IETF Logo Mail Archive

Re: [homenet] WGLC on "redact" and "homenet-dot"

Andrew Sullivan <ajs@anvilwalrusden.com> Thu, 15 December 2016 18:23 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2457129E45 for <homenet@ietfa.amsl.com>; Thu, 15 Dec 2016 10:23:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qiM9ofgYAXtY for <homenet@ietfa.amsl.com>; Thu, 15 Dec 2016 10:23:07 -0800 (PST)
Received: from mx2.yitter.info (mx2.yitter.info [IPv6:2600:3c03::f03c:91ff:fedf:cfab]) by ietfa.amsl.com (Postfix) with ESMTP id 95FD4129E79 for <homenet@ietf.org>; Thu, 15 Dec 2016 10:23:02 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx2.yitter.info (Postfix) with ESMTP id 1C692113BC for <homenet@ietf.org>; Thu, 15 Dec 2016 18:23:02 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx2.yitter.info ([127.0.0.1]) by localhost (mx2.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Iw6S2SPsLLWt for <homenet@ietf.org>; Thu, 15 Dec 2016 18:23:01 +0000 (UTC)
Received: from mx2.yitter.info (192-0-220-231.cpe.teksavvy.com [192.0.220.231]) by mx2.yitter.info (Postfix) with ESMTPSA id 3BD8A113AE for <homenet@ietf.org>; Thu, 15 Dec 2016 18:23:01 +0000 (UTC)
Date: Thu, 15 Dec 2016 13:22:59 -0500
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: homenet@ietf.org
Message-ID: <20161215182259.GH616@mx2.yitter.info>
References: <4ab2a538-603e-4e7a-3be9-ad75ed459006@bellis.me.uk> <B192A1B3-03FF-43D1-AD30-12BBA2D65DF0@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <B192A1B3-03FF-43D1-AD30-12BBA2D65DF0@gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/_c8tlPVTxwI3EgKimGTR8WN0Wwk>
Subject: Re: [homenet] WGLC on "redact" and "homenet-dot"
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2016 18:23:17 -0000

Dear colleagues,

I have read draft-ietf-homenet-redact-01.  I think it would be
stronger if the ¶ "The RFC6761 process … notices oversights of this
sort." in section 1 were removed.  I don't especially care, however.
Also, in ¶1 of §1, "This document recomments the use of the '.home'…."
reads as though the present document (i.e. the I-D itself) is making
the recommendation.  Perhaps "That document" instead would work, or
"Said RFC", or something.

I have also read draft-ietf-homenet-dot-00.  I have some comments both
large and small.

In the large, I think the critical questions for the WG is whether the
special name in question (1) needs to have a secure proof of
non-existence in the global DNS and (2) needs to be a TLD.

As far as I can tell, this is a name that is supposed to work in a
site context using standard DNS resolution and protocols.  If that is
true, then there are two possibilities:

    1.  Proveable non-existence doesn't matter, because a
    homenet-aware resolver will already know that .homenet is a
    protocol switch and anything that isn't homenet-aware should fail.

    2.  Proveably insecure delegation is critical so that unmodified
    validating endpoints can use the homenet DNS.

I think our charter tells us we're supposed to achieve (2).  (1) is
the case like .onion, where an endpoint that doesn't know it's doing
onion routing is _supposed_ to fail.  But we were supposed to be
providing a site-local answer that still provided link-local-like
experiences.  So I think we have to do (2).

If that's the case, then we need to ask for a provably insecure
delegation.  If such a delegation needs to be a TLD, then we have to
ask not only for an entry in the special-names registry (which is
under IETF control), but also an entry in the DNS root zone (which is
not under IETF control).  If it does not need to be a TLD, then we
have other options open to us.

If we ask for a provably insecure delegation from the root zone, then
I think we need to be alert to the possibility that ICANN might not
grant it, or might grant it under circumstances we don't like.  The
key thing here is that we are tramping in someone else's IANA
operational space, so we become subject to their rules.

I am very far from convinced that this needs a delegation from the
root, so I would prefer a different name than .homenet.  I think
home.arpa. or mynet.arpa. or whatever would be good enough, but I'm
aware some think "arpa" is a dangerous string.

On the small stuff:

In §1, "evidence indicates that '.home' queries frequently leak out
and reach the root name servers [ICANN1] [ICANN2]", I don't think
that's the issue.  The issue is that home is a well-known, in use TLD
(we know because of those queries), and the consequences of reusing it
are therefore completely unknown.

Best regards,

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com

v2.23.0 | Report a Bug | By Email