IETF Logo Mail Archive

Re: [DNSOP] reservations on reservations, was Barry Leiba's Abstain

"John Levine" <johnl@taugh.com> Tue, 01 September 2015 14:35 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02ED81B29A7 for <dnsop@ietfa.amsl.com>; Tue, 1 Sep 2015 07:35:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.862
X-Spam-Level:
X-Spam-Status: No, score=0.862 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7HEPubL39aAL for <dnsop@ietfa.amsl.com>; Tue, 1 Sep 2015 07:35:25 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B44A91ACD9C for <dnsop@ietf.org>; Tue, 1 Sep 2015 07:35:23 -0700 (PDT)
Received: (qmail 95564 invoked from network); 1 Sep 2015 14:35:40 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 1 Sep 2015 14:35:40 -0000
Date: Tue, 01 Sep 2015 14:35:00 -0000
Message-ID: <20150901143500.63585.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: dnsop@ietf.org
In-Reply-To: <DA29D7B7-63EC-44FA-B47B-1F930450CE43@difference.com.au>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/uqIdp6XwFfkPfqdtgntTZePsn8E>
Cc: dave@difference.com.au
Subject: Re: [DNSOP] reservations on reservations, was Barry Leiba's Abstain
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2015 14:35:30 -0000

>This is a language quibble. I said ICANN had no mechanisms for
>specifying how a domain should be handled, and I would think a SHOULD
>specification is exactly that in formal language.

ICANN has vast sets of rules about how GTLDs are handled at the server
end.  They have rules about DNSSEC and about server redundancy and
multiple layers of rules about what can and cannot be in the zone
files.  Admittedly they're only binding on contracted parties, but if
you want rules, they got rules.  There are also individual TLDs with
more specific rules, notably .TEL which mostly has NAPTR records.

In any event, from the point of the DNS, a reservation that just says
don't resolve .onion would be quite adequate.  If someone else wanted
to invent another software package that also squatted on .onion to do
something else, it'd be confusing but it wouldn't cause new DNS
stability problems.



>And FWIW, [advice to reject .onion in applications is] not intended
>primarily as an optimisation in the sense of efficiency, rather its an
>attempt to mitigate a privacy leakage in the TOR system.

If you implement what this draft says, your local DNS resolver library
will reject .onion queries so there'll be no leakage.  I suppose we
might call it belt-and-suspenders.

R's,
John

v2.23.0 | Report a Bug | By Email