Re: [domainrep] At long last, some drafts and a charter
Andrew Sullivan <ajs@anvilwalrusden.com> Fri, 24 June 2011 16:18 UTC
Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: domainrep@ietfa.amsl.com
Delivered-To: domainrep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C17611E809B for <domainrep@ietfa.amsl.com>; Fri, 24 Jun 2011 09:18:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.572
X-Spam-Level:
X-Spam-Status: No, score=-2.572 tagged_above=-999 required=5 tests=[AWL=0.027, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qrke8ofN36A8 for <domainrep@ietfa.amsl.com>; Fri, 24 Jun 2011 09:18:11 -0700 (PDT)
Received: from mail.yitter.info (mail.yitter.info [208.86.224.201]) by ietfa.amsl.com (Postfix) with ESMTP id A30DC11E8096 for <domainrep@ietf.org>; Fri, 24 Jun 2011 09:18:11 -0700 (PDT)
Received: from shinkuro.com (69-196-144-230.dsl.teksavvy.com [69.196.144.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id D053D1ECB41D for <domainrep@ietf.org>; Fri, 24 Jun 2011 16:18:08 +0000 (UTC)
Date: Fri, 24 Jun 2011 12:18:00 -0400
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: domainrep@ietf.org
Message-ID: <20110624161759.GA97941@shinkuro.com>
References: <CAF5F3316612BC4B95C5230FDF0718C5E09318210B@AMERDALEXMB1.corp.nai.org> <20110623220034.82836.qmail@joyce.lan> <CAF5F3316612BC4B95C5230FDF0718C5E09318240A@AMERDALEXMB1.corp.nai.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAF5F3316612BC4B95C5230FDF0718C5E09318240A@AMERDALEXMB1.corp.nai.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [domainrep] At long last, some drafts and a charter
X-BeenThere: domainrep@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Domain Reputation discussion list <domainrep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/domainrep>, <mailto:domainrep-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/domainrep>
List-Post: <mailto:domainrep@ietf.org>
List-Help: <mailto:domainrep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/domainrep>, <mailto:domainrep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2011 16:18:12 -0000
On Fri, Jun 24, 2011 at 10:45:32AM -0500, Adam_Wosotowsky@McAfee.com wrote: > > -----Original Message----- > > From: John Levine [mailto:johnl@iecc.com] > > Subject: Re: [domainrep] At long last, some drafts and a charter > > > > If you're doing a DNS-based lookup which requires case sensitivity, > > your application is pretty badly broken. RFC 1034 said in 1987 that > > upper and lower case ASCII characters are equivalent in DNS names, and > > that hasn't changed. > > > > We're not, we've moved long past that, but the lack of case > sensitivity in DNS reduces the amount of uniqueness that you can fit > into a single query, which should be a concern. If this issue has > already been raised then I apologize for bringing it up. See > rfc4343 for additional clarification regarding the handling of case. Careful here. First, RFCs 1034 and 1035 do not say exactly that upper and lower case ASCII characters are equivalent. DNS is supposed to be case-preserving but case-insensitive. (In my humble opinion, this is one of the most broken parts of the DNS, but never mind that.) Second, because of label compression, you have no guarantees of the case you're going to get back anyway. The following labels all match one another: eXaMpLe, example, EXAMPLE. But label compression in many implementations will store a pointer to the first instance of the label, which can mean that while you get one value back, it might not be the one you expect; and the case-preservation isn't quite what you might expect it to be, because caches are going to get a compressed label to store. In at least one case I observed, the label compression included a pointer back to the label in the (echoed) question section in the response. This meant that the labels you saw (for compressible RRTYPEs) were exactly the ones you sent. AFAIK this is changed, and I don't know of any shipping systems that do it this way, but I'm not actually sure it was wrong under the protocol anyway. There has been a suggestion to use case sensitivity as a kind of extra security measure: http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00. This was controversial, but at least one vendor has code shipping that does this. Finally, I guess it goes without saying that we're taking about (in IDNA-speak) A-labels and not U-labels. The latter aren't allowed to have upper case characters, period. A -- Andrew Sullivan ajs@anvilwalrusden.com
- Re: [domainrep] At long last, some drafts and a c… Alessandro Vesely
- [domainrep] At long last, some drafts and a chart… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… John Levine
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Nathaniel Borenstein
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… John R. Levine
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Alessandro Vesely
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Rolf E. Sonneveld
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Alessandro Vesely
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Alessandro Vesely
- Re: [domainrep] At long last, some drafts and a c… John Levine
- Re: [domainrep] At long last, some drafts and a c… Rolf E. Sonneveld
- Re: [domainrep] At long last, some drafts and a c… McDowell, Brett
- Re: [domainrep] At long last, some drafts and a c… J.D. Falk
- Re: [domainrep] At long last, some drafts and a c… Michael Adkins
- Re: [domainrep] At long last, some drafts and a c… John Levine
- Re: [domainrep] At long last, some drafts and a c… Adam_Wosotowsky
- Re: [domainrep] At long last, some drafts and a c… John Levine
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Fred F. Tabsharani
- Re: [domainrep] At long last, some drafts and a c… Dennis Dayman
- Re: [domainrep] At long last, some drafts and a c… Adam_Wosotowsky
- Re: [domainrep] At long last, some drafts and a c… McDowell, Brett
- Re: [domainrep] At long last, some drafts and a c… Andrew Sullivan
- Re: [domainrep] At long last, some drafts and a c… Rolf E. Sonneveld
- Re: [domainrep] At long last, some drafts and a c… SM
- [domainrep] Support for charter Andrew Sullivan
- Re: [domainrep] At long last, some drafts and a c… Douglas Otis
- Re: [domainrep] At long last, some drafts and a c… Andrew Sullivan
- Re: [domainrep] At long last, some drafts and a c… Nathaniel Borenstein
- Re: [domainrep] At long last, some drafts and a c… Alessandro Vesely
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Peter Saint-Andre
- Re: [domainrep] At long last, some drafts and a c… Nathaniel Borenstein
- Re: [domainrep] At long last, some drafts and a c… Alessandro Vesely
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… Alessandro Vesely
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy
- Re: [domainrep] At long last, some drafts and a c… David F. Skoll
- Re: [domainrep] At long last, some drafts and a c… Murray S. Kucherawy