Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread william manning 
On Thu, Sep 29, 2016 at 3:28 PM, John R Levine  wrote:

> I suppose I could use jrl.alt, but I wouldn't want to use plain .alt for
>>> fear of, if you'll pardon the phrase, name collisions.
>>>
>>
> Name collisions may occur at any delegation point - why do you think the
>> root zone is special in this regard?
>>
>
> The point of .alt as I understand it is to provide a home for future stuff
> like .onion that is intended to be globally visible and usable but not
> resolved through the DNS.
>
> My .qy isn't globablly visible, so I don't care about other local uses of
> .qy.
>
> R's,
> John
>
>
Until it is globally visible...  and there is nothing we can do (ietf)
about that process.

/Wm
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread John R Levine 

I suppose I could use jrl.alt, but I wouldn't want to use plain .alt for
fear of, if you'll pardon the phrase, name collisions.



Name collisions may occur at any delegation point - why do you think the
root zone is special in this regard?


The point of .alt as I understand it is to provide a home for future stuff 
like .onion that is intended to be globally visible and usable but not 
resolved through the DNS.


My .qy isn't globablly visible, so I don't care about other local uses of .qy.

R's,
John

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread william manning 
On Thursday, 29 September 2016, John R Levine  wrote:

> I've been telling people that if they need a fake private TLD for their
 local network they should use one of those since it is exceedingly unlikely
 ever to collide with a real DNS name.  Am I right?

>>>
> C: why not just use .alt for this? It is clear that these should not
>> hit the global DNS, and should fail (get NXD) if they do. It is
>> clearly different to a ccTLD (at least some users have learnt that
>> things of the form .xx are "countries" - lets not confuse them
>> further).
>>
>
> I suppose I could use jrl.alt, but I wouldn't want to use plain .alt for
> fear of, if you'll pardon the phrase, name collisions.
>
> Regards,
> John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly
>
> ___
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnso
> 
>


Name collisions may occur at any delegation point - why do you think the
root zone is special in this regard?
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread John R Levine 

I've been telling people that if they need a fake private TLD for their local 
network they should use one of those since it is exceedingly unlikely ever to 
collide with a real DNS name.  Am I right?



C: why not just use .alt for this? It is clear that these should not
hit the global DNS, and should fail (get NXD) if they do. It is
clearly different to a ccTLD (at least some users have learnt that
things of the form .xx are "countries" - lets not confuse them
further).


I suppose I could use jrl.alt, but I wouldn't want to use plain .alt for 
fear of, if you'll pardon the phrase, name collisions.


Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread Michael StJohns 

Hi -

A couple of items of history.  Back about 1987, Jon Postel and I talked 
about the original registration of .INT - he was the IANA, I was 
managing the NIC contract which would be responsible for dealing with 
registrations under .INT.  ( .INT ended up being managed by ISI under an 
DARPA contract when the DDN PMO wouldn't cover the costs).  The topic of 
the cc TLDs came up then and strangely a bit later when I was at 
(D)ARPA.  The first time was a discussion about .UK vs .GB, the last was 
about Native American tribes/nations.


Jon was adamant (and I think rightly so) about keeping the IANA out of 
determinations of "what is a country"  and to use the 3166 process for 
allocation of 2 character TLDs (note I didn't say ccTLDs) and I think 
that still makes a lot of sense.  Given that, I would suggest we say 
that all of the possible two letter TLDs not yet delegated have been 
reserved by the IANA on behalf of ISO3166 pending a request to delegate 
them to an entity identified by ISO3166.  I might suggest that 
ICANN/IANA update RFC1591 to discuss how to deal with "transitionally 
reserved" TLDs/ISO3166-2 codes (e.g. .SU from the soviet union for 
example) if they haven't already.


And to answer John's original question - it's probably a bad idea, but, 
like smoking,  it probably won't kill you immediately.  I might actually 
suggest using .EZ which looks like it will never be stood up as a DNS 
domain given that its registration is for " European OTC 
 
derivatives within International securities identification numbering 
system 
 
(ISIN)"


And to go back to Ed's comment.  I *wouldn't* move forward with his 
draft.  It's not space that's currently owned by the IETF/IANA/ICANN.


So a big +1 to Mark's comment about using namespaces not delegated to you.

Mike



On 9/29/2016 11:44 AM, David Conrad wrote:

Mark,

On September 28, 2016 at 10:35:40 PM, Mark Andrews (ma...@isc.org 
) wrote:



Things can change. It is ALWAYS a bad idea to use namespace not
delegated to you.


