Context specific semantics was Re: uncooperative DNSBLs, was several messages
Ted Hardie <hardie@qualcomm.com> Thu, 13 November 2008 20:08 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C311C3A68A0; Thu, 13 Nov 2008 12:08:03 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 18F6E3A68A0 for <ietf@core3.amsl.com>; Thu, 13 Nov 2008 12:08:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.599
X-Spam-Level:
X-Spam-Status: No, score=-105.599 tagged_above=-999 required=5 tests=[AWL=1.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dnTFP5XDbYL3 for <ietf@core3.amsl.com>; Thu, 13 Nov 2008 12:08:02 -0800 (PST)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) by core3.amsl.com (Postfix) with ESMTP id E59FF3A684A for <ietf@ietf.org>; Thu, 13 Nov 2008 12:08:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=hardie@qualcomm.com; q=dns/txt; s=qcdkim; t=1226606882; x=1258142882; h=mime-version:message-id:in-reply-to:references:date:to: from:subject:cc:content-type:x-ironport-av; z=MIME-Version:=201.0|Message-ID:=20<p06240605c54237e869f2 @[10.227.68.106]>|In-Reply-To:=20<alpine.LSU.2.00.0811131 922190.14367@hermes-1.csi.cam.ac.uk>|References:=20<Pine. LNX.4.33.0811121942450.12067-100000@egate.xpasc.com>=0D =0A=20<20081113112302.38928.qmail@simone.iecc.com>=0D=0A =20<e0c581530811130740g1db5cbfehbcdad361660bf48b@mail.gma il.com>=0D=0A=20<491C5339.8090801@dcrocker.net>=20<200811 13163833.GN76118@shinkuro.com>=0D=0A=20<491C699B.4000702@ nortel.com>=20<20081113180841.GO76118@shinkuro.com>=0D=0A =20<491C711C.3030605@leisi.net>=20<20081113183919.GR76118 @shinkuro.com>=0D=0A=20<p06240603c542266a5094@[10.227.68. 106]>=0D=0A=20<alpine.LSU.2.00.0811131922190.14367@hermes -1.csi.cam.ac.uk>|Date:=20Thu,=2013=20Nov=202008=2012:08: 17=20-0800|To:=20Tony=20Finch=20<dot@dotat.at>|From:=20Te d=20Hardie=20<hardie@qualcomm.com>|Subject:=20Context=20s pecific=20semantics=20was=20Re:=20uncooperative=20DNSBLs, =20was=0D=0A=20several=20messages|CC:=20Andrew=20Sullivan =20<ajs@shinkuro.com>,=20"ietf@ietf.org"=20<ietf@ietf.org >|Content-Type:=20text/plain=3B=20charset=3D"us-ascii" |X-IronPort-AV:=20E=3DMcAfee=3Bi=3D"5300,2777,5433"=3B=20 a=3D"12860829"; bh=sORdUP3/XAQB//cKuQlckTWs2bOPBf/csNK3aVFqxmQ=; b=m7OLbJrwNto1J+9h8CTjWgBXSMf0lla+XbGbDLNLnRm+x7mxr7D+FTw6 7uhAQAqyzaQI4SFx+1gVFenCTpIfskgSlb+lPVH8bPitJjRvFFSmd/mfs 5Iq5Ze02uvWMZ3SaCmNG6lmBbjjdJwOK1Iws7DcPZ7bu9Mn4ckauZMNpV 4=;
X-IronPort-AV: E=McAfee;i="5300,2777,5433"; a="12860829"
Received: from pdmz-ns-mip.qualcomm.com (HELO ithilien.qualcomm.com) ([199.106.114.10]) by wolverine01.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 13 Nov 2008 12:08:02 -0800
Received: from msgtransport04.qualcomm.com (msgtransport04.qualcomm.com [129.46.61.156]) by ithilien.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id mADK81Uc018377 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 13 Nov 2008 12:08:02 -0800
Received: from nasanexhub02.na.qualcomm.com (nasanexhub02.na.qualcomm.com [10.46.143.120]) by msgtransport04.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id mADK7ws5014495 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Thu, 13 Nov 2008 12:08:01 -0800
Received: from nasanexmsp01.na.qualcomm.com (10.45.56.204) by nasanexhub02.na.qualcomm.com (10.46.143.120) with Microsoft SMTP Server (TLS) id 8.1.311.2; Thu, 13 Nov 2008 12:07:59 -0800
Received: from [10.227.68.106] (10.46.82.6) by qcmail1.qualcomm.com (10.45.56.204) with Microsoft SMTP Server (TLS) id 8.1.291.1; Thu, 13 Nov 2008 12:07:58 -0800
MIME-Version: 1.0
Message-ID: <p06240605c54237e869f2@[10.227.68.106]>
In-Reply-To: <alpine.LSU.2.00.0811131922190.14367@hermes-1.csi.cam.ac.uk>
References: <Pine.LNX.4.33.0811121942450.12067-100000@egate.xpasc.com> <20081113112302.38928.qmail@simone.iecc.com> <e0c581530811130740g1db5cbfehbcdad361660bf48b@mail.gmail.com> <491C5339.8090801@dcrocker.net> <20081113163833.GN76118@shinkuro.com> <491C699B.4000702@nortel.com> <20081113180841.GO76118@shinkuro.com> <491C711C.3030605@leisi.net> <20081113183919.GR76118@shinkuro.com> <p06240603c542266a5094@[10.227.68.106]> <alpine.LSU.2.00.0811131922190.14367@hermes-1.csi.cam.ac.uk>
