IETF Logo Mail Archive

Re: [therightkey] First public DNSChain server went online yesterday!

Andrew Sullivan <ajs@anvilwalrusden.com> Fri, 07 February 2014 19:32 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 666D31A0274 for <therightkey@ietfa.amsl.com>; Fri, 7 Feb 2014 11:32:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.141
X-Spam-Level:
X-Spam-Status: No, score=-0.141 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_INFO=1.448, HOST_MISMATCH_NET=0.311] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uQXRJD08j72I for <therightkey@ietfa.amsl.com>; Fri, 7 Feb 2014 11:32:14 -0800 (PST)
Received: from mx1.yitter.info (ow5p.x.rootbsd.net [208.79.81.114]) by ietfa.amsl.com (Postfix) with ESMTP id 4002C1A04F5 for <therightkey@ietf.org>; Fri, 7 Feb 2014 11:32:14 -0800 (PST)
Received: from crankycanuck.ca (nat-01-mht.dyndns.com [216.146.45.240]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.yitter.info (Postfix) with ESMTPSA id 9985A8A031; Fri, 7 Feb 2014 19:32:13 +0000 (UTC)
Date: Fri, 07 Feb 2014 14:32:12 -0500
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: Tao Effect <contact@taoeffect.com>, therightkey@ietf.org
Message-ID: <20140207193212.GQ22727@crankycanuck.ca>
References: <CAMm+Lwj1MS1yK4Luh5VvgSa9z24UwQ6iJUsS79nkkwgQ3-7gbA@mail.gmail.com> <06140551-4076-4402-ABA6-3EB78CFB9F0B@taoeffect.com> <F7057F5F-8291-4CE2-A8A4-B81ED3E011A1@taoeffect.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <F7057F5F-8291-4CE2-A8A4-B81ED3E011A1@taoeffect.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [therightkey] First public DNSChain server went online yesterday!
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2014 19:32:15 -0000

On Fri, Feb 07, 2014 at 01:16:16PM -0600, Tao Effect wrote:
> 
> If you change your DNS settings to a DNSChain server, you'll be able to use the ".dns" meta-TLD:
> 

Given that you're basically telling people to use these names in a
context where DNS names are expected to go, I would like to suggest
that you want to do something than make up a string that you think
won't collide in the DNS, for two reasons: (1) these queries will
sometimes leak by accident onto the public DNS, where they're "junk",
and (2) a new TLD applicant of the future could ask for .dns, and
there's no obvious reason why ICANN would have to say no.  This will
represent a security risk to your users.

I would like to suggest some other domain name.  You can register any
available thing you like.  It need not actually resolve in the public
DNS, as long as it is registered so that nobody else can get it.

Over in the DNSOP working group, there's quite a lively discussion
about these issues going on.

Best regards,

A


 -- 
Andrew Sullivan
ajs@anvilwalrusden.com

v2.23.0 | Report a Bug | By Email