IETF Logo Mail Archive

Re: [Inip-discuss] Domain Names

Warren Kumari <warren@kumari.net> Fri, 08 January 2016 20:20 UTC

Return-Path: <warren@kumari.net>
X-Original-To: inip-discuss@ietfa.amsl.com
Delivered-To: inip-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B8C91B2B7C for <inip-discuss@ietfa.amsl.com>; Fri, 8 Jan 2016 12:20:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2slkDx-mE0V2 for <inip-discuss@ietfa.amsl.com>; Fri, 8 Jan 2016 12:20:55 -0800 (PST)
Received: from mail-yk0-x235.google.com (mail-yk0-x235.google.com [IPv6:2607:f8b0:4002:c07::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BE041B2B71 for <inip-discuss@iab.org>; Fri, 8 Jan 2016 12:20:55 -0800 (PST)
Received: by mail-yk0-x235.google.com with SMTP id a85so297090403ykb.1 for <inip-discuss@iab.org>; Fri, 08 Jan 2016 12:20:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=dSJxuqHbu6SMDXQLS+0oS19r4UopmqMVc87WRR1gdkI=; b=yNlEqEd8PE4y6N6k8SvEZo4rLYHDo5yqOU82gSifao229x6XmqNl3oLzq3NVwFjfSd wQc5l8s6ypVWyBDAocRVduaUemY89HPAqJi6gpuLjqyb9MUp1Gu3kdKrjwhT0q76pLDR yJGhKAE+xb45JTeN+izrkac6bxCY85IA3vVDh0eottVUgq27aaXvdV7db1/IxiM0ySnW CpqmdrhC4/K3NTArkuIfGCLBaVJuJxj1x8khaKOESCVSOyknaq58yGuKZCTd/+oaV+tB tFq2H6+LSdV01GF+Uni2CJN0D0ypP0KNmyIDKyIdAcm8SbK13nYzRJoRowLuu9elB5EY nHFw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=dSJxuqHbu6SMDXQLS+0oS19r4UopmqMVc87WRR1gdkI=; b=gIDoiEaYjLiLgQUeDOntnidHdqSFASTObRc0Y4KxFX+UDXiz0X+zcpHkMUDurHdMlx DwWoXIxp5/4gUtIyqVj+m42o3Nh/AVzIpfeLHbwxTlYa1ZZg3SFaX0cA8mcEnOfQyzsH DDaRweExxUCOHHTLfUXpQtSxna2YAmK9xajpoGQzW7XJBvCPIB64KfLwoS7GCarTU1ZG 9jZA+l6CVu/eFnLfcKf3zeOjHOV1en0nW8lsV2dWVJmI03UMPZN0eGfrZdkaTMnncWCt mY55v4aemZ+HLt5I6wgKsvfUlRwMbrx1c0WsVQFVHPUKvMpF/LX1ALrprx1MZY8gNNRj cvxw==
X-Gm-Message-State: ALoCoQnNoWsqX/UMaMAVbnphzNDqhEGDLHawMwBHOhBPRnGXnMpxWA9++pzhl40NrsORe7CGHQjtroOltV2YuqExu/P5jzlLKRhxd2pakv6xdchq9gOgBAM=
MIME-Version: 1.0
X-Received: by 10.13.210.67 with SMTP id u64mr63910013ywd.42.1452284454404; Fri, 08 Jan 2016 12:20:54 -0800 (PST)
Received: by 10.37.109.134 with HTTP; Fri, 8 Jan 2016 12:20:54 -0800 (PST)
In-Reply-To: <7047EC59-873A-4A76-80EF-3F2899A9052A@interisle.net>
References: <D285CCDC.11B63%edward.lewis@icann.org> <A3306B3F-2C01-4236-8A5F-119C1669425B@isoc.org> <D2A15E6C.124B4%edward.lewis@icann.org> <7047EC59-873A-4A76-80EF-3F2899A9052A@interisle.net>
Date: Fri, 08 Jan 2016 15:20:54 -0500
Message-ID: <CAHw9_iL1f7pgaFHdqWJTpW5mxbfRYsquOO3J-5cVNLv103LSig@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
To: Lyman Chapin <lyman@interisle.net>
Content-Type: multipart/alternative; boundary="001a114e7e3004e8650528d853b2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/inip-discuss/_KU1zBkZ-rjGUQckvq9wgnM7toQ>
Cc: Edward Lewis <edward.lewis@icann.org>, "inip-discuss@iab.org" <inip-discuss@iab.org>
Subject: Re: [Inip-discuss] Domain Names
X-BeenThere: inip-discuss@iab.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IAB Internet Names and Identifiers Discussion List <inip-discuss.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/inip-discuss>, <mailto:inip-discuss-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/inip-discuss/>
List-Post: <mailto:inip-discuss@iab.org>
List-Help: <mailto:inip-discuss-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/inip-discuss>, <mailto:inip-discuss-request@iab.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2016 20:20:59 -0000

