I would argue that sunset4 doesn't have the depth of expertise to
do this properly. That the issues are much more nuanced than the
draft makes out.
I would argue that there needs to be the equivalent of a local DNS
server for the zone localhost. More than A and AAAA records need
to be able to be returned.
I would argue that the root zone needs a insecure delegation for
I would argue that the input string "localhost" needs to be treated
as absolute. i.e. search lists don't apply.
In message <9d1c5c76-417a-4af4-9fb0-8354fa8b5...@viagenie.ca>, "Marc Blanchet"
> On 17 Oct 2016, at 12:19, Erik Nygren wrote:
> > In the hopes of allowing devices to some day drop their IPv4 stacks,
> > one
> > thing we will need to keep an eye out for is any behavior that
> > encourages
> > hard-coding 127.0.0.1 or ::1 rather than using a "localhost"
> > abstraction.
> > In the W3C WebAppSec Secure Context discussion, there has been concern
> > that
> > "localhost" shouldn't be a "secure context" (unlike 127.0.0.1 and ::1)
> > due
> > to resolvers not always returning localhost. I worry that this could
> > result in increased use of "127.0.0.1" (such as by web pages
> > containing
> > URLs instructing clients to talk to a localhost resource service).
> > Mike West has written up a "let localhost be localhost" draft to cover
> > this:
> > https://tools.ietf.org/html/draft-west-let-localhost-be-localhost-02
> > I'm sure feedback is quite welcome (and I wonder if sunset4 might be
> > one
> > reasonable place to pick up this work?).
> interesting issue. It certainly relates to name resolution not behaving
> the way it should.
> But yes, sunset4 make sense to pick up this work.
> would one of you two be in Seoul? If yes, we could carve up 5-10 minutes
> in the agenda for that topic.
> > Some background:
> > https://github.com/w3c/webappsec-secure-contexts/issues/43
> > - Erik
> > _______________________________________________
> > sunset4 mailing list
> > firstname.lastname@example.org
> > https://www.ietf.org/mailman/listinfo/sunset4
> sunset4 mailing list
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
sunset4 mailing list