Date: Thu, 13 Nov 2008 12:08:17 -0800
To: Tony Finch <dot@dotat.at>
From: Ted Hardie <hardie@qualcomm.com>
Subject: Context specific semantics was Re: uncooperative DNSBLs, was several messages
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
At 11:23 AM -0800 11/13/08, Tony Finch wrote: >On Thu, 13 Nov 2008, Ted Hardie wrote: >> >> Thanks for the pointer. I had missed this technical comment in the >> crowd, and I think it is very important indeed. By re-using RRs with >> context-specific semantics, the proposal does serious harm to >> interoperability. > >Is there any evidence for that? > >Tony. >-- >f.anthony.n.finch <dot@dotat.at> http://dotat.at/ >VIKING NORTH UTSIRE SOUTH UTSIRE: SOUTHERLY OR SOUTHWESTERLY 5 TO 7, >OCCASIONALLY GALE 8 IN NORTH UTSIRE AT FIRST, AND PERHAPS GALE 8 IN VIKING >LATER. ROUGH OR VERY ROUGH. RAIN. MODERATE OR GOOD, OCCASIONALLY POOR. The draft currently says: DNSxLs also MAY contain an A record at the apex of the DNSxL zone that points to a web server, so that anyone wishing to learn about the bad.example.net DNSBL can check http://bad.example.net. That's an example in which an A record in this zone has the standard DNS meaning and the expectation is that you can use it construct a URI. The other A records have a specific meaning in which the data returned indicates that indicates something about its reputation in a specific context (what reputation etc. being context specific). One of these things is not like the other. Using the same record type for both creates a need to generate some other context that enables you to figure out what was really meant. The whole approach here is "An A record in this zone has a meaning different from the meaning in other zones". That creates a DNS context for the RRTYPE based on the zone of the query, which is not what the DNS currently uses for disambiguating the types of requests/responses. Using a different RR type puts you back into the standard way of doing things. regards, Ted Hardie _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Re: several messages der Mouse
- Re: several messages David Morris
- Re: several messages Dean Anderson
- Re: several messages Randy Presuhn
- Re: several messages David Morris
- Re: several messages Matthias Leisi
- Re: several messages Steve Linford
- Re: several messages Peter Dambier
- Re: several messages Steve Linford
- Re: several messages Keith Moore
- Re: several messages der Mouse
- Re: several messages Chris Lewis
- Re: several messages Mark Andrews
- Re: several messages der Mouse
- Re: several messages Chris Lewis
- Re: several messages David Romerstein
- Re: several messages Randy Presuhn
- Re: several messages Chris Lewis
- Re: several messages David Romerstein
- Re: several messages David Romerstein
- Re: several messages Keith Moore
- Re: several messages Chris Lewis
- Re: several messages Al Iverson
- More anti-spam (was: Re: several messages) John C Klensin
- RE: several messages michael.dillon
- Re: several messages Matthias Leisi
- Re: several messages Mark Andrews
- Re: several messages David Morris
- Re: several messages Al Iverson
- Re: uncooperative DNSBLs, was several messages John Levine
- Re: uncooperative DNSBLs, was several messages Jim Hill
- Re: several messages John C Klensin
- Re: several messages Al Iverson
- RE: several messages Hallam-Baker, Phillip
- Re: uncooperative DNSBLs, was several messages Matthias Leisi
- Re: uncooperative DNSBLs, was several messages Al Iverson
- RE: several messages Anthony Purcell
- Re: uncooperative DNSBLs, was several messages Dave CROCKER
- Re: several messages der Mouse
- Re: uncooperative DNSBLs, was several messages Andrew Sullivan
- Re: uncooperative DNSBLs, was several messages David Romerstein
- Re: uncooperative DNSBLs, was several messages Jim Hill
