Re: [mif] [dnsext] 2nd Last Call for MIF DNS server selection document

Ray Bellis <> Wed, 19 October 2011 10:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B781C21F8B9A; Wed, 19 Oct 2011 03:40:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.35
X-Spam-Status: No, score=-8.35 tagged_above=-999 required=5 tests=[AWL=0.496, BAYES_00=-2.599, MIME_BASE64_TEXT=1.753, RCVD_IN_DNSWL_HI=-8]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id YUjRrRhe0Z6N; Wed, 19 Oct 2011 03:40:24 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E87B021F8B92; Wed, 19 Oct 2011 03:40:22 -0700 (PDT)
DomainKey-Signature:;; c=nofws; q=dns; h=X-IronPort-AV:Received:Received:From:To:CC:Subject: Thread-Topic:Thread-Index:Date:Message-ID:References: In-Reply-To:Accept-Language:Content-Language: X-MS-Has-Attach:X-MS-TNEF-Correlator:Content-Type: Content-ID:Content-Transfer-Encoding:MIME-Version; b=caaUtaFTHB5H3HAANahafeEaDk1Jw8+Hd5QVMMi3mxtsbS4/zKpm0dLA 8YpsPN1ZBFsm8cI6uJtJ95uFqzYyCOLlngnIXDaSh7Z6w2zUu6w6ONcS3 2GVnnxX0Qd89xJV;
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=main.dkim.nominet.selector; t=1319020823; x=1350556823; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20Ray=20Bellis=20<> |Subject:=20Re:=20[dnsext]=20[mif]=202nd=20Last=20Call=20 for=20MIF=20DNS=20server=20selection=0D=0A=09document |Date:=20Wed,=2019=20Oct=202011=2010:39:59=20+0000 |Message-ID:=20<121DABD1-65E8-4275-8471-9FA38D25C434@nomi>|To:=20"<>=20=20<tee>"=0D=0A=09<teemu.savolainen@nokia .com>|CC:=20"<>"=20<denghui02@hotmai>,=20"<>"=0D=0A=09<>,=20"<dn>"=20<>,=20"<>" =0D=0A=09<>,=20"<>"=20<dhcwg@>,=20"<>"=0D=0A=09<>,=20"<joh>"=0D=0A=09<john_brzozowski>|MIME-Version:=201.0 |Content-Transfer-Encoding:=20base64|Content-ID:=20<e071c 705-1f96-4283-8414-92c4beee7776>|In-Reply-To:=20<916CE6CF 87173740BC8A2CE44309696203782D75@008-AM1MPN1-037.mgdnok.n>|References:=20<COL118-W55403198A984BAAE44BA47B1 F70@phx.gbl>=0D=0A=20<916CE6CF87173740BC8A2CE443096962037>; bh=wjXrwR/5mZrsxKodJhBl0WBtDXFA5FKFX13mPqu7Hv0=; b=5UBvh3985+KrOG/aG36B72pWXl5sB+9xnPyWVTktv20rqxCE7tiZ8fSB cjM/HkAdJyn2Mup19fNJiIzjAP8C2SlM5cnGC7Na617jvF07KYOuneWB2 jwqMWSAJKHOVTEL;
X-IronPort-AV: E=Sophos;i="4.69,371,1315177200"; d="scan'208";a="29067810"
Received: from ([]) by with ESMTP; 19 Oct 2011 11:40:00 +0100
Received: from ([fe80::1593:1394:a91f:8f5f]) by ([fe80::7577:eaca:5241:25d4%19]) with mapi; Wed, 19 Oct 2011 11:40:00 +0100
From: Ray Bellis <>
To: "<> <>" <>
Thread-Topic: [dnsext] [mif] 2nd Last Call for MIF DNS server selection document
Thread-Index: AQHMjipy2DQifQawrE6jw+Ds3oKeKpWDac2A
Date: Wed, 19 Oct 2011 10:39:59 +0000
Message-ID: <>
References: <COL118-W55403198A984BAAE44BA47B1F70@phx.gbl> <>
In-Reply-To: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
Content-Type: text/plain; charset="gb2312"
Content-ID: <e071c705-1f96-4283-8414-92c4beee7776>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Mailman-Approved-At: Wed, 19 Oct 2011 04:15:59 -0700
Cc: "<>" <>, "<>" <>, "<>" <>, "<>" <>, "<>" <>, "<>" <>, "<>" <>
Subject: Re: [mif] [dnsext] 2nd Last Call for MIF DNS server selection document
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiple Interface Discussion List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 19 Oct 2011 10:40:24 -0000

On 19 Oct 2011, at 07:42, <>
 <> wrote:

> Hi all,
> This second WGLC resulted in very few comments. In the DHC WG we discussed about DHCPv4 option structure and in MIF there was a comment about document-internal reference bug.
> I have now uploaded a version six that contains:
> -          Fixes to the DHCPv4 option structure
> -          Highlighting stricter length limitation in case of DHCPv4 option
> -          Fix to the reference bug
> -          Small fixes to missing DHCPv4 considerations in sections 4.5 and 4.6.
> Please see diff:

Apologies for the late comment - I have been tied up with my own WG and been off sick too.

I have concerns about §4.6:

"A bare name (a name without any dots) MUST be first treated as a pre-
 DNS hostname, and only after that the name SHALL be appended with
 domain information and described DNS server selection logic be

When new gTLDs are introduced it is likely for brand-name gTLDs that they will wish to use bare names in the DNS (i.e. a single label hostname) for their primary web sites.

Hence bare names may become much more frequently used as DNS names, and §4.6 wouldn't permit those to work unless '.' is also in the suffix list.

My own view is that DNS search suffixes should be deprecated and that they cause more harm than good.

A related issue is that they encourage the sharing of abbreviated URLs that don't work when the recipient is not using the right search suffix, perhaps because they're off site.  Some of my colleagues often share documents on our intranet by sending around links like <http://intranet/path>.  If I'm off site not only will that not work, but it could result in a connection to the wrong server and a potential leakage of credentials.

I've discussed these issues with search suffixes with various other DNS folk and not heard any disagreement.

See also <> from Vixie for some informed commentary on this issue.

I'd like to hear the authors' thoughts on these.  I'm not sure that this draft necessarily needs any significant changes - it may only require changes to ensure that bare names are also considered as potential DNS names in their own right.

I'm also considering taking up Vixie's challenge and writing up a draft to formally deprecate search suffixes.

kind regards,