IETF Logo Mail Archive

Re: [Inip-discuss] Domain Names

Edward Lewis <edward.lewis@icann.org> Mon, 25 January 2016 19:43 UTC

Return-Path: <edward.lewis@icann.org>
X-Original-To: inip-discuss@ietfa.amsl.com
Delivered-To: inip-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89EE31A0087 for <inip-discuss@ietfa.amsl.com>; Mon, 25 Jan 2016 11:43:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.303
X-Spam-Level:
X-Spam-Status: No, score=-2.303 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PubxHdzS57yU for <inip-discuss@ietfa.amsl.com>; Mon, 25 Jan 2016 11:43:38 -0800 (PST)
Received: from out.west.pexch112.icann.org (pfe112-ca-2.pexch112.icann.org [64.78.40.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0885E1A0083 for <inip-discuss@iab.org>; Mon, 25 Jan 2016 11:43:38 -0800 (PST)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Mon, 25 Jan 2016 11:43:35 -0800
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1130.005; Mon, 25 Jan 2016 11:43:35 -0800
From: Edward Lewis <edward.lewis@icann.org>
To: Lyman Chapin <lyman@interisle.net>
Thread-Topic: [Inip-discuss] Domain Names
Thread-Index: AQHRSZZqxpIEDNotj0uOicYhCEpjvJ8IBjiAgAIrxICAAr54gA==
Date: Mon, 25 Jan 2016 19:43:34 +0000
Message-ID: <D2CBDFBD.12DDA%edward.lewis@icann.org>
References: <D285CCDC.11B63%edward.lewis@icann.org> <A3306B3F-2C01-4236-8A5F-119C1669425B@isoc.org> <D2A15E6C.124B4%edward.lewis@icann.org> <7047EC59-873A-4A76-80EF-3F2899A9052A@interisle.net> <D2C7C367.12CF3%edward.lewis@icann.org> <DE0BA0C3-D623-4B3A-A343-6829F74444CC@interisle.net>
In-Reply-To: <DE0BA0C3-D623-4B3A-A343-6829F74444CC@interisle.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.0.151221
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.47.234]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="B_3536577811_6606636"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/inip-discuss/_aIWD-2axmBT3QJh6P9B_apgghs>
Cc: "inip-discuss@iab.org" <inip-discuss@iab.org>
Subject: Re: [Inip-discuss] Domain Names
X-BeenThere: inip-discuss@iab.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IAB Internet Names and Identifiers Discussion List <inip-discuss.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/inip-discuss>, <mailto:inip-discuss-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/inip-discuss/>
List-Post: <mailto:inip-discuss@iab.org>
List-Help: <mailto:inip-discuss-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/inip-discuss>, <mailto:inip-discuss-request@iab.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2016 19:43:42 -0000

On 1/23/16, 15:49, "Lyman Chapin" <lyman@interisle.net> wrote:

>If we maintain (at least for the sake of argument) a distinction between
>the "domain name space" and the "domain name system", then the domain
>name space is defined by (a) its mathematical structure as a LDRT, and
>(b) the generation rules for syntactically valid labels. The generation
>rules may be the product of 1980s-era constraints, but they apply today
>as much as they did then - that is, no one has suggested that we change
>the rules to allow longer labels, or longer sequences of labels (domain
>names) - so the domain name space is finite independent of the way in
>which the protocols of the domain name system associate semantics with
>domain names. Obviously we wouldn't have these specific generation rules
>for domain name labels if we hadn't developed them in the context of the
>domain name system - the labels have a maximum length of 63 LDH
>characters because that maximum length, with an assumed ASCII-octet
>encoding, was determined to be "just right" for all of the reasons
>described in RFC 1034 - and the early specs routinely refer to the domain
>name space as a component of the DNS (see for example Section 2.4 of RFC
>1034). But even the early specs distinguish the domain name space
>("specifications for a tree structured name space") from another
>component of the DNS - resource records ("data associated with the
>names"). The domain name space is just names (identifiers); the data
>associated with the names are not themselves part of the domain name
>space.

At one time I would have completely agreed, but.

I'll start out with, I can see the logic and sense in declaring the name
space to be finite via limiting the overall length of the names.  While
writing the draft, someone pointed out that there exists today a place
where names with labels longer "work in code".  That is in the /etc/hosts
file.  It does work, FWIW. This called to mind past experience with BSD
Sockets using AF_UNIX, where names aren't bound by the DNS documented
lengths.

The first thought is "those are out of scope" but it makes me then want to
define the scope.  I mean, I could see them being out of scope as they are
arcane cases - but then there's a need to name the scope.

Here's a working example between some machines in my house:

$ more /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1       localhost
255.255.255.255 broadcasthost
::1             localhost
fe80::1%lo0     localhost
192.168.1.166   
123456789112345678921234567893123456789412345678951234567895123456789612345
67897123456789.example


And

$ ssh 
elewis@12345678911234567892123456789312345678941234567895123456789512345678
961234567897123456789.example
Last login: Mon Jan 25 14:30:56 2016 from otherhost.example


But

$ dig 
123456789112345678921234567893123456789412345678951234567895123456789612345
67897123456789.example
dig: 
'12345678911234567892123456789312345678941234567895123456789512345678961234
567897123456789.example' is not a legal name (label too long)


So, works for SSH, not for DiG.

>(3) ...We might postulate (I don't assert this): ... we [c]ould use the
>zone file to encode the protocol switch semantics ... One consequence of
>going down that path would be the opportunity to make the simplifying
>assertion that every well-formed (syntactically correct) domain name can
>be processed by the resolution protocol of the DNS.

My first reaction is that this might irk the sensibilities of those who
proposed "onion" (to apply a poor label for the time being).  The issue is
whether the name would be exposed "too much".  I'm unsure of this issue
and am poorly framing it in my mind.  In a way, the code handling the name
ought to have some autonomy in how it resolves the name, in case the code
is, well, paranoid (to again use a poor label).

In sum to this message, the thoughts here keep the DNS "in charge" of the
name handling.  I've been walking down a path to avoid that.  That is not
to imply I think keeping DNS "in charge" is wrong or that there's
someother workable path.  This is only to imply that I've just been
considering a different approach - which may not turn out to be pragmatic.

Ed

v2.23.0 | Report a Bug | By Email