Re: Update of RFC 2606 based on the recent ICANN changes ?

Keith Moore <> Tue, 08 July 2008 21:41 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id 5B6D728C2E2; Tue, 8 Jul 2008 14:41:17 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 407E328C2E2 for <>; Tue, 8 Jul 2008 14:41:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[AWL=-0.100, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id UFcUwhGyJydi for <>; Tue, 8 Jul 2008 14:41:15 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 6732D28C266 for <>; Tue, 8 Jul 2008 14:41:15 -0700 (PDT)
Received: from ( [] (may be forged)) by (MOS 3.8.4-GA) with ESMTP id AWJ01097 (AUTH for; Tue, 8 Jul 2008 14:41:18 -0700 (PDT)
Message-ID: <>
Date: Tue, 08 Jul 2008 17:41:12 -0400
From: Keith Moore <>
User-Agent: Thunderbird (Macintosh/20080421)
MIME-Version: 1.0
To: Joe Touch <touch@ISI.EDU>
Subject: Re: Update of RFC 2606 based on the recent ICANN changes ?
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Cc: Ted Faber <faber@ISI.EDU>, Mark Andrews <>, Theodore Tso <tytso@MIT.EDU>,
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"

>> I don't think 1034 was handed down from a mountain on stone tablets.
> It was not. But when other programs started using the DNS, it was *they* 
> that endorsed what the DNS as per that doc.

...but they also profiled it in various ways for use with that specific 
app.  Some apps define their own RRs, others use MX or SRV or TXT 
records, others restrict the syntax of allowable DNS names beyond the 
restrictions imposed by DNS itself.  And IDNs have their own subtle (and 
not-so-subtle) effects which can also vary from one app to the next.

It's really no different than a protocol specification saying (for 
example) "this protocol is layered on top of TLS, but certain 
ciphersuites are not acceptable as they're not suitable for this case."

>> I believe it always was inevitable that different apps would use DNS 
>> (or any shared naming facility) in slightly different ways.
> Yes. Some ways are compliant, others are not.
>> Yes this is somewhat confusing, but DNS (like the rest of the 
>> Internet) has been stretched far beyond its original design goals or 
>> scale.  For instance, we don't interpret DNS names as hostnames any more 
> Who doesn't? If you're saying they could be more than one host, fine. If 
> you're saying they're not hosts any more, I disagree.

I'm saying that the mapping between a DNS name and a set of hosts is 
more-or-less arbitrary.  It can be zero hosts, one host, many hosts. 
And with MX and SRV records, the mapping between the DNS name and the 
hosts that provide that service can differ from one application to the 
next.   That's a long way from the traditional concept of "host name" 
where a host was a single box with a user community and a set of 
services that were all associated with that name.  Nowdays we're much 
more likely to use a different DNS name for each service.  The 
traditional notion of "host" as a box that you could log into is only 
one such service, and (for most users) a fairly minor one at that.

> If you're intent on saying "the Internet is whatever anyone says it is 
> on any given day" - as the above suggests - I appreciate your confusion. 
> I prefer to consider the Internet as being based on standards, and 
> reliably working when - and *because* - we adhere to them.

I often find myself *wishing* the Internet worked that way.  Then we 
wouldn't have NATs, for instance.  And I long for a day when we actually 
  design protocols that use other protocols based on a careful 
consideration of well-known characteristics of those substrate protocols 
- much in the way that a structural engineer (say) designs structures 
based on the characteristics of load-bearing members and fasteners.

But I don't think we're there yet.  And even if we had been doing that 
all of these years, I doubt that we'd all be using DNS in the same way 
today.  Rather, we'd have a dozen DNS-like systems, all slightly 
different from one another, with some degree of inconsistency in name 
assignment from one to the next.  Because insisting on strict adherence 
to 1035 would not have removed the need for different protocols to use 
DNS in slightly different ways.


Ietf mailing list