Re: Services and top-level DNS names (was: Re: Update of RFC 2606

Mark Andrews <> Mon, 07 July 2008 00:30 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id AACAE3A676A; Sun, 6 Jul 2008 17:30:25 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2CB6E3A6765 for <>; Sun, 6 Jul 2008 17:30:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.3
X-Spam-Status: No, score=-3.3 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599, GB_I_LETTER=-2]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ShyR6o9g6wG6 for <>; Sun, 6 Jul 2008 17:30:23 -0700 (PDT)
Received: from ( [IPv6:2001:470:1f00:820:214:22ff:fed9:fbdc]) by (Postfix) with ESMTP id 999CF3A6807 for <>; Sun, 6 Jul 2008 17:30:22 -0700 (PDT)
Received: from (localhost []) by (8.14.2/8.14.2) with ESMTP id m670UIR1073241; Mon, 7 Jul 2008 10:30:19 +1000 (EST) (envelope-from
Message-Id: <>
To: John Levine <>
From: Mark Andrews <>
Subject: Re: Services and top-level DNS names (was: Re: Update of RFC 2606
In-reply-to: Your message of "Sat, 05 Jul 2008 09:00:36 -0400." <>
Date: Mon, 07 Jul 2008 10:30:18 +1000
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

> >> As someone else pointed out, there are currently about two dozen TLDs with
> >> A or MX records at the apex.  Some of them have been like that for many
> >> years, and as best I can tell, the Internet has not thereby collapsed.
> >
> > 	How many label our hosts with two letter domain names?
> Beats me, but since there are several hundred TLDs, it seems to me that 
> the chances are pretty low that everyone in the world has managed to avoid 
> using them as host names.
> > 	Do you have any evidence that they have not caused problems?
> Hey, you're the one claiming that there's a global disaster in progress of 
> which nobody seems to be aware.  If there's evidence, tell us about it.
> >        I suspect that other sites that used the names just put up
> >        with the pain of renamimg hosts along with the resultant
> >        risk of email being misdirected.
> Perhaps you could start by asking people at how long their mail 
> has been unusable.

	The problem is that user@ai is not globally unique. 

	MIT users will have problems talk to user@ai when "ai" means
	Anguilla.  The is a current security issue.

	If / when MIT stop using, "user@ai" will not longer
	mean  This will mean that any configuration file
	that has "user@ai" will now, suddenly, get a different meaning.
	This is a latent security issue.

> Look, we all know there's an unlimited number of ways one can screw up 
mail and web configuration.  If you put an underscore in the name of a web 
> server, as often as not it sort of works even though it's flatly forbidden 
> by RFCs.  Or if you put an @ or % character in the local part of your 
> e-mail address, it'll fail all over the place even though the RFCs say 
> that's fine.

	I don't condone those actions.

	If I see someone using underscore in a hostname I tell them
	that they have made a error.

	As for the % hack.  That should only be processed by the
	machines handling the domain to the right of the @ sign.
	If I saw a machine mishandling it I would complain to the
	owner of the broken machine.

	Similarly if "foo@bar"@domain failed I'd complain to owner
	of the machine that is broken.
> Why is this particular configuration issue so uniquely awful that the IETF 
> and ICANN need to tie themselves up in knots about it?  ICANN has plenty 
> of real problems on its plate, like registrars who steal people's names 
> and won't give them back.  This isn't one of them.

	This is worse.

	The owner of a domain name that has been stolen can go to
	the courts to get it back.  The have a remedy path outside
	of ICANN.

	This is a fundemental attack on the communication infrastruction
	of the Internet which is predicated on there being globally
	unique names.  It needs to be nipped in the bud before it
	gets too bad.


> Regards,
> John Levine,, Primary Perpetrator of "The Internet for Dummies
> ",
> Information Superhighwayman wanna-be,, ex-Mayor
> "More Wiener schnitzel, please", said Tom, revealingly.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET:
Ietf mailing list