Re: [DNSOP] new DNS classes

Andrew Sullivan <> Mon, 10 July 2017 16:07 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E0C111317C4; Mon, 10 Jul 2017 09:07:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key) header.b=Vy9bGSAE; dkim=pass (1024-bit key) header.b=VEj+ZbcB
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id jSyqKXNJg9nl; Mon, 10 Jul 2017 09:07:22 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 67AB3129B05; Mon, 10 Jul 2017 09:07:22 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9B88EC03BA; Mon, 10 Jul 2017 16:06:51 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=default; t=1499702811; bh=yPpQhG0wMXoKCiTNTy6Jv+1bzGTmOqrlEWsaq50TTHQ=; h=Date:From:To:Subject:References:In-Reply-To:From; b=Vy9bGSAEIq+2EAHhkpNmRSh9k/DbMw6hS3qVfR7s/QdZfxWSF4awVAKlBnHS8sROH QVrSaWI8PquWQc+S48UcXD7eFZvN8rh8ig6nVRyQbNVsrBaJTpt5bgMoxoAquXAQLP AAYPZGj+hK7cjmt9v6iJo0PAvQJnOzHGElU4IOA0=
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id VHtjGh4BbE-4; Mon, 10 Jul 2017 16:06:50 +0000 (UTC)
Date: Mon, 10 Jul 2017 12:06:48 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=default; t=1499702810; bh=yPpQhG0wMXoKCiTNTy6Jv+1bzGTmOqrlEWsaq50TTHQ=; h=Date:From:To:Subject:References:In-Reply-To:From; b=VEj+ZbcBDdUxnFhDKcvBPhr3AfryuKOX9/v42pd4HwZbaSYWFuR6JUT81ogrLv3EG p7kXO+UBS+h4Jq1rN56XWFIuueBM1bBmHB5//8zUzX059LTPz+fRilo41iQy3GiA6H ugVwB9PpWYXsxM8/tG2ZW8DGG8lgnu9G36uyPM4I=
From: Andrew Sullivan <>
Subject: Re: [DNSOP] new DNS classes
Message-ID: <>
References: <562EC659F89FA92A09CAC4DB@PSB> <20170706153955.GB3393@localhost> <> <> <> <> <> <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
Archived-At: <>
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 10 Jul 2017 16:07:24 -0000

On Mon, Jul 10, 2017 at 11:14:26AM +1000, Mark Andrews wrote:
> b) For DNS tools to add support for allocated data types within X
>    months of them being assigned by IANA.  Allocated types are
>    supposed to have stable wire and presentation formats.
> for a reasonable value of X (<= 12?).

With all due respect, that sounds like you want to make some sort of
expectation of people on the Internet -- one requiring that they spend
time or money or both to solve a problem that they apparently don't
have.  If they _did_ have it, they would already be solving it.

For instance, infrastructure operation on the Internet provides thin
profit margins.  If a customer requires a lot of attention or
hand-holding then the profit margin on that customer can disappear
pretty quickly.  Therefore, it is of critical importance to have a lot
of automated checking in place that ensures that the customer's
expectations are met.  Tools to smooth the rough edges need to be
foolproof -- customers don't want to do "rocket science" or even
"appliance science".  The tools must not only to handle a user's
input, but to be able to be pretty confident that it is going to do
something like what they wanted it to do (or else give them a hint).
Otherwise, the angry customer contacts support and wipes out the
profit on them.  The natural consequence of that is just that the more
obscure RRs are just not going to be supported in those kinds of
tools.  The risk to companies' reputations and customer satisfaction
is too great for the meagre reward.

Is this bad for the Internet?  Yes.  But that's what you get in a
system that depends on voluntary participation: sometimes other people
don't want to play your game, and unless it seems like it will be
rewarding enough most of them aren't even going to bother asking what
the rules are.

And that's just for RRTYPEs.  There is no evidence whatever that a new
CLASS is of any utility at all to anyone except maybe DNS nerds.

It is ridiculous to claim that everyone else on the Internet is wrong
and, if they would just do what we say, everything would be good.  The
Internet did not eat every other communication technology because
people found it hard to follow the Official Rules Made Up By Netgods.
It took over because it worked well enough for most people most of the
time without too much effort.  Everything actually deployed on the
Internet scratches someone's itch.  Adding support for stuff to the
DNS is a hair shirt.

Best regards,


Andrew Sullivan