Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Stephane Bortzmeyer writes: > On Wed, Dec 21, 2016 at 10:05:03PM +0100, Jaap Akkerhuis > wrote a message of 16 lines which said: > > > As part of the IDNA discussion there is an RFC (or parts of it) > > pointing out how uesless classes are. I seem to remember it was > > from the IAB and

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Wed, Dec 21, 2016 at 10:05:03PM +0100, Jaap Akkerhuis wrote a message of 16 lines which said: > As part of the IDNA discussion there is an RFC (or parts of it) > pointing out how uesless classes are. I seem to remember it was > from the IAB and one of the authors was Klensin. I was not ab

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

In message , Ted Lemon writes: > > On Dec 21, 2016, at 3:31 PM, Stephane Bortzmeyer > wrote: > > What did we publish on classes? If you refer to > > draft-sullivan-dns-class-useless, it was never published (which is > > bad). > > That’s what I was referring to. It was so obviously the right t

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 21, 2016, at 3:31 PM, Stephane Bortzmeyer wrote: > What did we publish on classes? If you refer to > draft-sullivan-dns-class-useless, it was never published (which is > bad). That’s what I was referring to. It was so obviously the right thing that it never occurred to me that it hadn’t

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Stephane Bortzmeyer writes: > What did we publish on classes? If you refer to > draft-sullivan-dns-class-useless, it was never published (which is > bad). As part of the IDNA discussion there is an RFC (or parts of it) pointing out how uesless classes are. I seem to remember it was from the

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Thu, Dec 15, 2016 at 05:50:11PM -0500, Ted Lemon wrote a message of 93 lines which said: > It would also make it not work for any client, and it would be in > direct contradiction to advice this working group published less > than a year ago. What did we publish on classes? If you refer to

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

> On Dec 15, 2016, at 3:51 PM, Ted Lemon wrote: > > On Dec 15, 2016, at 3:40 PM, Mark Andrews > wrote: >> The IETF and ICANN are going to need to address this issue. It >> does no one any good to leave it festering. > > Yup. I think that’s the bottom line. ICYMI…. DN

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

In message <3e04d8bb-d18f-4d9b-81c3-991bcf76f...@fugue.com>, Ted Lemon writes: > > On Dec 15, 2016, at 4:41 PM, Michael StJohns > wrote: > > The problem with providing an unsecured delegation for .homenet is that > > items subsidiary to .homenet become spoofable in the wider internet and > > that

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

It would also make it not work for any client, and it would be in direct contradiction to advice this working group published less than a year ago. On Thu, Dec 15, 2016 at 5:04 PM, Jacques Latour wrote: > This would probably a good use case for homenet to use its own DNS class, > Class 2 - 0x000

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

This would probably a good use case for homenet to use its own DNS class, Class 2 - 0x0002 – Homenet (HN). How to implement is beyond my paygrade. This would make homenet DNS very distinctive, which it is. If we want to solve this problem, it’s going to require an extension to the DNS that provi

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 15, 2016, at 4:41 PM, Michael StJohns wrote: > The problem with providing an unsecured delegation for .homenet is that items > subsidiary to .homenet become spoofable in the wider internet and that's not > necessarily a good thing. It might make life easier for the homenet folks to > us

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On 12/15/2016 3:11 PM, Ted Lemon wrote: On Dec 15, 2016, at 2:23 PM, Steve Crocker wrote: I don’t understand what is meant by an “unsecured delegation.” I also don’t understand what sort of delegation you want, irrespective of whether DNSSEC is involved. There would be a delegation for .hom

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 15, 2016, at 3:40 PM, Mark Andrews wrote: > The IETF and ICANN are going to need to address this issue. It > does no one any good to leave it festering. Yup. I think that’s the bottom line. ___ DNSOP mailing list DNSOP@ietf.org https://www.ie

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

In message <8d7e8e5c-ec8e-46e9-9c07-947d7a7f6...@fugue.com>, Ted Lemon writes: > On Dec 15, 2016, at 2:23 PM, Steve Crocker wrote: > > I dont understand what is meant by an unsecured delegation. I also > > dont understand what sort of delegation you want, irrespective of whether > > DNSSEC is in

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 15, 2016, at 2:23 PM, Steve Crocker wrote: > I don’t understand what is meant by an “unsecured delegation.” I also don’t > understand what sort of delegation you want, irrespective of whether DNSSEC > is involved. There would be a delegation for .homenet in the secure root, which would

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Ted, I am truly confused by your note. I sense I am missing something fundamental. See specific questions below. Thanks, Steve > On Dec 15, 2016, at 12:20 PM, Ted Lemon wrote: > > On Dec 15, 2016, at 11:05 AM, Jacques Latour > wrote: >> Where do you delegate

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

(no hats) > On Dec 15, 2016, at 12:20 PM, Ted Lemon wrote: > > On Dec 15, 2016, at 11:05 AM, Jacques Latour > wrote: >> Where do you delegate homenet to? Advanced DNSSEC validation may check for >> proper delegation? > > I think we should ask ICANN to set up a

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 15, 2016, at 11:05 AM, Jacques Latour wrote: > Where do you delegate homenet to? Advanced DNSSEC validation may check for > proper delegation? I think we should ask ICANN to set up an unsecured delegation of .homenet to the AS112 servers. In order for names under .homenet to be valid

