IETF Logo Mail Archive

Re: DNS under o=Internet

Einar Stefferud <Stef@nma.com> Fri, 07 February 1992 12:28 UTC

Received: from nri.reston.va.us by NRI.NRI.Reston.VA.US id aa06261; 7 Feb 92 7:28 EST
Received: from bells.cs.ucl.ac.uk by NRI.NRI.Reston.VA.US id aa06257; 7 Feb 92 7:28 EST
Received: from ics.uci.edu by bells.cs.ucl.ac.uk with Internet SMTP id <g.09043-0@bells.cs.ucl.ac.uk>; Fri, 7 Feb 1992 11:28:15 +0000
Received: from nma.com by q2.ics.uci.edu id ac02070; 7 Feb 92 1:22 PST
Received: from odin.nma.com by nma.com id aa10731; 7 Feb 92 0:02 PST
To: osi-ds@cs.ucl.ac.uk
Subject: Re: DNS under o=Internet
In-reply-to: Your message of Thu, 06 Feb 92 19:06:51 -0500. <9202070006.AA15202@spartacus.psi.com>
Reply-to: osi-ds@cs.ucl.ac.uk
From: Einar Stefferud <Stef@nma.com>
Date: Thu, 06 Feb 1992 23:57:32 -0800
Message-ID: <8739.697449452@nma.com>
Sender: stef@nma.com

Hi Weng -- We agree about almost everything, but not on this point.

> Just to make one thing clear: as above, no reregistrations, but we
> cannot just have the DNS tree in its entirety appear under o=Internet
> magically either.

We can certainly just graft the entire DNS "registration" tree under
o=internet if we can actually register o=internet.

What you are saying is that we may not have the right to place a
listing entry in a public directory without the "owner's" permission.

That is, we might (perhaps) not be free to make all those DNS entries
visible to the public.

> There is a privacy issue here: people have to have the option of 
> choosing not to be listed.  So we cannot just take zone files and
> load the information in. This unfortunately somewhat curtails the
> effectiveness of the DNS tree (anything short of the whole DNS tree
> would), but unless the domain registrars want to create a
> (retroactive) rule that registration implies permission to have a
> Directory operator list the domain registered, there isn't a whole
>lot  we can do about it without seriously stepping on people's toes.

On the other hand, the entire DNS is already a public directory with
all entries visible to anyone in the internet, which is a publicly
accessible system.  So, I would argue that the DNS entry owners have
already given permission for public access to their directory entries,
and all we are proposing to do is mount the already public DNS on some
node point in the X.500 DIT.

Actually, I can see a great clamor among DNS entry owners to demand
public visibility because they cannot be reached via the internet if
they are not DNS-visible.  (Well, yes, I guess one can be invisible on
the net without DNS visibility by using static tables in a limited set
of systems, but then, these are the cases that are not already in DNS
by owner choice, so they are not affected, if they exist.)

In my view, this does nothing to change the "contract" that now exists
between the owner of a DNS entry, and the DNS community.

Best...\Stef

v2.23.0 | Report a Bug | By Email