[dnsext] A quick review of draft-cheshire-dnsext-special-names-02
Alfred Hönes <ah@TR-Sys.de> Tue, 27 March 2012 22:36 UTC
Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FFE521E802A; Tue, 27 Mar 2012 15:36:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1332887788; bh=xYLeqzmnXKduhW24YVq5teM6xGlr9XkfvRikTAVM1pM=; h=From:Message-Id:To:Date:Mime-Version:Cc:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Content-Type:Content-Transfer-Encoding:Sender; b=Airvzwo7Mq0mF39TbwEEiHWbJjt0vjk7paC8xXJpMPf3T6vjsNjtCjf2q9Y8IRsbk YG+gR2OKtrRY6DPfStZ9pgRq1xI/Nfgx/lqbRXFsB3bRkNCiQJqVci5la6GsCYAmzV 0uKcuo7OoX6F3V6snRlxnBTKNrKJiRwAhVOsz9YU=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8BF121E802A for <dnsext@ietfa.amsl.com>; Tue, 27 Mar 2012 15:36:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -98.634
X-Spam-Level:
X-Spam-Status: No, score=-98.634 tagged_above=-999 required=5 tests=[AWL=0.115, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q2LJMabIwmtf for <dnsext@ietfa.amsl.com>; Tue, 27 Mar 2012 15:36:26 -0700 (PDT)
Received: from TR-Sys.de (gateway.tr-sys.de [213.178.172.147]) by ietfa.amsl.com (Postfix) with ESMTP id D13A621E8011 for <dnsext@ietf.org>; Tue, 27 Mar 2012 15:36:24 -0700 (PDT)
Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3.2) id AA272237715; Wed, 28 Mar 2012 00:35:15 +0200
Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id AAA08022; Wed, 28 Mar 2012 00:35:14 +0200 (MESZ)
From: Alfred Hönes <ah@TR-Sys.de>
Message-Id: <201203272235.AAA08022@TR-Sys.de>
To: cheshire@apple.com, marc@apple.com
Date: Wed, 28 Mar 2012 00:35:13 +0200
X-Mailer: ELM [$Revision: 1.17.214.3 $]
Mime-Version: 1.0
Cc: dnsext@ietf.org
Subject: [dnsext] A quick review of draft-cheshire-dnsext-special-names-02
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="hp-roman8"
Content-Transfer-Encoding: base64
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org
Hi,
I've performed a quick review of the DNSEXT-related I-D,
draft-cheshire-dnsext-special-names-02
and would like to submit a few notes.
(A) Significant issues
(A.1)
Firstly, I'm surprised by the non-trivial overlap of this work
with RFC 6303 and the IANA Registry created by it, the "AS112" RFCs,
and the ongoing work-in-progress to address more emerging overload
reasons for the authoritative root/infrastructure DNS servers by
extending the scope of the AS112 project, registering more "special"
domain names in that "Locally Served DNS Zones" IANA registry, and
specifying that they be treated as specified in RFC 6303.
The present draft not even quotes RFC 6303 for Sect. 5.1, where
the largest overlap with RFC 6303 occurs. (I have not yet studied
in detail inhowfar the new specification in that section is
compatible or collides with the normative behavior specified in
RFC 6303.)
(A.2)
Second, the new draft version has expanded the scope of the I-D
significantly, and that has not been reflected in the Abstract.
Maybe that should be amended like this:
OLD:
|Abstract
|
| This document describes what it means to say that a DNS name is
| reserved for special use, when reserving such a name is appropriate,
| and the procedure for doing so.
NEW:
|Abstract
|
| This document describes what it means to say that a DNS name is
| reserved for special use, when reserving such a name is appropriate,
| and the procedure for doing so. It establishes an IANA registry for
| such domain names and seeds it with some of the special domain names
| established by existing RFCs.
(A.3) Terminology, use of leading/trailing dots with domain names
Despite the colloquial "dot-com" speak, a dot should not be used
on the left-hand side of domain names -- maybe except when used as
an indication for subdomains, but that can be handled better by
suitable text. Detailed examples are shown in the walk-through below.
In practice, the presence or absense of a trailing period is used to
distinguish between fully qualified and relative domain names (which
might be subjected to "domain suffix list" expansion in common APIs,
or which can appear in industry standard zone files under effect of
$ORIGIN directives) -- cf. Section 3.1, page 8 of RFC 1034.
