[mif] bare names (was: [dnsext] 2nd Last Call for MIF DNS server selection document)

Andrew Sullivan <ajs@anvilwalrusden.com> Wed, 19 October 2011 13:26 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: mif@ietfa.amsl.com
Delivered-To: mif@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 973A721F8BE8; Wed, 19 Oct 2011 06:26:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.114
X-Spam-Status: No, score=-2.114 tagged_above=-999 required=5 tests=[AWL=-0.115, BAYES_00=-2.599, J_CHICKENPOX_21=0.6]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id H3XFgoPb0hKR; Wed, 19 Oct 2011 06:26:40 -0700 (PDT)
Received: from mail.yitter.info (mail.yitter.info []) by ietfa.amsl.com (Postfix) with ESMTP id 234FD21F8A95; Wed, 19 Oct 2011 06:26:40 -0700 (PDT)
Received: from shinkuro.com (69-196-144-227.dsl.teksavvy.com []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yitter.info (Postfix) with ESMTPSA id 0B6E31ECB428; Wed, 19 Oct 2011 13:26:25 +0000 (UTC)
Date: Wed, 19 Oct 2011 09:26:34 -0400
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: mif@ietf.org, dnsext@ietf.org, dnsop@ietf.org, dhcwg@ietf.org
Message-ID: <20111019132633.GB18523@shinkuro.com>
References: <COL118-W55403198A984BAAE44BA47B1F70@phx.gbl> <916CE6CF87173740BC8A2CE44309696203782D75@008-AM1MPN1-037.mgdnok.nokia.com> <121DABD1-65E8-4275-8471-9FA38D25C434@nominet.org.uk> <8EFC868A-8796-4013-BB07-F3D33F33C552@network-heretics.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <8EFC868A-8796-4013-BB07-F3D33F33C552@network-heretics.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: [mif] bare names (was: [dnsext] 2nd Last Call for MIF DNS server selection document)
X-BeenThere: mif@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mif@ietf.org
List-Id: Multiple Interface Discussion List <mif.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mif>, <mailto:mif-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mif>
List-Post: <mailto:mif@ietf.org>
List-Help: <mailto:mif-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mif>, <mailto:mif-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Oct 2011 13:26:40 -0000

Note: I trimmed the cc:s down to just the lists, but if we're going to
pursue this dicussion we probably ought to follow up in mif, since
that's where the draft comes from.  That's why I set reply-to.  Also,
I sent this first from the wrong address, so apologies to those who
see it twice.

On Wed, Oct 19, 2011 at 07:23:15AM -0400, Keith Moore wrote:

> I don't see why IETF should give a flying *#&(*#$ what the owners of
> brand-name gTLDs want.  Brand-name gTLDs are an exceedingly stupid
> idea, and treating single label names as anything other than local
> abbreviations flies in the face of 25+ years of practice.

If you said, "25+ years of practice illustrating how broken the
search-path mechanism is," I'd agree with you.

I think it is largely true that single-label domain names are going to
fail to work in all sorts of amusing ways that will surprise gullible
people who forked over a pile of cash for the privilege of registering
them.  Nevertheless, the search path mechanism has never worked very
well and is notoriously unreliable in the face of split-brain DNS.
Still, too many people continue to rely on the search path for this
document to be the place to deprecate it.  But I agree with Ray (and
apparently Paul Vixie) that the mechanism ought to go away.

Now that Ray has mentioned it, however, perhaps a sentence along these
lines in the second paragraph of 4.6 would be useful:

    It should be noted that the DNS search list mechanism may cause
    surprising results when used with more than one network at a time.

That addresses the other point that Ray was making: search list-style
bare names are often broken if you're not on the right network, and
the point of this draft is precisely that you're _not_ on only one
network, so it isn't clear what "the right network" is.

> The best thing that IETF could do is to make sure that use of
> single-label gTLDs is so unreliable that no megacorporation would
> dare use them.

And clearly that will work, because the IETF has a long record of
success of standing before the tide and telling it to stop.

Best regards,


Andrew Sullivan