Re: [DNSOP] .arpa

Ray Bellis <> Wed, 22 March 2017 16:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 34AA1129A41 for <>; Wed, 22 Mar 2017 09:19:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1tGu6ykL-SfK for <>; Wed, 22 Mar 2017 09:19:32 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0C03B1299CF for <>; Wed, 22 Mar 2017 09:19:29 -0700 (PDT)
Received: from ([]:52077) by ([]:465) with esmtpsa ( (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) id 1cqiyr-0004Nn-95 (Exim 4.72) for (return-path <>); Wed, 22 Mar 2017 16:19:25 +0000
To: dnsop <>
References: <> <> <> <> <> <> <> <> <EMEW3|7748a271060e43ad02f4e918d6bc04f1y2LBoG03tjc||> <> <> <EMEW3|60cdac3fad8ea0f5d9c8144322c5e9ddy2LEom03tjc||> <> <> <EMEW3|1770685f3047d9d32676cafa683d64b2y2LFBj03tjc||>
From: Ray Bellis <>
Message-ID: <>
Date: Wed, 22 Mar 2017 09:19:24 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <EMEW3|1770685f3047d9d32676cafa683d64b2y2LFBj03tjc||>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [DNSOP] .arpa
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 22 Mar 2017 16:19:34 -0000

On 22/03/2017 08:11, Tim Chown wrote:

> I’d like to think such uses are largely all GUI/icon driven.  Or perhaps
> increasingly voice driven, like Alexa. How often will,
> or foo.homenet be used in typical cases? 

I use ".local" to access several devices in my home network that are not
hidden behind a UI "discovery client", including my ADSB receiver and my

I also use it for SSH access to devices that announce that service via
Bonjour rather than having to put their IPs in /etc/hosts everywhere.

Arguably I'm not "typical", but IMHO we shouldn't be designing for the
lowest common denominator.

Either way, the Homenet WG has reached its consensus decision to request
".homenet" rather than "".

I personally don't mind if it takes longer for the requested insecure
delegation to happen than for the special-use reservation to happen -
the former shouldn't be a blocker for the latter.

To those that say "no insecure delegations in the root zone" because
"DNSSEC is good", my argument is that in this particular case blocking
the request would *inhibit* use of DNSSEC in edge networks and on stub
resolvers.  The whole point of the insecure delegation is to
*facilitate* correct use of DNSSEC within Homenets.

Ray (no hat)