On Tue, Nov 17, 2020 at 4:46 PM Tony Finch <d...@dotat.at> wrote: > Brian Dickson <brian.peter.dick...@gmail.com> wrote: > > > One potential approach is to say (in the RFC) that one of the two-letter > > reserved codes should avoid name collision by putting a > collision-resistant > > second-level label, below .zz and above the private use usage (and use > that > > particular two-letter code in that manner exclusively). > > This kind of thing, or guidspace.arpa, is not that different in terms of > usability / ugliness from assigning a unique subdomain under a domain that > has been registered in the normal way. >
Confirming that I understand your point: You're discussing the case of some local-network technology using $guid.guidspace.technology-vendor.com? 3 possible advantages I can think of of standardizing a .arpa subdomain: 1) More universally trustworthy that *.guidspace.arpa names will never be globally resolvable, which would be unexpected behavior. If using a normally registered domain, you have to rely on whoever owns that domain, and I could see usecases where the domain owner and the tech owner creating a name are not one and the same. 2) In cases different technology vendors have created some standard relying on guid-generated unique names (not necessarily an IETF standard), it may be desirable for the generated names to fall under some neutral third-party domain (in this case .arpa) rather than everyone involved relying on somebody maintaining a domain. 3) In more general cases where different parties aren't trying to interconnect, I don't quite understand why everyone can't just register domains for their uses. But one of the reasons we keep discussing potential solutions for local domains is that many people keep refusing to register names. This would be a good alternative to hopefully convince them to stop squatting unowned names. (Although from a practical perspective, I have no illusions that this would actually end the practice of squatting.) > > There's also a privacy leak: if you assign a unique subdomain then when a > device roams and leaks queries for the private domain, the device can be > tracked and correlated with other devices that use the same private > domain. > What if, in whatever hypothetical solution is using this, it is reasonable for devices to always regenerate the names they are using on changing networks? At least in such hypothetical cases, it seems the privacy danger would be significantly mitigated, right? (Maybe we're getting too far into unknown hypotheticals without finding actual usecases or implementors that want this.) > > I have a terrible mental conflict trying to weigh this privacy issue > against the horrible consequences of encouraging people to squat on > unassigned domains and use colliding hostnames. The privacy leak probably > needs to be fixed regardless, and if it is fixed then there would be a bit > less pressure in favour of unwise squatting. > > Tony. > -- > f.anthony.n.finch <d...@dotat.at> http://dotat.at/ > Biscay: Southerly 3 to 5, veering westerly 5 or 6 later in northwest. > Moderate, occasionally rough in northwest. Rain later. Good, occasionally > moderate. > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop