I would argue that sunset4 doesn't have the depth of expertise to
do this properly.  That the issues are much more nuanced than the
draft makes out.

I would argue that there needs to be the equivalent of a local DNS
server for the zone localhost.  More than A and AAAA records need
to be able to be returned.

I would argue that the root zone needs a insecure delegation for
localhost.

I would argue that the input string "localhost" needs to be treated
as absolute.  i.e. search lists don't apply.

Mark

In message <9d1c5c76-417a-4af4-9fb0-8354fa8b5...@viagenie.ca>, "Marc Blanchet" 
writes:
> On 17 Oct 2016, at 12:19, Erik Nygren wrote:
> 
> > In the hopes of allowing devices to some day drop their IPv4 stacks, 
> > one
> > thing we will need to keep an eye out for is any behavior that 
> > encourages
> > hard-coding 127.0.0.1 or ::1 rather than using a "localhost" 
> > abstraction.
> > In the W3C WebAppSec Secure Context discussion, there has been concern 
> > that
> > "localhost" shouldn't be a "secure context" (unlike 127.0.0.1 and ::1) 
> > due
> > to resolvers not always returning localhost.  I worry that this could
> > result in increased use of "127.0.0.1" (such as by web pages 
> > containing
> > URLs instructing clients to talk to a localhost resource service).
> >
> > Mike West has written up a "let localhost be localhost" draft to cover 
> > this:
> >
> >      https://tools.ietf.org/html/draft-west-let-localhost-be-localhost-02
> >
> > I'm sure feedback is quite welcome (and I wonder if sunset4 might be 
> > one
> > reasonable place to pick up this work?).
> 
> interesting issue. It certainly relates to name resolution not behaving 
> the way it should.
> 
> But yes, sunset4 make sense to pick up this work.
> 
> would one of you two be in Seoul? If yes, we could carve up 5-10 minutes 
> in the agenda for that topic.
> 
> Marc.
> 
> >
> > Some background:
> > https://github.com/w3c/webappsec-secure-contexts/issues/43
> >
> > - Erik
> 
> 
> > _______________________________________________
> > sunset4 mailing list
> > sunset4@ietf.org
> > https://www.ietf.org/mailman/listinfo/sunset4
> 
> _______________________________________________
> sunset4 mailing list
> sunset4@ietf.org
> https://www.ietf.org/mailman/listinfo/sunset4
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: ma...@isc.org

_______________________________________________
sunset4 mailing list
sunset4@ietf.org
https://www.ietf.org/mailman/listinfo/sunset4

Reply via email to