Pekka Savola <[EMAIL PROTECTED]> wrote: |On Mon, 12 Apr 2004, Tony Hain wrote: |> Again, |> unless there is impact to a 3rd party, putting local use addresses in the |> global DNS is none of the IETF's business. | |If you look at the case 1) below, that for certainty is a case which |would impact third parties.
People who are accessing your names in your DNS are not third parties; they are first parties (or maybe second parties :). Note that discussion of a "global DNS" tends to imply that there is some other kind, indirectly endorsing multi-face and such. Prohibiting addresses from a "global DNS" virtually requires the use of multi-face. Do we really want to go there? I'm not one who wants to prohibit multi-face DNS for those who want it, but I don't want to be forced to use it myself... Dan Lanciani [EMAIL PROTECTED] |> > -----Original Message----- |> > From: Pekka Savola [mailto:[EMAIL PROTECTED] |> > Sent: Friday, April 09, 2004 10:57 PM |> > To: Tony Hain |> > Cc: 'Dan Lanciani'; [EMAIL PROTECTED] |> > Subject: RE: Response to AD comments on draft-ietf-ipv6-unique-local-addr- |> > 03.txt |> > |> > On Fri, 9 Apr 2004, Tony Hain wrote: |> > > I agree with Dan. Unless someone can show explicit harm to a third party |> > by |> > > putting them in the global DNS, there is no reason to even discuss their |> > > presence or absence in the global DNS. |> > |> > I think there are two (operational -- can't be checked by the |> > implementation) cases here: |> > |> > 1) putting in local addresses to global DNS names which are expected |> > to be used by outsiders who are not interested of local |> > addresses, or to whom local addresses could even mean a |> > service degradation. (e.g., www.example.com, smtp.example.com, |> > etc.etc.) |> > |> > 2) putting in local addresses for names which are not expected to be |> > used (e.g., "canada.vpn.example.com", to perform some kind of |> > "auto-discovery" functions) except who know which hostnames those |> > are and know what they're doing. |> > |> > In the former, adding them makes very little sense. In the latter, |> > adding them might be beneficial, while I'm not sure I can see the |> > scenario as I think one might want to use global addresses instead.. |> > |> > > > -----Original Message----- |> > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of |> > Dan |> > > > Lanciani |> > > > Sent: Friday, April 09, 2004 1:16 PM |> > > > To: [EMAIL PROTECTED] |> > > > Subject: Re: Response to AD comments on draft-ietf-ipv6-unique-local- |> > addr- |> > > > 03.txt |> > > > |> > > > Kurt Erik Lindqvist <[EMAIL PROTECTED]> wrote: |> > > > |> > > > |> |=> At least you and I agree FWIW :) |> > > > |> |Perhaps I missed this discussion, but I can't see |> > > > |> |why they should be put in the global DNS. |> > > > |> |> > > > |> One might want to build an overlay network where consenting sites |> > know |> > > > |> how |> > > > |> to reach each other by constructing dynamic tunnels based on some |> > (yet |> > > > |> to |> > > > |> be defined) mapping function. Thus the addresses may well be |> > > > |> reachable in |> > > > |> some sense. |> > > > | |> > > > |But is this reason enough to have them in the global DNS tree. |> > > > |> > > > Certainly. If they are in the global DNS then the overlay network can |> > be |> > > > handled entirely by routers (or even stub hosts) that know how to look |> > up |> > > > the |> > > > mapping and create the tunnels. This is the approach I intend to use |> > if |> > > > unique |> > > > addresses become a reality. If the addresses are not allowed in the |> > > > global DNS |> > > > then multi-faced or multi-rooted DNS (or worse) hacks are required to |> > > > allow |> > > > applications to see the addresses in the first place. |> > > > |> > > > I strongly object to restricting unique addresses from the global DNS. |> > It |> > > > seriously compromises their utility and it does nothing to make |> > anyone's |> > > > life easier. Applications must already deal with the case of |> > addresses |> > > > that |> > > > are not reachable because of filters. There is no reason to single |> > these |> > > > addresses out for second-class treatment. |> > > > |> > > > Dan Lanciani |> > > > [EMAIL PROTECTED] |> > > > |> > > > -------------------------------------------------------------------- |> > > > IETF IPv6 working group mailing list |> > > > [EMAIL PROTECTED] |> > > > Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 |> > > > -------------------------------------------------------------------- |> > > |> > > |> > > -------------------------------------------------------------------- |> > > IETF IPv6 working group mailing list |> > > [EMAIL PROTECTED] |> > > Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 |> > > -------------------------------------------------------------------- |> > > |> > |> > -- |> > Pekka Savola "You each name yourselves king, yet the |> > Netcore Oy kingdom bleeds." |> > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings |> |> |> -------------------------------------------------------------------- |> IETF IPv6 working group mailing list |> [EMAIL PROTECTED] |> Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 |> -------------------------------------------------------------------- |> | |-- |Pekka Savola "You each name yourselves king, yet the |Netcore Oy kingdom bleeds." |Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings | | |-------------------------------------------------------------------- |IETF IPv6 working group mailing list |[EMAIL PROTECTED] |Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 |-------------------------------------------------------------------- | -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------