Re: new RRTYPEs, was DNSSEC architecture vs reality

Vittorio Bertola <> Thu, 15 April 2021 10:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7307B3A1979 for <>; Thu, 15 Apr 2021 03:11:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, LOTS_OF_MONEY=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id xQWXuHajmkTL for <>; Thu, 15 Apr 2021 03:11:19 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B2F613A1975 for <>; Thu, 15 Apr 2021 03:11:18 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id 90AC46A013; Thu, 15 Apr 2021 12:11:13 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=201705; t=1618481473; bh=wsRrJJhD+x2bAAW+Uii/NFCiiFJYkEJ/pXtxa/NmxFw=; h=Date:From:To:In-Reply-To:References:Subject:From; b=A1Nr767VNNuYJCOxqC0HrBKBbhlUSr+8mY9Fz+4xFmZmyca8EjyL9yDlEopKk3gdg cSQ4CUfm3IZ4nIBweUzlc5sNPxUAvUI99d6ICgb7FrFmcz0ULLogWbG/hfu5H7cgBc TxberbKjC7Yo9sZKGDP//0VMlP338AGrc+Ca5qaTWxBQD3Y1JuhQk7eQWdyXgRWu2Y 4a/5h8FVO1WAj/6yC2rHJVqbw8S0KbX7KSEPZZklECIEIXCGQmYo8Wtc1T4KvbwihA jHovoKJA2cYeQ82F717e0S8QZoCI3FEbxoX5kd9plxFjBSmQsq+jSKeFGuheQ7rvju VmQGSK/H+zN/g==
Received: from ([]) by with ESMTPSA id 3Pk3I0EReGD1BQAA3c6Kzw (envelope-from <>); Thu, 15 Apr 2021 12:11:13 +0200
Date: Thu, 15 Apr 2021 12:11:13 +0200 (CEST)
From: Vittorio Bertola <>
To: Phillip Hallam-Baker <>, IETF Discussion Mailing List <>
Message-ID: <>
In-Reply-To: <>
References: <20210413015000.9297272C47BA@ary.qy> <> <> <> <YHdE/> <>
Subject: Re: new RRTYPEs, was DNSSEC architecture vs reality
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_84552_1532935660.1618481473514"
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.5-Rev8
X-Originating-Client: open-xchange-appsuite
Autocrypt:; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 15 Apr 2021 10:11:23 -0000

>     Il 14/04/2021 21:57 Phillip Hallam-Baker <> ha scritto:
>     The cost of providing service is less than $0.10
>     I propose to sell names of 9 characters or more for $0.10, increasing by a factor of 10x for each character less than 9.
>     So @a is $10 million, @alice is $1,000, @bob is $100,000 and so on. (or would be only @alice and @bob are reserved names for examples.) The best names tend to be shorter names and so the cost would be quite a bit higher but that is just making sure that we don't leave too much money on the table while giving people incentive to market Mesh names (and thus the Mesh).
>     Yes, this does leave money on the table but I reckon that there Mesh foundation needs an income of about $10 million /year to do what I want it to achieve. Running the registry should cost less than a million. The rest will go to funding open source specs and reference code, funding conferences, etc. etc.
And the IETF. I mean, the IETF, through several indirection layers, gets a big chunk of its funding from the fact that ISOC runs .org. If this dries up in favour of your foundation, I'm sure that you will be willing to pick up the sponsorship of the IETF - and also of all other events and organizations that currently get sponsored by a gTLD registry.

But wait, there's more: in many countries, ccTLD registries are a significant source of funding for all sorts of national Internet projects - research, localization of technology, education, events, industry standardization, governance discussions, content policy enforcement, you name it. You would of course need to spread your funds evenly throughout the planet.

>     No, as they put it in the Godfather, I am not a communist. The not for profit registry is separate from my for-profit Mesh Service Provider and apps businesses. 
>     The tricky part here will be to make sure that certain names with valid IPR claims end up in the right place. Obviously, @microsoft, @apple, @cisco etc. have to go to the right place or there is a security issue. But again, read the draft.
Well, it took seven years for ICANN to decide whether ".amazon" should go to Amazon the company or to Amazon the geographic region as represented by ACTO ( and by the sovereign countries that formed it, and even after the decision was taken, the concerns and the complaints have not ended yet. Perhaps you can come up with a better, more fair solution that will not create international tensions and will not just award politically, socially or religiously relevant names to those that show up with the biggest pile of money (speaking of diversity and inclusiveness...). However, your draft seems silent on this kind of problems, which are also part of the reason why domain names have a price way higher than their operational cost.

I do not necessarily disagree with your idea, but it looks to me that you are underestimating its non-technical impact if it ever succeded - or, if you prefer, the amount of pushback against implementation for non-technical reasons.


Vittorio Bertola | Head of Policy & Innovation, Open-Xchange 
Office @ Via Treviso 12, 10144 Torino, Italy