Unless, of course, Ed's draft progresses and the user assigned ISO 
codes are turned into private use TLDs (similar to RFC 1918 turning 
10/8, etc., into private use address space).


The only way the user assigned codes could be delegated would be if:

a) ISO reverses their policy for those codes and assigns them to countries

b) The IETF revises name assignment policy and demands they be delegated

c) The ICANN community revises name assignment policy and allows them 
to be delegated


I'm quite confident that (c) will never occur -- too many parts of the 
ICANN community would reject the idea instantaneously and given the 
new gTLD program, there is simply no reason for the question to even 
come up.  Similarly, I'm reasonably confident the IETF won't demand 
those labels be delegated -- I can't see a reason why a different 
solution would be sufficient. Where I don't have as much confidence is 
in ISO-3166/MA's actions, but that's mostly because I don't know how 
they work.


Regards,

-drc



___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop



___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread David Conrad 
Mark,

On September 28, 2016 at 5:08:05 PM, Mark Andrews (ma...@isc.org) wrote:
> I've been telling people that if they need a fake private TLD for their local 
> network they should use one of those since it is exceedingly unlikely 
> ever to collide with a real DNS name. Am I right? 

No. Just because countries don't get assigned these values it 
doesn't mean that they can't be assigned by ICANN or the IETF in 
consultation with ICANN. 
I believe from both the IETF's and ICANN's perspective, 2-letter labels at the 
root are reserved to be associated with ISO-3166 2-letter codes. I cannot 
imagine a plausible scenario in which this policy would change.

And who *needs* a fake tld? As far as I can tell almost no one. 
Can we PLEASE not repeat the arguments made against RFC 1918 space in the 
domain name world?

Regards,

-drc




signature.asc
Description: Message signed with OpenPGP using AMPGpg
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread Ralph Droms 


> On Sep 29, 2016, at 2:56 AM, hellekin  wrote:
> 
>> On 09/29/2016 05:42 AM, Edward Lewis wrote:
>> 
>> The one option you have is ".example", unfortunately (and in sympathy)
>> I don't have a better suggestion.
>> 
> 
> .example is for documentation.  You can use .invalid for "fake private
> TLD", which makes it very clear that it's not a valid TLD. (Sorry for
> the tautology.)
> 
> This list of two-letter TLDs sounds like a good candidate for
> Special-Use Domain Names.  But then, it prompts another question: if,
> e.g., XA-XZ are reserved for future use, how to handle their *removal*
> from the Special-Use Name Registry once they're assigned again?  Which
> prompts another question: if a name enters the Special-Use Name
> Registry, is it parked (for an indefinite amount of time), or is it
> engraved in stone (and won't move from that registry again)?  And can
> the SUNR hold both types of names (parked and final)?

Good question, not (as far as I know) explicitly addressed in RFC 6761.

Because there is no explicit prohibition on removal of a name from the SUNR, 
publication of an appropriate RFC directing IANA to take such an action would 
be the appropriate action, at least. In my opinion.

The question might actually apply to many IANA registries.  Do the 
"Registration Procedures" apply to "unregistration" as well?  I don't know if 
there is any precedent here.

- Ralph

> 
> ==
> hk
> 
> ___
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread Viktor Dukhovni 
On Wed, Sep 28, 2016 at 11:27:20PM -, John Levine wrote:

> The codes AA, QM-QZ, XA-XZ, and ZZ are "user assigned" and will never
> be used for countries.  Last year Ed Lewis wrote an I-D proposing that
> XA-XZ be made private use and the rest future use, but as far as I can
> tell it never went anywhere.
> 
> I've been telling people that if they need a fake private TLD for their local
> network they should use one of those since it is exceedingly unlikely
> ever to collide with a real DNS name.  Am I right?

The the ".invalid" TLD is reserved, and has been used for private
naming of domains that are sure to not be real domains either
internally or on the public Internet.  I use:

  address.invalid - added to bare mailbox names in inbound external email.
  bcc.invalid - rewrite domain for (env recipient data) lossless Bcc copies of 
email
  discard.invalid - rewrite domain for addresses whose email gets dropped.
  local.invalid - rewrite domain for local delivery when no real domain is 
"local"
  ...

