Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
On 4 Feb 2014, at 01:21, Andrew Sullivan a...@anvilwalrusden.com wrote: If you want to use a name in DNS protocol slots, then you need a DNS name. You didn't get a DNS name, and instead you used a label that wasn't under your control. That's been against the rules in the DNS since forever. Now you want to short-circuit the allocation mechanism. But we have an allocation mechanism for this. In the normal case, you apply to ICANN. In an unusual case where the protocol depends on this, then you can use this special-use registry. So you need to show that your protocol needs to depend on this special-use label, and then we can register it under the special use mechanism. Otherwise go to ICANN. +100. I hope everyone here can agree on the above and we get back to discussing the actual draft. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
On Tue, Feb 04, 2014 at 08:23:33AM +1100, Mark Andrews ma...@isc.org wrote a message of 62 lines which said: There were plenty of people saying Do NOT use a TLD for your private namespace, use a namespace you own in 2002 whether it was for a protocol or a internal network. Hmmm, the experience of many developers is that, no, it is not easy to get advice from the IETF. Some did not even bother but those who did were often turned down immediately. Let's play an experiment. In 2014, Joe Developer has a bright idea of using cryptographic keys as domain names (yes, I know, there is already the zkeys of GNUnet), he is going to write code to implement it and wants a suffix for that, to be sure his domain names won't collide with the ICANN root. Knowing nothing about Internet governance, not having 185 000 US $ and a zillion lawyers at his disposal to request a TLD, not being Apple, with the ability to squatt a TLD and deploy it massively, he sends an email to dnsop or namedroppers asking about advice. What happens? 1) (Most likely) He gets no reply at all because nobody knows him and he never appeared in an IETF meeting 2) He gets a few messages saying that's a bad idea, don't do that, for reasons explained in [insert a long list of RFC] 3) He gets a ton of messages saying it is a stupid idea and he is endangering the security and stability of the Internet 4) He gets a sensible advice, based on a careful study of his proposal, and given by people who forgives him for making a few mistakes such as not being able to know what is the difference between IETF and ICANN In the first three cases, what will he do? He will follow the usual Internet/free software method, implement and distribute and we'll see what happens. And then it will be too late to change what's in his code. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
On Tue, Feb 04, 2014 at 01:45:11AM +, jonne.soini...@broadcom.com jonne.soini...@broadcom.com wrote a message of 88 lines which said: They are not DNS and not even specified in the IETF. They have taken a design choice where they look like DNS No, that's not a correct description. These proposals use domain names (not things that look like domain names). Domain names are *older* than the DNS (see RFC 810 and many others). They can be resolved by several protocols (DNS, Bonjour, /etc/hosts, LDAP, whatever). It is perfectly sensible to use domain names for new protocols. you want a TLD you go to ICANN. Regardless of what people think of that process, this is the process we have created already a long time ago If we is the US governement, the sentence is true. Otherwise, no, I had no part in the ICANN creation. I remember a discussion with Stuart Cheshire where he explained that IETF, not ICANN, created the entire name space, since it created the rules, and therefore has rights above those of ICANN. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
On Tue, Feb 04, 2014 at 09:51:34AM +0100, Stephane Bortzmeyer wrote: had no part in the ICANN creation. I remember a discussion with Stuart Cheshire where he explained that IETF, not ICANN, created the entire name space, since it created the rules, and therefore has rights above those of ICANN. With respect, while that is one view of the history, it is surely not the only one, and it seems to me it is one that is not shared by all the actors in this space. Most importantly, it involves a false dichotomy between ICANN and IETF: neither organization existed at the time the DNS name space was created, so it's hard to credit the idea that either of them created the name space. I do not think we want to turn over the rock labelled, Who owns the DNS name space? Under that rock live all manner of creatures from layer 9 and above. We have two allocation procedures: regular allocation via IANA procedures (which happen to be defined right now in ICANN) and RFC 6761. One of those procedures is the one we can exercise, and I still believe the only question is whether any particular registration attempt works under RFC 6761. I agree with Ted Lemon that the question of what happened in the past is not exactly relevant. What _is_ relevant in my view is how these names need to be used in support of the protocols they're supposed to be supporting. This is exactly the same question I had since I first read the grothoff draft; see my earlier review. Best, A -- Andrew Sullivan a...@anvilwalrusden.com ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