Similarly, it might be worth using the more precise, common DNS terms
"Stub Resolver", and "Iterative Resolver" (instead of "Caching DNS
servers") throughout the draft -- authoritative DNS servers, DNS
proxies, and even stub resolvers commonly use some caching as well!
(A.4) Section 5.1
As already mentioned above, this collides with RFC 6303 and the
IANA registry established by it.
I strongly recommend to remove _all_ domain names from this section
and instead include by reference the domain names registered in the
"Locally Served DNS Zones" IANA Registry established by RFC 6303.
It looks like all domain names suitable for registration there
-- not only the reverse DNS zone names for RFC 1812 addresses --
deserve the same behavior.
Also, to avoid collisions with behavior specified in RFC 6303,
Sections 2 and 3 of RFC 6303 should be carefully evaluated and any
overlapping or colliding text -- in particular in bullet 4. --
should be removed and replaced by a pointer to the normative text
in RFC 6303.
(B) editorial linear walk-through
(B.1) Section 1, 2nd para
The draft should better use the definite article when "DNS" is used
as a noun:
| Analogous to Special-Use IPv4 Addresses [RFC5735], DNS has its own
concept of reserved names, [...]
--- vvvv
| Analogous to Special-Use IPv4 Addresses [RFC5735], the DNS has its
own concept of reserved names, [...]
(B.2) Section 4, list item 6.
I suggest to add a comma for clarity:
Does this reserved Special-Use Domain Name have any potential
impact on DNS server operators? If they try to configure their
| authoritative DNS server as authoritative for this reserved name
will compliant name server software reject it as invalid? [...]
---
Does this reserved Special-Use Domain Name have any potential
impact on DNS server operators? If they try to configure their
| authoritative DNS server as authoritative for this reserved name,
will compliant name server software reject it as invalid? [...]
(B.3) Sections 5.2 through 5.5, leading text each
* The text in Section 5.4 says:
| [...] In the text below the term
| "invalid" is used in quotes to signify such names, as opposed to
| names that may be invalid for other reasons (e.g. being too long).
This is a useful convention, and although "invalid" is likely the
most serious case, I strongly suggest to extend this convention
and style uniformly to Sections 5.2, 5.3, and 5.5 as well.
(Besides, in the quote above, a comma should be placed for improved
readability after "below".)
* As mentioned above above, the placement of leading/trailing periods
in domain names should be aligned woth RFCs 1034, 1035, and 2181.
So, for instance, I recommend to change the "head" of Section 5.4
as follows:
OLD:
|5.4. Domain Name Reservation Considerations for ".invalid."
|
| The domain ".invalid.", and any names falling within ".invalid.", are
| special in the ways listed below. In the text below the term
| "invalid" is used in quotes to signify such names, as opposed to
| names that may be invalid for other reasons (e.g. being too long).
NEW:
|5.4. Domain Name Reservation Considerations for "invalid."
|
| The domain "invalid.", and any names falling within "invalid.", are
| special in the ways listed below. In the text below, the term
| "invalid" is used in quotes to signify such names, as opposed to
| names that may be invalid for other reasons (e.g. being too long).
I recommend that the "heads" of Sections 5.2, 5.3, and 5.5 are
modified in a similar manner, and the double-quoting of the
respective domain names be introduced throughout these sections.
For example:
NEW:
|5.2. Domain Name Reservation Considerations for "test."
|
| The domain "test.", and any names falling within "test.", are
| special in the ways listed below. For clarity, in the text below,
| this domain name is always used in double-quoted form.
(B.4)
Following established practice, protocol field names and protocol
values should be spelled as in the normative specifications.
Hence, throughout the draft (i.e. in Sections 5.3, 5.4, and 5.5 --
bullet 6. each), please s/rdata/RDATA/ .
Kind regards,
Alfred Hönes.
--
+------------------------+--------------------------------------------+
| TR-Sys Alfred Hoenes | Alfred Hoenes Dipl.-Math., Dipl.-Phys. |
| Gerlinger Strasse 12 | Phone: (+49)7156/9635-0, Fax: -18 |
| D-71254 Ditzingen | E-Mail: ah@TR-Sys.de |
+------------------------+--------------------------------------------+
_______________________________________________
dnsext mailing list
dnsext@ietf.org
https://www.ietf.org/mailman/listinfo/dnsext
- [dnsext] A quick review of draft-cheshire-dnsext-… Alfred Hönes