special names & dr… John R Levine
- Re: [DNSOP] DNSSEC, additional special names & dr… Andrew Sullivan
- Re: [DNSOP] additional special names Fwd: I-D Act… Stephane Bortzmeyer
- Re: [DNSOP] additional special names Fwd: I-D Act… Stuart Cheshire
- Re: [DNSOP] additional special names Fwd: I-D Act… Warren Kumari
- Re: [DNSOP] additional special names Fwd: I-D Act… Norbert Bollow
- Re: [DNSOP] additional special names Fwd: I-D Act… joel jaeggli
- Re: [DNSOP] additional special names Fwd: I-D Act… Jelte Jansen
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… Tony Finch
- Re: [DNSOP] additional special names Fwd: I-D Act… Ted Lemon
- Re: [DNSOP] additional special names Fwd: I-D Act… Jelte Jansen
- Re: [DNSOP] additional special names Fwd: I-D Act… Andrew Sullivan
- Re: [DNSOP] additional special names Fwd: I-D Act… Olafur Gudmundsson
- Re: [DNSOP] additional special names Fwd: I-D Act… Jelte Jansen
- Re: [DNSOP] additional special names Fwd: I-D Act… Warren Kumari
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Warren Kumari
- Re: [DNSOP] additional special names Fwd: I-D Act… Warren Kumari
- Re: [DNSOP] additional special names Fwd: I-D Act… Joe Abley
- Re: [DNSOP] additional special names Fwd: I-D Act… Stephane Bortzmeyer
- Re: [DNSOP] additional special names Fwd: I-D Act… Warren Kumari
- Re: [DNSOP] additional special names Fwd: I-D Act… Tim Wicinsku
- Re: [DNSOP] additional special names Fwd: I-D Act… Suzanne Woolf