IETF Logo Mail Archive

Re: Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard

Andrew Sullivan <ajs@anvilwalrusden.com> Mon, 20 July 2015 14:14 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFDC11A86FE for <ietf@ietfa.amsl.com>; Mon, 20 Jul 2015 07:14:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.414
X-Spam-Level:
X-Spam-Status: No, score=-0.414 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FAKE_REPLY_C=1.486] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D1KJIKlh4GOf for <ietf@ietfa.amsl.com>; Mon, 20 Jul 2015 07:14:24 -0700 (PDT)
Received: from mx2.yitter.info (mx2.yitter.info [50.116.54.116]) by ietfa.amsl.com (Postfix) with ESMTP id 50C0E1A891E for <ietf@ietf.org>; Mon, 20 Jul 2015 07:14:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx2.yitter.info (Postfix) with ESMTP id F1EA5105E1 for <ietf@ietf.org>; Mon, 20 Jul 2015 14:14:23 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx2.yitter.info ([127.0.0.1]) by localhost (mx2.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RSm77VKH26Mq for <ietf@ietf.org>; Mon, 20 Jul 2015 14:14:21 +0000 (UTC)
Received: from mx2.yitter.info (dhcp-b10d.meeting.ietf.org [31.133.177.13]) by mx2.yitter.info (Postfix) with ESMTPSA id 762B510012 for <ietf@ietf.org>; Mon, 20 Jul 2015 14:14:21 +0000 (UTC)
Date: Mon, 20 Jul 2015 16:14:19 +0200
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: ietf@ietf.org
Subject: Re: Last Call: <draft-ietf-dnsop-onion-tld-00.txt> (The .onion Special-Use Domain Name) to Proposed Standard
Message-ID: <20150720141417.GD22736@mx2.yitter.info>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <6CE9EB308574E3234EAE5B0E@JcK-HP8200.jck.com> <CA+9kkMBGAfKhFpiPV8L+cz2gXu8ccD8YmfgJ_PXHqDRaknjO-Q@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/rKLWDq15qBS63NtkPJsJ9733_b8>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 14:14:30 -0000

Hi,

On Wed, Jul 15, 2015 at 09:56:27AM -0700, Ted Hardie wrote:

> From an architectural perspective (but still wearing my hat as an
> individual), this method for partitioning the namespace has a very poor
> long-term characteristics.
[…]
> ways to partition the namespace.  pseudo-TLDs are not required; they look
> convenient because they hide the costs.

On Wed, Jul 15, 2015 at 03:13:35PM -0400, John C Klensin wrote:

> mechanisms be allocated (and placeholders delegated if needed)
> in a separate DNS CLASS, say "SN" for "Special Name".  Zero
> impact on the ICANN/IANA root from queries gone bad, no conflict
> with names ICANN allocates even if the labels are the same
> (remember that QCLASS=ANY has never worked), etc.  It would be
> about the clearest signal of the need to do local resolution
> possible and it would be name-independent.

I agree with both of these analyses, and I think there's a problem.
But it might be a problem with decisions we've already made.

We have some features in the DNS that are also duplicated as
work-arounds that are widely deployed.  The obvious example is
RRTYPEs.  In lots of cases, rather than using a nice special-purpose
type designed to carry the kind of data a conforming application
wants, people have created one or more "underscore labels" and put
structured RDATA in a TXT record.  This is a kind of in-band
signalling that is ugly, but which worked around the deplpoyability
issues with new RRTYPEs.

It seems to me that local and onion are another example of this, only
either for classes, or else for resolution protocol switching (I
suspect these two boil down to the same thing).  Basically, local was
a way of communicating, "Don't query me in the IANA DNS root name
space."  Since classes mostly didn't work anywhere, rather than
starting a new class to do this, mDNS and now Tor use the end-most
non-null label to signal, "Don't look this up in the IANA root."

But it seems to me that the fact people are inventing ways to do the
things the protocol already offers, and doing violence to the overall
system at the same time, suggests that we're doing something
fundamentally wrong with DNS.  I wish I had a clue what to do about
this, because I think there's faint hope that we're going to be able
to prevent these continued innovations: RRTYPEs are not a great deal
easier to deploy (though they're easy in nameservers themselves), and
CLASSes still don't really work[1].  I don't know whether what this
shows is that we just have to put up with the mess that all of this is
making, or whether what it's really telling us is that DNS's seams are
finally bursting from all the stuff we have tried to stick in there
(cf. http://www.cafepress.com/nxdomain/8592477 Note: possibly
offensive term).

Best regards,

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com

v2.23.0 | Report a Bug | By Email