On Mon, Jun 09, 2008 at 04:53:42PM +0100, Gervase Markham wrote:

> > What you're really
> > trying to do here is extract meaning from the domain name, but you
> > can't do that reliably.  Previous efforts in that direction have
> > failed in unexpected ways; and given that you seem to have multiple
> > ways you want to use this feature, I don't see any reason to believe
> > you won't have surprising failures too.
> 
> I think your statements of doom need to be more specific.

I think you may be misplacing the burden of proof there.  We have
previous cases where apparently innocent inference of this sort of
metadata about domains turned out to be harmful.  I'm arguing, by way
of analogy, that it is not unreasonable to suppose your approach may
cause harm too.

Your response appears to be that you won't cause that kind of harm.
I'm sure that's true.  But my argument is that, because you are
relying on meanings that simply aren't in the DNS at all, your feature
is automatically fragile.  It will behave in ways that are surprising,
because the behaviour of cookies (and, for that matter, of grouping of
history stuff) will be based on hard-coded bits inaccessible to any
user unwilling to read the source code.  Also, new operators of various
domains that may want to behave differently than your current
expectation will be disadvantaged by what you're doing.  Without
getting every current user in the world to upgrade their client, they
will continue to suffer that disadvantage to some extent.  That seems
like a kind of "harm" to me, but I appreciate that we may have
different meanings of that word.

Best regards,

A

-- 
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to