On 2014-02-04, at 01:39, John Levine jo...@taugh.com wrote: I suppose the situation with .onion is slightly different, but in concept it's not all that different from .arpa. I think it's quite different. ARPA is really no different from any other TLD. There's a registry, there are rules you need to follow to get a delegation, but it's a zone in the DNS just like COM and ORG. ONION is a namespace convention outside the DNS. There's no registry, it's not a zone, and there is no possibility of getting a delegation. ONION is like LOCAL. Neither are like ARPA (or any other TLD). Joe signature.asc Description: Message signed with OpenPGP using GPGMail ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
Joe Abley wrote: ... ONION is like LOCAL. Neither are like ARPA (or any other TLD). How like LOCAL is ONION? ICANN knows it can't sell .LOCAL, but does ICANN know it can't sell .ONION ? ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
On 2014-02-04, at 10:00, Paul Vixie p...@redbarn.org wrote: Joe Abley wrote: ... ONION is like LOCAL. Neither are like ARPA (or any other TLD). How like LOCAL is ONION? Neither is a zone in the DNS or a domain in the DNS namespace, and both refer to names for which a protocol other than DNS should be used for resolution. (I realise the protocol for LOCAL is DNS-like, but it's not DNS, right?) ICANN knows it can't sell .LOCAL, but does ICANN know it can't sell .ONION ? I was never quite sure what ICANN knew, even when I worked for ICANN. I'm not arguing against the IETF protecting the world from conflicting ONION namespaces in the same way that they did with LOCAL, which would have the effect that ICANN would not sell ONION. I agree that if ICANN sold ONION to someone, the result would be messy. However, I don't think ambiguity in the discussion about the namespaces we're talking about or the failure modes we're hoping to avoid helps us narrow in on anything resembling consensus. Joe signature.asc Description: Message signed with OpenPGP using GPGMail ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] possibly quite a lot of additional special names
How like LOCAL is ONION? Neither is a zone in the DNS or a domain in the DNS namespace, and both refer to names for which a protocol other than DNS should be used for resolution. (I realise the protocol for LOCAL is DNS-like, but it's not DNS, right?) The protocol for .ONION is DNS-like, too. If you're running Tor, its SOCKS proxy handles the domain names, using the normal SOCKS5 protocol, with .ONION and .EXIT treated as special cases. The client software, typically a web browser, doesn't know it's any different from any other SOCKS proxy. It seems to me that we can make a meaningful distinction between domain names that are delegated from the global root using the normal DNS protocol and allow arbitrary RRs (give or take) which is ICANN's department, and domain names that are handled in other ways which is the IETF's. The only ICANN domain that isn't technically totally ordinary is .TEL, which was supposed to be a directory using NAPTR to map names to phone numbers. It is quietly slouching toward genericity with rather a lot of names parked by speculators, so I doubt we'll see any more of those from ICANN. I realize that the received wisdom is that any variation from the standard protocol is awful and must be eliminated with extreme prejudice, but that horse left the barn a long time ago, and enough people have seen it running around and looking healthy that we have a credibility problem. What does cause problems is name collisions, but we can deal with them more effectively with registries than by trying to stamp out pseudo-TLDs named .ONION and .BIT and who knows what else. R's, John, formerly aka jo...@ima.uucp, currently jo...@taughannock.tel. PS: Andrew asked whether .onion.arpa would have worked technically as well as .onion. Sure. But so what? ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
Re: [DNSOP] additional special names Fwd: I-D Action: draft-chapin-additional-reserved-tlds-00.txt
On 2/4/14, 12:42 AM, Stephane Bortzmeyer wrote: On Mon, Feb 03, 2014 at 09:54:41PM +, jonne.soini...@broadcom.com jonne.soini...@broadcom.com wrote a message of 112 lines which said: maybe we should consider to discuss the principles under which TLDs can be reserved for special use and consider a re-spin or an update to RFC6761. So, RFC 6761 was written just to allow Apple to register .local and, once it is done, we close the door to new registrations? That in and of itself would be a bit of a moral hazard. it's plausible that this one case is simply more clear cut (certainly in the minds of the authors) then others. I don't believe that we did this (6761) so that we could treat this as a one-off event. it's my personal opinion that application specific namespaces should be treated differently in some way, if resolver libraries are being asked to make a decision on the basis of .tld how to handle a query we gone down an extensibility rathole that's hard to get out of. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop signature.asc Description: OpenPGP digital signature ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop