IETF Logo Mail Archive

Re: [DNSOP] Questions on draft-ietf-dnsop-private-use-tld-01.txt

Donald Eastlake <d3e3e3@gmail.com> Wed, 28 April 2021 02:35 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F0AB3A10B1 for <dnsop@ietfa.amsl.com>; Tue, 27 Apr 2021 19:35:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zmk0Re5Tuqyp for <dnsop@ietfa.amsl.com>; Tue, 27 Apr 2021 19:34:57 -0700 (PDT)
Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C2503A10AA for <dnsop@ietf.org>; Tue, 27 Apr 2021 19:34:57 -0700 (PDT)
Received: by mail-io1-xd32.google.com with SMTP id b9so9607234iod.13 for <dnsop@ietf.org>; Tue, 27 Apr 2021 19:34:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UnxUe/Ap8/AeLsJYgaJOLrKxYDkomKZrAEv9AhQTDgk=; b=W5TRH2j2mRkRgQDMgqf7wsNgzs8Pm4NBowfQ/v78a9zxnXTl0UCvV5USeTfskTffnk 9jA/j02VGBXMLYOPZrJzFzbBFJuV/o7DkAVTUxbyprfh9d4QcllLd3EkUSp607QybSjQ cGA5iTZHMPNptmPVy2eUrcB4JqMUuqKnYd585Kp4ufvZCbhIeto2b9ySvGGWBu5IlOGS LY0LnoFWFzyky3t8CJLE8DP8oEuR3xZbaWqZ9u2WCpQ44RCftC3pvudmDiVr4dVq8JsH QVINuA2IOLjuhSpjGtxpkvWUeZXPCmEJricy14kwV3yI/om8QWSzF/ft6GdvMY43TA3n zvNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UnxUe/Ap8/AeLsJYgaJOLrKxYDkomKZrAEv9AhQTDgk=; b=cNt4J4RqiCxx0Obm7r+f1x2X/8g8u0ZQpxY2C+r+2Z+icviLpkVE81/fb2h4LouamX jYQEg5EOZgpGqkQx8EMyWTljF2cGGkQ0uneKwDFBZhAKfvv0vmITelYW+SVGVGc3JAFZ N8wsgaYU6xsXJmzh5eICon1W1vR93mRVOg8JmZDrcObkeQDDCZZNc7szh1mj/lEpYue9 PlTB06OI4GeMIYXNkeWP3UvExG+wNcm26QK4+GHu+DGkcK4qiDM7Ch/izkmcvLzB/m9i nXPZCBD1s1qgOj7wkmuF/Vig6kNBnqg924mR31RX0eu6vqm/FgEzFLwlKRM8Ir8nNTfb tq2g==
X-Gm-Message-State: AOAM530hziK8UyvP0FkJFUgJjbTHWWk/NZWlNgw8eZOvVeNEcQThYtP5 Qps+CzbI6nQpNqfWil7EL22hFANtFvMWwafz/GQ=
X-Google-Smtp-Source: ABdhPJwYWV6hsqecu+xF/NI0gHFcVkCDofVRx999L9FJNC7i/g/XvtTACI7MPWLg2LpVTRR84JZCFE2A564OvMz1D+E=
X-Received: by 2002:a02:630e:: with SMTP id j14mr24961952jac.115.1619577295773; Tue, 27 Apr 2021 19:34:55 -0700 (PDT)
MIME-Version: 1.0
References: <161805873252.19178.11471347094062424385@ietfa.amsl.com> <88395F35-AF22-489C-B9D6-2FFE4EB1A767@depht.com> <5F3F8198-23EA-4BA9-A07E-EF7AB035CE72@icann.org>
In-Reply-To: <5F3F8198-23EA-4BA9-A07E-EF7AB035CE72@icann.org>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Tue, 27 Apr 2021 22:34:44 -0400
Message-ID: <CAF4+nEFxggFvT-x7L-iqYxT0MTA5ODrR8BLx35VvQdzsmHt89A@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: Andrew McConachie <andrew@depht.com>, DNSOP Working Group <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000066a42d05c0ff3969"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/xWcQyk4oWhl9uyuJCdvv-H81YHA>
Subject: Re: [DNSOP] Questions on draft-ietf-dnsop-private-use-tld-01.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Apr 2021 02:35:02 -0000

I am not comfortable with grabbing all the permanently unassigned 2-letter
country codes for DNS private use.

Note: I was the primary author of RFC 2606 and have been involved in this
sort of thing before. See

https://datatracker.ietf.org/doc/draft-eastlake-2606bis/
https://datatracker.ietf.org/doc/draft-ellermann-idnabis-test-tlds/
https://datatracker.ietf.org/doc/draft-ietf-dnsind-local-names/


At one early point I considered the addition of a number of additional TLDs
for testing purposes to the draft that became RFC 2606 including, as I
recall, one that was 63 octets long and a number 2-letter codes taken from
the permanently unassigned 2-letter ISO country codes. John Postel rejected
such efforts and in particular, if I recall correctly, indicated that as
IANA (at the time when essentially all registries were Expert Review and
John was the universal expert) he would reject any effort to assign any DNS
use to any ISO 2-letter code, other than as a national country code, unless
a liaison was received from ISO explicitly permitting such use regardless
of public statements by ISO that ISO would not assign a use to such any or
all such code in the future. That may have been an earlier era but I think
John Postel's position should still have some weight. And I would note that
more recently, the IESG has wanted a liaison to be crystal clear about
permissions from other standards development organizations for anything
that is at all questionable.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com


On Fri, Apr 16, 2021 at 11:18 AM Paul Hoffman <paul.hoffman@icann.org>
wrote:

> On Apr 16, 2021, at 5:31 AM, Andrew McConachie <andrew@depht.com> wrote:
>
> > If I understand section 4.3 correctly, DNSSEC validating stub resolvers
> SHOULD NOT resolve these names. Is that the intention of Section 4.3?
>
> No, definitely not. The text says:
>    3.  Name resolution APIs and libraries SHOULD NOT recognise these
>        names as special and SHOULD NOT treat them differently.  Name
>        resolution APIs SHOULD send queries for these names to their
>        configured caching DNS server(s).
> Not recognizing them as special means to treat them like any other name.
> There is no mention of DNSSEC.
>
> > Why reserve so many names for a singular purpose? If human semantics are
> irrelevant then why not just pick a name at random and reserve that one?
> There may come a time in the future where one of these names might be
> useful for something else.
>
> The question of "why" is a good one. There are two extremes:
>
> - All these labels are equivalent, so the WG should just allow one to be
> used.
>
> - These labels have different semantic properties to different people, so
> let them choose freely among the set.
>
> This hasn't been well-discussed in the WG. My personal preference is the
> latter (which is what is in the draft) because names and abbreviations
> matter, whether or not we techies like that. There is no technical downside
> to the list being large but bounded, I think.
>
> --Paul Hoffman_______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>

v2.23.0 | Report a Bug | By Email