[Inip-discuss] aliases and classes (was Re: Domain Names)
Andrew Sullivan <ajs@anvilwalrusden.com> Tue, 09 February 2016 18:59 UTC
Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: inip-discuss@ietfa.amsl.com
Delivered-To: inip-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 791CF1ACE80 for <inip-discuss@ietfa.amsl.com>; Tue, 9 Feb 2016 10:59:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_20=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wNNJXn6UNqyQ for <inip-discuss@ietfa.amsl.com>; Tue, 9 Feb 2016 10:59:27 -0800 (PST)
Received: from mx2.yitter.info (mx2.yitter.info [50.116.54.116]) by ietfa.amsl.com (Postfix) with ESMTP id 8CF391ACE7E for <inip-discuss@iab.org>; Tue, 9 Feb 2016 10:59:27 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx2.yitter.info (Postfix) with ESMTP id 030EB1098E for <inip-discuss@iab.org>; Tue, 9 Feb 2016 18:59:27 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx2.yitter.info ([127.0.0.1]) by localhost (mx2.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eOW-tzt3cgOd for <inip-discuss@iab.org>; Tue, 9 Feb 2016 18:59:26 +0000 (UTC)
Received: from mx2.yitter.info (unknown [IPv6:2620:0:ce0:101:c0f6:611e:edd3:768e]) by mx2.yitter.info (Postfix) with ESMTPSA id F0FE21096F for <inip-discuss@iab.org>; Tue, 9 Feb 2016 18:59:25 +0000 (UTC)
Date: Tue, 09 Feb 2016 13:59:18 -0500
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: inip-discuss@iab.org
Message-ID: <20160209185917.GE53835@mx2.yitter.info>
References: <2n8dkck7bl3hvk3pq4tya7bc.1453512710966@email.android.com> <20160123145602.GE14205@mx2.yitter.info>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20160123145602.GE14205@mx2.yitter.info>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/inip-discuss/76WW3ycgYaPPTBtGRJ45yKJPqz0>
Subject: [Inip-discuss] aliases and classes (was Re: Domain Names)
X-BeenThere: inip-discuss@iab.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IAB Internet Names and Identifiers Discussion List <inip-discuss.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/inip-discuss>, <mailto:inip-discuss-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/inip-discuss/>
List-Post: <mailto:inip-discuss@iab.org>
List-Help: <mailto:inip-discuss-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/inip-discuss>, <mailto:inip-discuss-request@iab.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2016 18:59:29 -0000
Hi, On Sat, Jan 23, 2016 at 09:56:02AM -0500, Andrew Sullivan wrote: > The class-insensitivity of CNAME and DNAME is another reason why > classes don't really work: since they both redirect the name, that > means that name aliasing in one class entails the same alias > relationship in every other class, which means that for practical > purposes the name spaces must be parallel at least around the point > where any alias is introduced. So the operation of different classes > for the a given name can't be separated, and this makes classes at > best of questionable utility. I've been working through this harder, and I think I've concluded I was wrong. The class discussion in RFC 1034 is a mess, it's still a lousy way to do this division, and I think it's underspecified; but aliasing doesn't necessarily break classes. RFC 1034, section 4.2, says this: The class partition is simple. The database for any class is organized, delegated, and maintained separately from all other classes. Since, by convention, the name spaces are the same for all classes, the separate classes can be thought of as an array of parallel namespace trees. Note that the data attached to nodes will be different for these different parallel classes. The most common reasons for creating a new class are the necessity for a new data format for existing types or a desire for a separately managed version of the existing name space. Note the specification, "The database is … delegated … separately." This is the key. Suppose you have two classes, XY and YZ. These are two acceptable arrangements: example.com. XY CNAME example.net. example.com. YZ CNAME example.org. The reason for this is that you get a different delegation from com. to example.com. when you query with class==XY than you get with class==YZ. So when you ask the name server for example.com in class XY for example.com, it already knows that it's in class XY and so it will hand out the RDATA example.net. No problem, right? Of course, there is a problem. The handling of the query the name server gets is specified in RFC 1034 section 4.3.2. Nowhere in that algorithm, as far as I can tell, is the class considered. I guess the idea is that you already know which class you're in because of the delegation. Yet while section 4.2 says that the class delegations are separate, there is of course no way to ensure that the NS record RDATA for example.com, class==XY, and the NS record RDATA for example.com, class==YZ, is always different. This means that the name server could be the same, and the nameserver for example.com therefore needs to be able to break out the class from the name before it starts following the algorithm in section 4.3.2. And of course, it can't break out the class until it has matched the name, because the name gets matched before the class because of the way the RRs are arranged. I guess the answer is that a multi-class-serving name server needs to look at the QCLASS in the query it gets, and then select the class in question, before it starts trying to match name by name. But of course, once you put it that way, it's obvious that for classes to be really useful they need to be at the beginning of the RR. So it leads us again to the conclusion that classes are not actually useful, which doubtless explains why we've ended up with the IN class hard-coded all over the place. A -- Andrew Sullivan ajs@anvilwalrusden.com
- Re: [Inip-discuss] Domain Names Warren Kumari
- [Inip-discuss] Domain Names Edward Lewis
- Re: [Inip-discuss] Domain Names Warren Kumari
- Re: [Inip-discuss] Domain Names Edward Lewis
- Re: [Inip-discuss] Domain Names Gihan Dias
- Re: [Inip-discuss] Domain Names Warren Kumari
- Re: [Inip-discuss] Domain Names Edward Lewis
- Re: [Inip-discuss] Domain Names Suzanne Woolf
- Re: [Inip-discuss] Domain Names Gihan Dias
- Re: [Inip-discuss] Domain Names Warren Kumari
- [Inip-discuss] FW: Domain Names Edward Lewis
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Eliot Lear
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Avri Doria
- Re: [Inip-discuss] Domain Names Andrew Sullivan
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Suzanne Woolf
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Warren Kumari
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Andrew Sullivan
- Re: [Inip-discuss] Domain Names Andrew Sullivan
- Re: [Inip-discuss] Domain Names Suzanne Woolf
- Re: [Inip-discuss] Domain Names Warren Kumari
- Re: [Inip-discuss] Domain Names Olaf Kolkman
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Olaf Kolkman
- Re: [Inip-discuss] Domain Names Warren Kumari
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Edward Lewis
- Re: [Inip-discuss] Domain Names Edward Lewis
- Re: [Inip-discuss] Domain Names Avri Doria
- Re: [Inip-discuss] Domain Names Edward Lewis
- Re: [Inip-discuss] Domain Names Andrew Sullivan
- Re: [Inip-discuss] Domain Names Andrew Sullivan
- Re: [Inip-discuss] Domain Names Suzanne Woolf
- Re: [Inip-discuss] Domain Names avri
- Re: [Inip-discuss] Domain Names Andrew Sullivan
- Re: [Inip-discuss] Domain Names Lyman Chapin
- Re: [Inip-discuss] Domain Names Edward Lewis
- [Inip-discuss] aliases and classes (was Re: Domai… Andrew Sullivan
- Re: [Inip-discuss] aliases and classes (was Re: D… Avri Doria
- Re: [Inip-discuss] aliases and classes (was Re: D… Edward Lewis
- Re: [Inip-discuss] aliases and classes (was Re: D… Andrew Sullivan
- Re: [Inip-discuss] aliases and classes (was Re: D… Andrew Sullivan
- Re: [Inip-discuss] aliases and classes (was Re: D… Edward Lewis
- Re: [Inip-discuss] aliases and classes (was Re: D… Andrew Sullivan
- Re: [Inip-discuss] aliases and classes (was Re: D… Avri Doria