[DNSOP] DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08

"Hollenbeck, Scott" <shollenbeck@verisign.com> Wed, 11 March 2020 18:20 UTC

IronPort-SDR: XqDHq5CUsqCUwSkUoqxEHjJDvqakwu2s37vVjhHuMUZIcH2hMLBxy2Tg1b8U4I1z3Hx9wbdH7t sMJJbulsayzQkts14T+OhkstMmrt61ZZrjUyJ3aztEHns8F8wpNtKlLm7j9hDdpRmRGS8tPycG lKRQ1fnXyyWe72esCUS+OSBobVN56ROPJe/dTlVnCh8U5enhRvQu/wHcJUDBHEFwoC2pxRZIdt lubPZCs5K/zDxRlVm96mlB6GgBawjWFL1yGRNruN4DtuRKeW3Wz11dVr4fHz6QyEvfoe1yv5GK G9k=
IronPort-PHdr: 9a23:12T69RJTHZroJfJn2dmcpTZWNBhigK39O0sv0rFitYgXKv/5rarrMEGX3/hxlliBBdydt6sYzbOM6eu5ADRIyK3CmU5BWaQEbwUCh8QSkl5oK+++Imq/EsTXaTcnFt9JTl5v8iLzG0FUHMHjew+a+SXqvnYdFRrlKAV6OPn+FJLMgMSrzeCy/IDYbxlViDanbr5+MRq7oR/MusUIn4duJbs9xgbVrnBVZ+lY2GRkKE6ckBr7+sq+5oNo/T5Ku/Im+c5AUKH6cLo9QLdFEjkoMH076dPyuxXbQgSB+nUTUmMNkhpVGAfF9w31Xo3wsiThqOVw3jSRMNDsQrA1XTSi6LprSAPthSwaOTM17H3bh8pth61VuhKhowF0zZDSbo+bKfFyerrRcc4GSWZEWMtaSi5PDZ6mb4YXD+QPI/tWr5XzqVUNrBuxGQaiC+z0xz9Un3/237E23/g9HQ3Y2gErAtIAsG7TrNXwLKoeX+K7zK7MzTXHcfxW3yzy55bUfRAiuf2HQK9+ftbWyUkzCwPJgEibpIv+PzOV0eQNt2yb4PRmVe20lWEotwJxryOxxsgykInJh5kVylHL9SV/2oo6Odq4SEtibNOiDZBeuSaaN45sTcMjRWFloDs6yqYftZGnYicK0ognywTQa/yAbYiF5A/oWuWJITpgmX5pZKiziwuw/EWu0OHwS8m53VhQoidKltTArm0B2wDJ5sSaSPZx4l2t1SuA2g3Q8O1IPEM5mbLVK5E/wbM8ip8evEHBEyDqhEn5lqqbelg49ee07unqYqjpqYGSN4JxjgzxL7khldK5DO8lKAYBRXKb9v651LD7+E35R6hFgeMun6nCtZDaOdwbpqmkAw9Jyooj6wiwDzOh0NkAgHQJMEpLdA+HgIbxNF/BIez0Aemlj1SyjDhrwOrGPqX7DprXM3fPiqnhfaxm605a0gY80ddf55dMBrEAJvL8RFPxucTFAhMlKQC43uTqBdtn2o8DWW+CDLWVPazWvFOQ4+IgOeiMZIsbuDbnLPgl4ubjjWQ5mV8aeamp2YUYaHajEft4P0qZYmHhgskfHmcQvwo+V+3qiFKEUTJJe3myWKc86ikhCI26FYfDWpytgLuZ0Se/H51WYH1JBUqWHXj1aoWEXewDZziIIsJ6nDwESKShS5I71R6wug711btnIvDI9S0fsJLpzMJ16PHLlREu6Tx0CNyQ3HyLT2FvmWMIXyQ73KFhrkxhxFePy694g+ZXFY8b2/QcGAM7M5LVieBnDdr7QCrPY8uUUlu5T9TgCjY0BJplx94Ib087F8ikhBnZ9yS3H6IPmqOGBdo/9aeKjFbrIMMogVbB0K0siVMrScgLfVatgbJjvUCHHI7Ol0GUkaynfqc0wiPX9XyCwmzIt0ZdBl0jGZ7ZVGwSMxOF5e/y4VnPGvr3Ubk=
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "linda.dunbar@futurewei.com" <linda.dunbar@futurewei.com>
CC: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08
Thread-Index: AdX30T1GApKjttEGSSWK9TMIh4Qhbw==
Date: Wed, 11 Mar 2020 18:19:24 +0000
Message-ID: <a88c3dbefb2346239a4be8c11f37695f@verisign.com>
Accept-Language: en-US
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/vMMLhvkKo9TFe4vw2_OlrQ8TLXQ>
Subject: [DNSOP] DNS for Cloud Resources in draft-ietf-rtgwg-net2cloud-problem-statement-08
Precedence: list

(Sorry, this is a late response to a review request original sent to the dnsop list on 11 February)

Section 3.4 (DNS for Cloud Resources) includes these sentences:

"Globally unique names do prevent any possibility of collision at the present or in the future and they make DNSSEC trust manageable. It's not as if there is or even could be some sort of shortage in available names that can be used, especially when subdomains and the ability to delegate administrative boundaries are considered."

Could we make the last sentence stronger, perhaps with a statement like this from the US CERT WPAD Name Collision Vulnerability alert dated May 23, 2016?

"Globally unique names do prevent any possibility of collision at the present or in the future and they make DNSSEC trust manageable. Consider using a registered and fully qualified domain name (FQDN) from global DNS as the root for enterprise and other internal namespaces."

https://www.us-cert.gov/ncas/alerts/TA16-144A

The alert actually says "other internal namespace", but I think that's a typo.

Scott

[DNSOP] DNS for Cloud Resources in draft-ietf-rtg… Hollenbeck, Scott
Re: [DNSOP] DNS for Cloud Resources in draft-ietf… Morizot Timothy S
Re: [DNSOP] DNS for Cloud Resources in draft-ietf… Michael StJohns
Re: [DNSOP] DNS for Cloud Resources in draft-ietf… Linda Dunbar
Re: [DNSOP] DNS for Cloud Resources in draft-ietf… Linda Dunbar
Re: [DNSOP] DNS for Cloud Resources in draft-ietf… Hollenbeck, Scott