On Thu, Jan 7, 2016 at 4:57 PM, Lyman Chapin <lyman@interisle.net> wrote:

>
> On Dec 24, 2015, at 11:02 AM, Edward Lewis wrote:
>
> > Acting on Olaf's permission, in trying to prepare another version of my
> > draft.
> >
> > On 12/18/15, 7:05, "Olaf Kolkman" <kolkman@isoc.org> wrote:
> >
> >> Feel free to forward to appropriate list.
> >>
> >>
> >> A Domain Name is a sequence of labels concatenated by a designated
> >> separating character.  The Domain Name Space is organized in a strict
> >> hierarchical manner with a recognized root Domain Name.  The
> >> organization follows the rules of tree structure as defined by the
> >> field of graph theory in mathematics [Diestel].
>
> Hi Ed -
>
> In the course of working on another project, I assembled the following
> extended definition of "domain name space" in an attempt to (a) make the
> distinction between "the domain name space" and "domain names" clear, and
> (b) to encourage a bit more precision in the way in which we talk about
> domain names.
>
> -------------------------------
>
> In graph-theoretic terms, the domain name space constitutes a labelled
> directed rooted tree in which the syntax of the label associated with each
> vertex other than the unlabelled root is defined by RFCs 1035, 1123, and
> 2181. The term "nth level domain name label" refers to a member of the set
> of all vertices for which the path to the root contains n edges. For n=1
> the term most often used is "top level domain name label" or simply "top
> level domain" (TLD). A fully qualified domain name is a sequence of labels
> that represents a path from the root to a leaf vertex of the domain name
> space. The shorter term "domain name" is not formally defined; in common
> usage it may be the shorthand equivalent of "fully qualified domain name"
> (FQDN) or refer to any non-empty subset of the sequence of labels formally
> identified by a fully qualified domain name.
>
> In this formulation, the term "domain name space" refers to the complete
> graph consisting of all possible vertices and edges - not just those with
> which a specific meaning has been associated (what we might call
> "allocated" labels). It is a finite graph because the length of the longest
> possible FQDN is finite. At any point in time, there is another labelled
> directed rooted tree - a sub-graph of the domain name space - containing
> only vertices that represent allocated labels.
> ​
>


​
Poking the bear...

​This makes it sound like there is one domain name space of allocated
labels, and a graph with a single root.


This ignores things like:
+------------------+    +------------------+
|     My house     |    |   Your house     |
|                  |    |                  |
|        +-+       |    |        +-+       |
|        |.|       |    |        |.|       |
|        +++       |    |        +++       |
|         |        |    |         |        |
|      +--v--+     |    |      +--v--+     |
|      |local|     |    |      |local|     |
|      +--+--+     |    |      +--+--+     |
|         |        |    |         |        |
|   +-----v----+   |    |   +-----v----+   |
|   | _printer |   |    |   | _printer |   |
|   +----------+   |    |   +----------+   |
+------------------+    +------------------+​

It also ignores:
www.foo.bar.baz.example.com  where the example.com zonefile is:
$ORIGIN example.com.
*   IN A 192.0.2.1

In the first example, the names *do* come from a conceptual single root,
but you end up with 2 disjoint graphs - my .local is not the same as your
.local. While your definition may be technically correct (
https://www.youtube.com/watch?v=hou0lU8WMgo) it seems either incomplete, or
at least folk may be surprised...

In the second example, the "synthesized" vertices created at foo, bar and
baz *could* be claimed to "allocated" labels that exist for a very short
amount of time, but I think that this may be stretching things a bit far...

It feels like this definition works mainly for people who already
understand (and happen to have the same understanding as you and I :-))
what "the domain name space" and "domain names" are.

