Re: new DNS classes

Phillip Hallam-Baker <> Thu, 06 July 2017 04:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 193C8129461; Wed, 5 Jul 2017 21:36:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Vci55RV2p_rE; Wed, 5 Jul 2017 21:36:16 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4010:c07::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 41B951243FE; Wed, 5 Jul 2017 21:36:16 -0700 (PDT)
Received: by with SMTP id h22so4400569lfk.3; Wed, 05 Jul 2017 21:36:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=V8dDEX5M0XIia6gUEqiksXZFnKBoTQBiiR7LFzF8d08=; b=fFN36po4WTLFNsUR1emAnSQMOw+s4M3Asrs1YDZn4fnx8921WlYsJLWVM4B8tENehS mP5J+riEJjtkCkaxuaxGQFlFZXQHY6alxaO1MqvZ9lFg5zrpqClvEwSj7yxKzNPPA5YC HUru+1YnkMtw5FvQflmEusTNltJSK5sE/nmsn9evAZ3S3MDizdjCunuyPbscMPSgCTtj oEfZvkI8zozJlaqhqpdQZeftzcozvccql1l2TIYyNIuJjbY15e8FOJ9Ip4L48a7jE3Nn Af2xK732090fFS9FddlkF96RgK6dJoD0AwfLiU4AlMcBziK+egso+YiGLh2eMuOJnrfk CLEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=V8dDEX5M0XIia6gUEqiksXZFnKBoTQBiiR7LFzF8d08=; b=icAH8GGPEc8S7tFsBiO/Gu/zrLomkKzddbRoVBD0L85YYaGfFloaLO2WOYVFh7pqqC d53+G63H7oG62mBoooHgjbtZdlofdDWfCiqof1vlCSwD9hDwZcdJN52eo54uePKuxEPo 7SFZaPjJ6waNfKWMy4tSfHd9LQD7n/BjQRyGSoF0zH6MhnZ9WY/I9GixrGXGFW6OFKc0 w5We1U1X4EUPoBwrHJAx1KcEeb7bLqghcHyItntyZEhN6mwmGsDqmBsPrxY1yxAyPLxB Z/s1XQUFt8q2cn1SUVS6z0IU5xZEGD5rCKIzVCb3DHh9ZG6kew38yAahJB5eX2qTvbp4 K5+w==
X-Gm-Message-State: AKS2vOz4nA33sjERjYXb2+8WMfMEGp06nmn2U5/T3V9pVZVgD+9Cielp bj22RekIzC/s6WYnmxKq7LdZ7y1Wxg==
X-Received: by with SMTP id w22mr14248753ljd.76.1499315774526; Wed, 05 Jul 2017 21:36:14 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Wed, 5 Jul 2017 21:36:13 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <>
From: Phillip Hallam-Baker <>
Date: Thu, 6 Jul 2017 00:36:13 -0400
X-Google-Sender-Auth: 11VU_fcJcw2ddh7WhambWdWUxQM
Message-ID: <>
Subject: Re: new DNS classes
To: Paul Vixie <>
Cc: dnsop <>, IETF Rinse Repeat <>
Content-Type: multipart/alternative; boundary="f403045fb428259b6605539ea89e"
Archived-At: <>
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 06 Jul 2017 04:36:18 -0000

There are changes to the DNS that are practical and those that are not. For
better or worse, I can't see any way that teaching DNS to use new classes
makes any sense at this point. The only point at which it would have made
sense was when internationalization happened. But the path chosen makes
more sense.

ICANN will manage whatever bits of the DNS consensus agrees it should
manage. The only events likely to break consensus would be an attempt by
some government to strong arm ICANN into a breach of faith with the
community and succeeding or some really spectacular peculation.

It seems to me that if people want to do anything new with DNS that they
should use prefixes, new RRs or both as the mechanism, not the class which
is limited anyway.

DNS is not a full service directory. Nor does it need to be. A UDP packet
is big enough for a link, a fingerprint and a digital signature. That is
all that you ever need.

The X.500 and UDDI models were broken because there is no point in putting
information into a directory if the service can return it in a service