[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[DFRI-listan] Fwd: [DNSOP] followup and proposed actions: RFC 6761 interim and next steps

Hej listan!

Här följer en sammanfattning från det som hänt inom IETF och alternativa namn för DNS. Det här arbetet initierades av en draft för få in alternativa toppdomäner enligt RFC 6761. Denna RFC härstammar från Apple när de ville reservera .local för lokala tjänster med Bonjour (mDNS). Detta gick då rätt smärtfritt.

Men önskemålet som uppstod senare var att bl.a. reservera .onion för Tor-tjänster. Då började arbetsgruppen dnsop inom IETF bli lite oroliga, och ICANN-människor såg det här som en bakväg för att få in nya toppdomäner i root. Så ett rätt stort arbete har inletts för att reda ut konsekvenserna av RFC 6761, och formalisera någon slags process för den här bakvägen för nya speciella toppdomäner.

Den här texten beskriver kort vad läget är. Det ser lite ljusare ut för .onion nu än vad det gjort tidigare. Men konsekvenserna genom att registrera .onion den här vägen blir att det blir en slags dörröppnare för andra specialdomäner.

Begin forwarded message:

From: Suzanne Woolf <suzworldwide@xxxxxxxxx>
Subject: [DNSOP] followup and proposed actions: RFC 6761 interim and next steps
Date: 20 May 2015 00:18:24 GMT+2
Cc: joel jaeggli <joelja@xxxxxxxxx>

Dear Colleagues,

First, thanks for extensive and thoughtful discussion on the list and in our interim meeting last week on the way forward for the internet-drafts requesting special use names registry entries under RFC 6761.

This message is fairly long, and contains some impressions of where we are, a couple of actions we expect to take in the next few days, and some questions we’d like to pursue going forward. Please read all of it if you’re interested in the overall topic; we have significant challenges of both process and substance to navigate.

It's clear that applying RFC 6761 is challenging, and one of the outcomes we'd like to see from the current discussion is serious consideration of whether we need to update it with a new document suggesting additional guidelines or considerations.

First, some initial impressions:

.ONION (draft-appelbaum-dnsop-onion-tld-01):

* There’s significant support for the .onion request, in terms of the draft itself and what the TOR project is trying to accomplish by supporting the protocol and making the request.

* There are some reservations about .onion. We heard concerns that we might be setting a precedent for arbitrary appropriation of namespace; that the protocol may not be thoroughly documented, and that we’re not clear on how high the bar should be for a special use name.

.ALT (draft-wkumari-dnsop-alt-tld-06):

* There’s significant support for .alt as a possible alternative namespace for implementers who want namespace they’re certain won’t resolve in the global DNS, but are willing to be flexible on what namespace they use.

* There are operational questions about .alt that would have to be resolved in further development of the draft, such as whether to assume “leaked” queries would be sunk to AS112.

* There was some concern that implementers who want single-label or “TLD” namespaces would not accept .alt as a possible alternative

* There was some question as to what would be gained by .alt that we don’t already have in .invalid, which is also already reserved

HOME/CORP/MAIL (draft-chapin-additional-reserved-tlds-02):

* This is the most controversial of the RFC 6761 drafts and the one most driven by policy concerns

* The draft assumes that these names are commonly being used in local DNS contexts and often “leak” into the public internet. Specific uses are not documented.

* The most commonly used justification for this reservation was the risk of name collision if ICANN delegates these names in the production root zone.

* Since ICANN has said that they’re not currently planning to delegate these names, the justification further seems to assume that ICANN’s assurance of this is not a sound basis for believing that risk is contained

* There were questions about how to quantify name collision risk, or otherwise set a threshold for what operational characteristics of the appearance of a given name in the public internet would justify a conclusion that it should be “protected” by the IETF from delegation in the production root zone


There was some discussion of other drafts as well. In particular, there was some willingness to review the requests currently contained in draft-grothoff-iesg-special-use-p2p-names-04 if presented in separate drafts, as that would make it easier for the WG to properly consider those requests.


We expect to take the following steps:

1. A call for adoption on the WG list of draft-appelbaum-dnsop-onion-tld-01. Given that there's clear support for it and a timeliness concern, we'd like to see if we can get to a consensus to move forward with it.

2. A call for adoption on the WG list of draft-wkumari-dnsop-alt-tld-06, and further discussion on the list to the operational questions mentioned above. We're all aware this isn't a complete solution to the perceived demand for special use names; can it be used to make the situation notably better?

3. Further discussion on the WG list of draft-chapin-additional-reserved-tlds-02. Given that we don't currently see consensus to move forward with it, and the support for it seems widely fragmented among technical and policy-based reasoning, we'd particularly like to see any NEW input on:

* What is the specific operational impact being sought by adding these names to the special use names registry? Is the goal to have an impact on anyone besides ICANN?
* Some of our discussion so far has suggested that there's a difference between basing a decision about a special use names delegation on intended use in a new protocol, such as .onion, and basing such a decision on unknown and unspecified use, perhaps particularly within the DNS. In the interests of evaluating future such requests that might also not be based on a specific protocol use, is there a bar we can set besides the discussion in the current draft of inferred name collision risk?

4. It's been pointed out that the maintenance of the special use names registry is complicated by the fact that people used to be able to assume the root zone was relatively stable, and this assumption has become less defensible. (ICANN is not currently accepting new applications for TLDs, and has no announced schedule for opening an application window again, but has said they plan a future application round.) Is there something that the IETF should be doing to help DNS implementers and operators handle this change in the environment?

Suzanne and Tim
DNSOP mailing list

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail