Re: [DNSOP] new DNS classes

Paul Vixie <> Fri, 07 July 2017 15:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AC1CF131636; Fri, 7 Jul 2017 08:09:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id pLNCyiHikIgJ; Fri, 7 Jul 2017 08:09:35 -0700 (PDT)
Received: from ( [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 681AB131610; Fri, 7 Jul 2017 08:09:35 -0700 (PDT)
Received: from [] ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id 9209C61FF3; Fri, 7 Jul 2017 15:09:34 +0000 (UTC)
Message-ID: <>
Date: Fri, 07 Jul 2017 08:09:30 -0700
From: Paul Vixie <>
User-Agent: Postbox 5.0.15 (Windows/20170609)
MIME-Version: 1.0
To: Nico Williams <>
CC: Mark Andrews <>, John C Klensin <>, dnsop <>, Phillip Hallam-Baker <>, IETF Rinse Repeat <>
References: <> <> <> <> <> <> <> <562EC659F89FA92A09CAC4DB@PSB> <20170706153955.GB3393@localhost> <> <20170707055315.GC3393@localhost>
In-Reply-To: <20170707055315.GC3393@localhost>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <>
Subject: Re: [DNSOP] new DNS classes
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 07 Jul 2017 15:09:36 -0000

Nico Williams wrote:
> ...
> I'm well aware that as to clients and servers, deploying new RR types is
> easy.  The hard part is the management backend and UIs.  Not all of them
> allow you to enter raw RDATA (hex-encoded or whatever).
> We've struggled with this in KITTEN WG.  Deploying the URI RR type when
> you're using a hosting service can be anywhere from annoying (must enter
> raw RDATA) to impossible (the hosting service doesn't give a damn).  I
> suppose it's just a matter of time; perhaps things have improved since
> we last looked.

that would be a prior restraint, and bad for innovation. just like 
middle boxes or the nearly universal assumption that ip means tcp or 
udp. i know this kind of thinking is common. but there is a stark choice 
for all of us: do all of our future protocol work on tcp/80 and make 
everything fit in JSON, so that we can get our work done; or keep doing 
what the internet used to mean, and eventually put enough stress on 
middle box makers, isp's, and in your case dns hosting services, that 
they have to learn about the internet rather than just the web.

i know which future i'd rather live in. i also feel in-year pressure to 
get my work done. i vacillate as to who gets to receive which burdens.

P Vixie