On Tue, Feb 06, 2018 at 12:50:18AM -0500, Ted Lemon wrote:
> That's pretty clear.   This document is not forbidding the appearance of such 
> names in the DNS, nor the resolution of such names.

Instead, it is wanting to have its cake and eat it too.  Because…

>    Note, however, that the admonition against searchlist usage could
>    affect their resolution in practice, as discussed in Section 3

…of the "admonition" (or whatever you want to call it).  In effect,
the document requires special-casing of "localhost" as a label in
every searchlist context.

If the goal is to say, "The search list is evil, and should not be
used," then say that.  Otherwise, what this document is _really_ doing
is altering STD13's search list processing, to include special-casing
of down-tree names.  I think that is the case despite this bit:

>        Application software MUST NOT use a searchlist to resolve a
>        localhost name.  That is, even if DHCP's domain search option
>        [RFC3397 <https://tools.ietf.org/html/rfc3397>] is used to
>        specify a searchlist of "example.com" for a given network,
>        the name "localhost" will not be resolved as
>        "localhost.example.com." but as "localhost.", and
>        "subdomain.localhost" will not be resolved as
>        "subdomain.localhost.example.com." but as
>        "subdomain.localhost.".

The reason I think that is because of the earlier part:

   2.  Application software MAY recognize localhost names as special, or
       MAY pass them to name resolution APIs as they would for other
       domain names.

If you can just pass this to a resolution API, then it's actually the
resolution API that needs to know to handle the search list rules
according to this new specification (this part of the specification
does not say that you can only use the API if you can tell the API not
to use search lists, &c).

I really do sympathise with the goal of the document, but I think it
is making a bigger change than it seems to understand.  And anyway, I
don't understand how the original 6761 text is the wrong approach:
given that it isn't even being followed on the Internet today, there's
no reason to suppose that this alternative approach is going to make
things any better.

Best regards,


Andrew Sullivan

DNSOP mailing list

Reply via email to