IETF Logo Mail Archive

Re: the names that aren't DNS names problem, was Last Call: <draft-ietf-dnsop-onion-tld-00.txt>

Eliot Lear <lear@cisco.com> Tue, 21 July 2015 07:20 UTC

Return-Path: <lear@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BA181AD0C9 for <ietf@ietfa.amsl.com>; Tue, 21 Jul 2015 00:20:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ceZl2lKhnpZ2 for <ietf@ietfa.amsl.com>; Tue, 21 Jul 2015 00:20:11 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 257F11AD0B5 for <IETF@ietf.org>; Tue, 21 Jul 2015 00:20:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2961; q=dns/txt; s=iport; t=1437463210; x=1438672810; h=subject:to:references:from:message-id:date:mime-version: in-reply-to; bh=twc/f4aQpWZHQXP701fDfrpEhanypsvQ+m44M//HjZk=; b=a0jjl6Dn16fynD9+NUZcd3j2c+Zq5vG7zPQmnN+v/eRRAAkzARYy4dNK STOrvC3aL4QAuQzNe1ihsbDaPkJC8aeQNl1T40ja21aD7oNJXxQm66iGN kCvhwP2j00dn+1M/umnhmKOuZ+18I/3BXontpUOlohsLFh644G76mAGFK 4=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DEBAB28a1V/xbLJq1ch3LAXAKBfQEBAQEBAYELhCQBAQQjMSQRCyEWCwICCQMCAQIBRQYBDAgBAYgqsx+WUQEBAQEBAQEDAQEBAQEBARuKSoEChQ2CaIFDAQSUU4I2gVeIHYFDhwqMYINhJmOBW4FAPIJ8AQEB
X-IronPort-AV: E=Sophos;i="5.15,514,1432598400"; d="asc'?scan'208";a="570853533"
Received: from aer-iport-nat.cisco.com (HELO aer-core-3.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP; 21 Jul 2015 07:20:08 +0000
Received: from [10.61.164.232] ([10.61.164.232]) by aer-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id t6L7K8WM028907; Tue, 21 Jul 2015 07:20:08 GMT
Subject: Re: the names that aren't DNS names problem, was Last Call: <draft-ietf-dnsop-onion-tld-00.txt>
To: John Levine <johnl@taugh.com>, ietf <IETF@ietf.org>
References: <20150720192219.53802.qmail@ary.lan>
From: Eliot Lear <lear@cisco.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <55ADF2A7.3080403@cisco.com>
Date: Tue, 21 Jul 2015 09:20:07 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <20150720192219.53802.qmail@ary.lan>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="RVOdoKm8VCR66Nlk4uuVpUmQQg6KJnExB"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/GA1OyGbSuD1BO9rRsCgYUbQ77xk>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2015 07:20:14 -0000

Hi,

On 7/20/15 9:22 PM, John Levine wrote:

> [John Klensin's question about taking all of this back to ICANN] is an excellent question, and I suppose it couldn't hurt to ask.
> But I have little confidence that ICANN in anything like its current
> form, where it is dominated by people who want to collect rent on
> every imaginable TLD, would come up with an answer any better than let
> them pay $185K and take their chances.

That's exactly it.  Some mechanism is needed to address pragmatics of a
situation, something that the IETF has a pretty good (albeit not
perfect) record on addressing.  That mechanism could sit at ICANN, the
IETF, or even both organizations.  No matter what one's opinion of Tor
is, the fact is that it's out there and in use.  They don't intend that
the DNS be used, and yet there is clearly an interaction between the two
namespaces at the CA level.  It's possible that the CA people could have
created a new usage constraint, but history shows that the extension
isn't well accepted, and that could actually hinder secure deployment.

And so to those who think ICANN should reserving names, one reasonable
question would be “why haven't they done so?”  Perhaps the answer is
that they have sufficient confidence in the approach that we are
following that they don't feel the need to do anything else.

Someone noted that having a lengthy argument on the IETF list about this
a bad thing.  If we had to repeat the principles argument without any
new information or ideas, I would tend to agree.  But otherwise this
discussion has served as a healthy self-limiting function over the
growth of 6761 reservations; which is exactly what should happen, and
perhaps the reason why folks at ICANN should be very confident in the
IETF's decision process in this regard.

And it call comes down to pragmatics, which, John, you highlighted in
your first comment about All of This.  That's why I support the draft
going forward.

Eliot

v2.23.0 | Report a Bug | By Email