Re: [DNSOP] Public Suffix List

Dean Anderson <dean@av8.com> Tue, 10 June 2008 16:27 UTC

Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@optimus.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3885E3A69CB; Tue, 10 Jun 2008 09:27:31 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 910F53A6942 for <dnsop@core3.amsl.com>; Tue, 10 Jun 2008 09:27:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.339
X-Spam-Level:
X-Spam-Status: No, score=-2.339 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NhU6r0R9K6E0 for <dnsop@core3.amsl.com>; Tue, 10 Jun 2008 09:27:28 -0700 (PDT)
Received: from cirrus.av8.net (cirrus.av8.net [130.105.36.66]) by core3.amsl.com (Postfix) with ESMTP id 8C7AD3A68E2 for <dnsop@ietf.org>; Tue, 10 Jun 2008 09:27:28 -0700 (PDT)
Received: from citation2.av8.net (citation2.av8.net [130.105.12.10]) (authenticated bits=0) by cirrus.av8.net (8.12.11/8.12.11) with ESMTP id m5AGQ2jK006521 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Tue, 10 Jun 2008 12:26:02 -0400
Date: Tue, 10 Jun 2008 12:26:01 -0400 (EDT)
From: Dean Anderson <dean@av8.com>
X-X-Sender: dean@citation2.av8.net
To: Gervase Markham <gerv@mozilla.org>
In-Reply-To: <484E530E.1040108@mozilla.org>
Message-ID: <Pine.LNX.4.44.0806101207560.5176-100000@citation2.av8.net>
MIME-Version: 1.0
Cc: "dnsop@ietf.org" <dnsop@ietf.org>, David Conrad <drc@virtualized.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Subject: Re: [DNSOP] Public Suffix List
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org

On Tue, 10 Jun 2008, Gervase Markham wrote:

> Kim Davies wrote:
> > This thread sounds remarkably like deja vu. Indeed, the TLD community was
> > rather upset a few years ago by Mozilla taking unilateral action to
> > introduce a hard-coded white-list of acceptable IDN TLDs without prior
> > consultation. 

Hard-coding something that dynamically changes is always a bad idea.  
While the notion of having a _dynamically_configured_ and
updateable/changeable list that mozilla uses might be OK, I'd hope that
it can be turned off by the user.

If Firefox is scheduled to ship with this serious flaw, I'd suggest that
maybe you might want to reconsider that schedule, and consider this a
show-stopper bug. Of course, one can always advise against using that
version of Firefox if it is shipped.  And if Mozilla.org insists on that
'flaw/feature', there is always the possibility of some group organizing
a new distribution without that 'flaw/feature'---this ability of change
is indeed a beautiful property of open source software. No one is locked
into what Mozilla.org decides.

> That's unfortunate; but I must say this upset was not communicated to me.

Probably that's because you are using SORBS to filter your email. SORBS
has an unusually high number of false positives, and for example,
falsely claims that that 130.105/16 and 198.3.136/21 are hijacked. You 
can find more information about SORBS on http://www.iadl.org/