W




> ​
>
>
> -------------------------------
>
> So mathematically, a domain name is simply a sequence of labels. In most
> of the contexts in which we talk about, write about, or use domain names we
> add representational elements like "top to bottom" or "separating
> character," but those are not properties of a domain name.
>
> Not terribly pragmatic, I know; but it might have a place in your draft -
>
> - Lyman
>
> >>
> >>
> >> That definition covers my street address:
> >>
> >> Olaf Kolkman
> >> Internet Society
> >> 400
> >> Science Park
> >> Netherlands
> >>
> >> I think that the recursive character of a domain from RFC805 should be
> >> part of the definition.
> >
> > This comment hits on the central item in the draft that begs discussion,
> > that is, a definition of Domain Names.
> >
> > There are a few ways to attack the definition, in increasing order of
> > specificity (and perhaps not complete):
> >
> > 1 - The nature of the hierarchical arrangement of domains (embedded in
> the
> > recursive definition in RFC 805). The notion that there is a single root
> > to the tree and domains descend from that.  The notion of "right-to-left"
> > or "left-to-right" is insignificant, "top to bottom" is.  The components
> > of a domain's name are the labels from top to bottom (expressed in
> > whatever order is appropriate for the locality).  The syntax of the
> labels
> > are undefined or rather not specifically defined.  The means to extract
> > information indexed by the domain name is also not specifically defined.
> > Meaning - there has to be some implicit means of determining syntax and
> > resolution process.  Similarly, the management of the domain name is also
> > undefined.
> >
> > 2 - The look of a domain name being a sequence of labels from top to
> > bottom, separated by a dot character. This descends quickly from the
> > architectural plane and comes a long way to what client applications
> (like
> > SSH, FTP, Web Browser) will see from human user input.  The basic
> > definition is tied to ASCII but with punycode, Unicode strings can be
> > mapped in.  There is implicit signaling established for punycode results.
> > What is still a variable are: length of labels, management of labels, and
> > means to resolve.
> >
> > 3 - A definition that is (or starts with) aligned to that of the DNS.
> > There's a syntax defined, both for DNS domain names "on the wire" and in
> > zone file format, which is restricted for an era where acceptable
> > performance assumed fixed or constrained field lengths.  The DNS imposes
> a
> > centralized means of creating and managing names.
> >
> > Of these definitions, the final is the most pragmatic and concrete but
> > perpetuates an ASCII-dominate view of the Internet and is tied to ancient
> > realities of technology.  Personally I don't like that and is why I refer
> > to starting with the DNS definition like "assuming the earth is the
> center
> > of the universe" and then mapping out the other planets' orbits.
> >
> > But, this isn't about defining naming and identifier systems, it is about
> > defining a particular name and identifier system that (continues to)
> > foster reuse of software across various protocols.  Whether there is a
> > line drawn around the collection as "IETF" protocols or not is rather
> > unimportant in so much as it may not be feasible nor desirable to ever
> > draw such a line.
> >
> > Where I see the situation heading is a "clarifications" on the topic.
> The
> > ingredients for a clarification are - lack of a clear definition as
> > evidenced by a plethora of valid interpretations (which my draft has come
> > to build), a specific need to unify the concept to stem or reverse the
> > divergence (the 'crisis' over new entries to the Special-Use Domain Names
> > registry), and a willingness to realize that a clarification is
> inherently
> > a change to the base specification and some backwards compatibility pain
> > will likely be felt.  This latter point is one that has not been reached
> > yet.
> >
> > If we proceed towards a clarification on the topic of Domain Names,
> > whether or not as names and identifiers, the next order of questions to
> > consider includes the next - as one example, but a significant example:
> >
> >> When you say:
> >>
> >> I think, and I mean that as "think", there is a need to find a happy
> >> medium where identifiers can be managed in different ways (DNS hierarchy
> >> and zone admin vs. Tor's cryptographic basis) yet use similar syntax for
> >> the purposes of sharing existing protocols (like HTTP) while using
> >> different resolution processes.
> >>
> >> Then I would agree with you. The requirement that gets out of that is
> >> that there is a requirement to be able to fork the use of that
> identifier
> >> so that the application knows which resolution mechanism to take. Tor
> >> seems to be doing that based on a magic cookie in the form of the TLD
> >> label. Not sure if there are any other ways.
> >
> > There are two ways to determine the means of resolution when given a
> name.
> > One is implicit in the name, using, as an example, the top-level name
> > (note, I don't use top-level domain nor TLD), using that as a switch in
> > software that resolves names.  The other, obviously, is explicit, by
> > building into software knowledge of what kind of name is being handled,
> > e.g., using separate http schemes.
> >
> > Personal opinion of mine feels that explicit means would cause greater
> > disruption than building in an implicit definition.  Explaining this gets
> > into how to solve this as opposed to an architectural discussion, meaning
> > it gets into how client software could be built to add "yet another layer
> > of indirection" when handling the resolution of names.
> >
> > BTW, one implicit way to consider is having the top-level name "looked
> up"
> > within a newer version of a special-use domain names registry.  Limiting
> > the needed lookup key to the top-level name might or might not alleviate
> > concerns over so-called pervasive monitoring.  (I am not sure if that is
> > acceptable.)  Beyond that I can't dream of another scaleable and future
> > proof means, I mean a piece of software would hard-code in the rules for
> > an untra-privacy desiring naming system but that would not be inherently
> > scaleable.
> >
> > (I don't know if extreme privacy can scale well.  One has to be very
> > careful if one wants to be anonymous.)
> > _______________________________________________
> > Inip-discuss mailing list
> > Inip-discuss@iab.org
> > https://www.iab.org/mailman/listinfo/inip-discuss
>
> _______________________________________________
> Inip-discuss mailing list
> Inip-discuss@iab.org
> https://www.iab.org/mailman/listinfo/inip-discuss
>



-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf

v2.23.0 | Report a Bug | By Email