- Re: several messages Chris Lewis
- Re: uncooperative DNSBLs, was several messages Chris Lewis
- Re: uncooperative DNSBLs, was several messages John C Klensin
- Re: uncooperative DNSBLs, was several messages Dave CROCKER
- Re: uncooperative DNSBLs, was several messages Tony Finch
- Re: uncooperative DNSBLs, was several messages Andrew Sullivan
- Re: uncooperative DNSBLs, was several messages John C Klensin
- Re: uncooperative DNSBLs, was several messages Matthias Leisi
- Re: uncooperative DNSBLs, was several messages Al Iverson
- Re: uncooperative DNSBLs, was several messages Andrew Sullivan
- Re: uncooperative DNSBLs, was several messages John C Klensin
- Re: uncooperative DNSBLs, was several messages Ted Hardie
- Re: uncooperative DNSBLs, was several messages Matthias Leisi
- Re: uncooperative DNSBLs, was several messages Ted Hardie
- Re: uncooperative DNSBLs, was several messages Tony Finch
- Context specific semantics was Re: uncooperative … Ted Hardie
- Clarifying harm to DNS (was: uncooperative DNSBLs… Andrew Sullivan
- Re: Context specific semantics was Re: uncooperat… Ted Hardie
- Re: uncooperative DNSBLs, IETF misinformation (wa… Steve Linford
- RE: Context specific semantics was Re: uncooperat… Hallam-Baker, Phillip
- Re: uncooperative DNSBLs, was several messages Peter Dambier
- Re: uncooperative DNSBLs, was several messages David Romerstein
- Re: uncooperative DNSBLs, was several messages Peter Dambier
- Re: uncooperative DNSBLs, was several messages Keith Moore
- Re: uncooperative DNSBLs, was several messages Chris Lewis
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: uncooperative DNSBLs, IETF misinformation (wa… Steve Linford
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: Context specific semantics was Re: uncooperat… Tony Finch
- Re: Context specific semantics was Re: uncooperat… John Levine
- RE: Context specific semantics was Re: uncooperat… Hardie, Ted
- RE: Context specific semantics was Re: uncooperat… Tony Finch
- Re: several messages Rich Kulawiec
- Re: uncooperative DNSBLs, was several messages Rich Kulawiec
- Re: uncooperative DNSBLs, IETF misinformation (wa… Al Iverson
- Re: Context specific semantics was Re: uncooperat… Ted Hardie
- RE: Context specific semantics was Re: uncooperat… Ted Hardie
- Re: several messages John C Klensin
- Re: several messages Al Iverson
- Re: Context specific semantics was Re: uncooperat… John L
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: uncooperative DNSBLs, IETF misinformation (wa… Al Iverson
- RE: uncooperative DNSBLs, IETF misinformation (wa… michael.dillon
- Re: several messages John C Klensin
- Re: several messages Chris Lewis
- Re: uncooperative DNSBLs, IETF misinformation (wa… Keith Moore
- Re: several messages Al Iverson
- RE: several messages michael.dillon
- Re: uncooperative DNSBLs, IETF misinformation (wa… Al Iverson
- Re: Context specific semantics was Re: uncooperat… Ted Hardie
- Re: Context specific semantics was Re: uncooperat… Douglas Otis
- Re: uncooperative DNSBLs, IETF misinformation (wa… Theodore Tso
- Re: Context specific semantics was Re: uncooperat… Theodore Tso
- Re: uncooperative DNSBLs, IETF misinformation (wa… Chris Lewis
- Re: more bad ideas, was uncooperative DNSBLs, was… John Levine
- Re: more bad ideas, was uncooperative DNSBLs, was… Chris Lewis
- Re: Context specific semantics was Re: uncooperat… John L
- Detecting and disabling bad DNSBLs Peter Dambier
- Re: Detecting and disabling bad DNSBLs Steve Linford
- Re: several messages Pekka Savola
- Re: more bad ideas, was uncooperative DNSBLs, was… Keith Moore
- Re: several messages Rich Kulawiec
- Is USA qualified for 2.3 of draft-palet-ietf-meet… YAO
- RE: [73attendees] Is USA qualified for 2.3 ofdraf… Song Haibin
- Re: several messages Tom.Petch
- Re: [73attendees] Is USA qualified for 2.3 of dra… Phillip Hallam-Baker
- Re: [73attendees] Is USA qualified for 2.3 of dra… james woodyatt
- Re: several messages John C Klensin