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On 12/15/2016 11:59 AM, Ray Bellis wrote: On 15/12/2016 16:57, Bob Harold wrote: If an insecure delegation can be made in the root, then could a local trust anchor be used by those who want their .homenet domain DNSSEC validated? That's what I would have expected to happen. Actually, you pro

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On 15/12/2016 16:57, Bob Harold wrote: > If an insecure delegation can be made in the root, then could a local > trust anchor be used by those who want their .homenet domain DNSSEC > validated? That's what I would have expected to happen. > That seems easier than sharing keys or creating subdom

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

If an insecure delegation can be made in the root, then could a local trust anchor be used by those who want their .homenet domain DNSSEC validated? That seems easier than sharing keys or creating subdomains with nsupdate. But I don't know much about trust anchors. -- Bob Harold _

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Ted, very clear summary, thank you. I read the DNSSEC related homenet and dnsop comments and I don’t see how you can have DNSSEC validation for a homenet without a properly signed & delegated domain. If we want a one shoe fits all solution then we need to have a single common domain used by al

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 14, 2016, at 7:09 PM, Ray Bellis wrote: > I meant that they are not technical w.r.t the DNS protocol itself. Nothing about this discussion except the need for an unsecured delegation is technical. ___ DNSOP mailing list DNSOP@ietf.org https://w

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On 15/12/2016 00:07, Ted Lemon wrote: On Dec 14, 2016, at 4:48 PM, Ray Bellis mailto:r...@bellis.me.uk>> wrote: The arguments in favour of a pseudo-TLD are (AFAIK) entirely user orientated, and not technical. You are effectively saying that user interfaces don’t matter. If they do matter,

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 14, 2016, at 4:48 PM, Ray Bellis wrote: > The arguments in favour of a pseudo-TLD are (AFAIK) entirely user > orientated, and not technical. You are effectively saying that user interfaces don’t matter. If they do matter, then getting them right is indeed a technical matter. Diving de

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 14, 2016, at 4:16 PM, Jim Reid wrote: > Surely this string is primarily, if not exclusively, for CPE firmware? You know what they say about assumptions. ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

> On Dec 14, 2016, at 4:48 PM, Ray Bellis wrote: > > > > On 14/12/2016 21:16, Jim Reid wrote: > >> So what? End users are not expected to see this string, far less care >> about it, are they? Surely this string is primarily, if not >> exclusively, for CPE firmware? > > Actually, yes, they ar

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On 14/12/2016 21:16, Jim Reid wrote: > So what? End users are not expected to see this string, far less care > about it, are they? Surely this string is primarily, if not > exclusively, for CPE firmware? Actually, yes, they are expected to see this thing. It would be what would appear in their

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

> On 14 Dec 2016, at 20:43, Ray Bellis wrote: > > On 14/12/2016 20:14, Jaap Akkerhuis wrote: >> Any reason why homenet shuld use a TLD? What is wrong with something >> like homenet.arpa (or thuisnet.arpa, or bob.arpa). > > > > It's not considered user-friendly enough. So what? End users are

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Ray, While I can’t speak for Ralph, I also suggested that comments from DNSOP participants on these drafts should go to the HOMENET WG list, because they were input to a HOMENET WGLC. It does seem to me that the discussion of DNSSEC, including the opposition of the chair of ICANN to an unsigne

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

> On Dec 14, 2016, at 12:37 PM, Michael StJohns wrote: > > On 12/14/2016 12:34 PM, Steve Crocker wrote: >> Mike, >> >> A query to the root for .homenet results in a *signed* answer that .homenet >> does not exist. This should suffice for the purpose you have in mind. > > Yup - that's my comm

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On Dec 14, 2016, at 12:21 PM, Steve Crocker wrote: > If it doesn’t have a globally unique meaning, it doesn’t make sense to query > the root for an answer. > > What problem is trying to be solved? I suspect whatever the problem actually > is, the answer will be something other than adding an u

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On 12/14/2016 12:34 PM, Steve Crocker wrote: Mike, A query to the root for .homenet results in a *signed* answer that .homenet does not exist. This should suffice for the purpose you have in mind. Yup - that's my comment: The third way is to do no delegation from the root for .homenet a

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Mike, A query to the root for .homenet results in a *signed* answer that .homenet does not exist. This should suffice for the purpose you have in mind. Ralph, Re moving to the homenet list, I will try to send the same info there once I have time to sign up for that list. Steve > On Dec 14,

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

If it doesn’t have a globally unique meaning, it doesn’t make sense to query the root for an answer. What problem is trying to be solved? I suspect whatever the problem actually is, the answer will be something other than adding an unsecured delegation to the root zone. Steve > On Dec 14,

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

On 14/12/2016 17:24, Ralph Droms wrote: > Is there any way this discussion could be moved to homenet, which is > where the use case originates and the WG last call is taking place? Ralph, I think this is primarily a DNSSEC problem, and the expertise for that is here rather than in Homenet. Ray

Re: [DNSOP] [homenet] WGLC on "redact" and "homenet-dot"

Is there any way this discussion could be moved to homenet, which is where the use case originates and the WG last call is taking place? - Ralph > On Dec 14, 2016, at 12:21 PM, Steve Crocker wrote: > > If it doesn’t have a globally unique meaning, it doesn’t make sense to query > the root for