> That policy of ours should have no effect whatsoever on TLDs with a
> responsible attitude to homographs. Our registration requirements are
> not onerousFrom dnsop-bounces@ietf.org  Tue Jun 10 09:27:31 2008
Return-Path: <dnsop-bounces@ietf.org>
X-Original-To: dnsop-archive@lists.ietf.org
Delivered-To: ietfarch-dnsop-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 3885E3A69CB;
	Tue, 10 Jun 2008 09:27:31 -0700 (PDT)
X-Original-To: dnsop@core3.amsl.com
Delivered-To: dnsop@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 910F53A6942
	for <dnsop@core3.amsl.com>om>; Tue, 10 Jun 2008 09:27:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.339
X-Spam-Level: 
X-Spam-Status: No, score=-2.339 tagged_above=-999 required=5 tests=[AWL=0.260, 
	BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id NhU6r0R9K6E0 for <dnsop@core3.amsl.com>om>;
	Tue, 10 Jun 2008 09:27:28 -0700 (PDT)
Received: from cirrus.av8.net (cirrus.av8.net [130.105.36.66])
	by core3.amsl.com (Postfix) with ESMTP id 8C7AD3A68E2
	for <dnsop@ietf.org>rg>; Tue, 10 Jun 2008 09:27:28 -0700 (PDT)
Received: from citation2.av8.net (citation2.av8.net [130.105.12.10])
	(authenticated bits=0)
	by cirrus.av8.net (8.12.11/8.12.11) with ESMTP id m5AGQ2jK006521
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
	Tue, 10 Jun 2008 12:26:02 -0400
Date: Tue, 10 Jun 2008 12:26:01 -0400 (EDT)
From: Dean Anderson <dean@av8.com>
X-X-Sender: dean@citation2.av8.net
To: Gervase Markham <gerv@mozilla.org>
In-Reply-To: <484E530E.1040108@mozilla.org>
Message-ID: <Pine.LNX.4.44.0806101207560.5176-100000@citation2.av8.net>
MIME-Version: 1.0
Cc: "dnsop@ietf.org" <dnsop@ietf.org>rg>, David Conrad <drc@virtualized.org>rg>,
	"ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Subject: Re: [DNSOP] Public Suffix List
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
	<mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>,
	<mailto:dnsop-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsop-bounces@ietf.org
Errors-To: dnsop-bounces@ietf.org

On Tue, 10 Jun 2008, Gervase Markham wrote:

> Kim Davies wrote:
> > This thread sounds remarkably like deja vu. Indeed, the TLD community was
> > rather upset a few years ago by Mozilla taking unilateral action to
> > introduce a hard-coded white-list of acceptable IDN TLDs without prior
> > consultation. 

Hard-coding something that dynamically changes is always a bad idea.  
While the notion of having a _dynamically_configured_ and
updateable/changeable list that mozilla uses might be OK, I'd hope that
it can be turned off by the user.

If Firefox is scheduled to ship with this serious flaw, I'd suggest that
maybe you might want to reconsider that schedule, and consider this a
show-stopper bug. Of course, one can always advise against using that
version of Firefox if it is shipped.  And if Mozilla.org insists on that
'flaw/feature', there is always the possibility of some group organizing
a new distribution without that 'flaw/feature'---this ability of change
is indeed a beautiful property of open source software. No one is locked
into what Mozilla.org decides.

> That's unfortunate; but I must say this upset was not communicated to me.

Probably that's because you are using SORBS to filter your email. SORBS
has an unusually high number of false positives, and for example,
falsely claims that that 130.105/16 and 198.3.136/21 are hijacked. You 
can find more information about SORBS on http://www.iadl.org/

> That policy of ours should have no effect whatsoever on TLDs with a
> responsible attitude to homographs. Our registration requirements are
> not onerous.

??? This statement doesn't seem very credible. What authority do you
have to decide what a 'responsible attitude to homegraphs' would be?  
Mozilla.org doesn't represent the internet industry nor any government
or governing organization. Why should TLD's think they need to register
with Mozilla.org?  Since when did Mozilla.org take control of the
internet and the TLD responsibilities?  What legitimate governing body
decided what is responsible for TLD homographs? Adding questionable or
dubious blocking capabilities is one thing; Insisting on them by policy
is quite another.


		--Dean


-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   


_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop


.

??? This statement doesn't seem very credible. What authority do you
have to decide what a 'responsible attitude to homegraphs' would be?  
Mozilla.org doesn't represent the internet industry nor any government
or governing organization. Why should TLD's think they need to register
with Mozilla.org?  Since when did Mozilla.org take control of the
internet and the TLD responsibilities?  What legitimate governing body
decided what is responsible for TLD homographs? Adding questionable or
dubious blocking capabilities is one thing; Insisting on them by policy
is quite another.


		--Dean


-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   


_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop