IETF Logo Mail Archive

Re: Update of RFC 2606 based on the recent ICANN changes ?

Keith Moore <moore@network-heretics.com> Wed, 09 July 2008 01:59 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D660F3A6952; Tue, 8 Jul 2008 18:59:54 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A2E573A6952 for <ietf@core3.amsl.com>; Tue, 8 Jul 2008 18:59:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G2EgoMYTCRHe for <ietf@core3.amsl.com>; Tue, 8 Jul 2008 18:59:52 -0700 (PDT)
Received: from m1.imap-partners.net (m1.imap-partners.net [64.13.152.131]) by core3.amsl.com (Postfix) with ESMTP id 7A16F3A6931 for <ietf@ietf.org>; Tue, 8 Jul 2008 18:59:52 -0700 (PDT)
Received: from lust.indecency.org (adsl-6-17-238.tys.bellsouth.net [65.6.17.238]) by m1.imap-partners.net (MOS 3.8.4-GA) with ESMTP id AWJ27360 (AUTH admin@network-heretics.com) for ietf@ietf.org; Tue, 8 Jul 2008 18:59:55 -0700 (PDT)
Message-ID: <48741B92.7090107@network-heretics.com>
Date: Tue, 08 Jul 2008 21:59:46 -0400
From: Keith Moore <moore@network-heretics.com>
User-Agent: Thunderbird 2.0.0.14 (Macintosh/20080421)
MIME-Version: 1.0
To: Ted Faber <faber@ISI.EDU>
Subject: Re: Update of RFC 2606 based on the recent ICANN changes ?
References: <20080708172708.GC2519@zod.isi.edu> <200807090054.m690sjPw067847@drugs.dv.isc.org> <20080709014259.GJ92049@zod.isi.edu>
In-Reply-To: <20080709014259.GJ92049@zod.isi.edu>
Cc: Mark Andrews <Mark_Andrews@isc.org>, Theodore Tso <tytso@MIT.EDU>, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

>> 	The (some) resolver handles names differently if it contains a dot.
> 
> The distinction that I have been unclearly stating is between absolute
> and relative names.  RFC 1034 (i said 1035 earlier, but it's 1034) lays
> out a convention for specifying which one you want by appending the dot.
> As long as you tell the resolver which one you want, it matters little
> if the dot character is at the end or not.

in my experience, far too often applications don't tell the resolver 
which one they want.  also, APIs can vary enough from one implementation 
to another that a "portable" application may behave differently 
depending on which API implementation it is using.

> 1034/1035 compliant resolvers are allowed to do site dependent things to
> relative names and not to absolute ones.

for better or worse, application protocols and applications haven't 
strictly followed 1034/1035 in this regard.

>> 	There is a good case to be made that "pet" should *never*
>> 	be looked up as plain "pet" if there is not a match on the
>> 	search list.
>>
>> 	There is a good case to be made that "pet.com" should never
>> 	be looked up against the search list.
> 
> I prefer the 1034/1035 view that this sort of decision is up to the
> application and the DNS admin and that the DNS simply provides the
> ability to do both.

in general I agree, but I think we've learned a few things since then 
about the corner cases.

(I would _almost_ agree that "pet" should never be looked up as plain 
"pet" - except that I think it should be possible to directly query a 
server to find out what RRs that server has (right or wrong) and I 
wouldn't want the server to lie or the API to prevent such queries. 
That's why I would rather forbid servers to forward single-label queries 
- and perhaps, to refuse to cache NS records for them.)

> If I "want" those labels to work at all it's because their working
> reflects a clean DNS design.  

Cleanliness is secondary to function.  The purist in me likes regularity 
too.  But even if the _protocol_ is the same at the root as for any 
other zone, the root of the _name space_ really is special, and 
inherently so (given that these labels have semantics associated with 
them).  At a certain very technical level there is no difference between 
the root and any other zone.  But at a different level the root has a 
special role and is different than the other zones.  It is a single 
point of failure - not in the sense of a single server or a single 
network link but in the sense of a single organization running it whose 
mistakes affect the entire network.  Also, the relationship between the 
root and its subdomains is likely to be very different than that between 
any other domain and its subdomains.

> If you're worried about a flat namespace, attack the right problem - a
> proliferation of TLDs, not this business of the TLD having an A record
> at the top. 

Vanity TLDs are indeed part of the problem.  Without vanity TLDs there 
would be much less incentive to have single-label domain names.

(I guess I need a better name than "vanity" TLDs for these - but I think 
you get what I mean.)

Keith
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email