This is of course different from squatting on a TLD for naming
"real" private domains, and I see little justification for the
latter.  Real 2LDs, 3LDs, ... are cheap, and why not use those
instead?

And for documentation we of course have ".example", "example.net",
...

-- 
Viktor.

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-29 Thread Jaap Akkerhuis 
 David Conrad writes:

 > 
 > I'd really like to say yes, but ISO-3166/MA appears to have removed 
 > references
 > to "User Assigned" in their official ISO-3166 two letter code w=
 > webpage.

Only the the standard is normative.

 > I'm trying to understand if they've changed their mind, but no answer yet.

The standard hasn't changed in that reqpect for the last twenty five year of so.

jaap

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-28 Thread Edward Lewis 
On 9/29/16, 03:27, "DNSOP on behalf of John Levine"  wrote:

> Last year Ed Lewis wrote an I-D proposing that XA-XZ be made private use and 
> the rest future use, but as far as I can tell it never went anywhere.

I'd been waiting for anyone else to show an interest in it before spending any 
time on it.  This is the first mention I've seen on a public list about the 
draft. ;)

As David wrote in a later message, the dam burst on Special Use Domain Name 
registry discussions.
   
>I've been telling people that if they need a fake private TLD for their local 
>network they should use one of those since it is exceedingly unlikely ever to 
>collide with a real DNS name.  Am I right?

I'd have to say not right to be "telling people".  The one option you have is 
".example", unfortunately (and in sympathy) I don't have a better suggestion.

Heuristically, you might be okay using these codes but it's that 
same-old-same-old problem of assuming the future.  My preference would be to 
put the appropriate codes in to the Special Use Domain Name registry before 
"telling people".  I stress the "telling people" because you using ".qy" isn't 
ever going to come to harm (because you can change that "if").

BTW, the user assigned two-letter codes are not the same as unassigned codes. 
These have been expressly set aside for local use, these codes aren't eligible 
for use in any other way, no matter what a new region might call itself.  That 
is, it's more likely some other novel use for one of these codes might be found 
than the code ever matching an economy's identifier.



smime.p7s
Description: S/MIME cryptographic signature
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-28 Thread Mark Andrews 

In message <20160929025351.9873.qm...@ary.lan>, "John Levine" writes:
> >No.  Just because countries don't get assigned these values it
> >doesn't mean that they can't be assigned by ICANN or the IETF in
> >consultation with ICANN.
> 
> I don't see how that follows.  For over 30 years, the rule has been
> that two-letter names are reserved for ccTLDs.  There's never been any
> hint in any RFC I have found that any two-letter names can be assigned
> in any other way.

Things can change.  It is ALWAYS a bad idea to use namespace not
delegated to you.

> >And who *needs* a fake tld?
> 
> Nobody.  We could use HOSTS.TXT.

hosts.txt still takes domain style hostnames.  This is a namespace
issue not a resolution mechanism issue.
 
> R's,
> John
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-28 Thread John R Levine 

I've been telling people that if they need a fake private TLD for their local

?? network they should use one of those since it is exceedingly unlikely
?? ever to collide with a real DNS name. Am I right?
??

I'd really like to say yes, but ISO-3166/MA appears to have removed references to 
"User Assigned" in their official ISO-3166 two letter code webpage. I'm trying 
to understand if they've changed their mind, but no answer yet.


The current list on the ISO web site completely omits those codes. 
They're not assigned, they're not unassigned, they're not reserved, 
they're not formerly assigned, they're not anything.


For about $40 one can buy a copy of ISO 3166-1:2013.  It's not clear from 
the TOC if it's any more informative.


Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

[DNSOP] Tell me about the ISO 3166 user assigned two-letter codes and TLDs

2016-09-28 Thread John Levine 
I don't think this has anything to do with RFC 6761, so ...

For a very long time, two letter TLDs have been assigned to countries
and other geographic entities per the ISO 3166 alpha-2 list.  The
earliest mention I can find is in RFC 920 in 1984, and even then the
wording suggests that the usage was well settled.

The codes AA, QM-QZ, XA-XZ, and ZZ are "user assigned" and will never
be used for countries.  Last year Ed Lewis wrote an I-D proposing that
XA-XZ be made private use and the rest future use, but as far as I can
tell it never went anywhere.

I've been telling people that if they need a fake private TLD for their local
network they should use one of those since it is exceedingly unlikely
ever to collide with a real DNS name.  Am I right?

R's,
John

PS: On my lan, I'm using .QY.

___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop