On Tue, Nov 17, 2020 at 1:46 PM Tony Finch <[email protected]> wrote: > Brian Dickson <[email protected]> wrote: > > > One potential approach is to say (in the RFC) that one of the two-letter > > reserved codes should avoid name collision by putting a > collision-resistant > > second-level label, below .zz and above the private use usage (and use > that > > particular two-letter code in that manner exclusively). > > This kind of thing, or guidspace.arpa, is not that different in terms of > usability / ugliness from assigning a unique subdomain under a domain that > has been registered in the normal way. > > There's also a privacy leak: if you assign a unique subdomain then when a > device roams and leaks queries for the private domain, the device can be > tracked and correlated with other devices that use the same private > domain. > > I have a terrible mental conflict trying to weigh this privacy issue > against the horrible consequences of encouraging people to squat on > unassigned domains and use colliding hostnames. The privacy leak probably > needs to be fixed regardless, and if it is fixed then there would be a bit > less pressure in favour of unwise squatting. >
Yep. Definitely, the "magic" that is involved in using those, should be self-limiting and automatic. However, there's also another clever trick (for some value of $clever), which isn't iron-clad but could help: guidspace.arpa DNAME empty.as112.arpa (FTW - qv RFC 7535 and 7534). Brian DNAME Dickson
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
