Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

In message , "Howard, Lee" writes: > > > On 5/10/16 9:49 PM, "DNSOP on behalf of Mark Andrews" > wrote: > > > > >In message <20160510160757.13221.qm...@ary.lan>, "John Levine" writes: > >> >

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On 5/10/16 9:49 PM, "DNSOP on behalf of Mark Andrews" wrote: > >In message <20160510160757.13221.qm...@ary.lan>, "John Levine" writes: >> >Administrators should consider whether the lack of user-specified >> >hostnames is a drawback.

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

Yes, indeed that was discussed in the DNSSD working group as a way to do DNS service advertisement using DNS rather than mDNS. On Tue, May 10, 2016 at 9:49 PM, Mark Andrews wrote: > > In message <20160510160757.13221.qm...@ary.lan>, "John Levine" writes: > > >Administrators

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

In message <20160510160757.13221.qm...@ary.lan>, "John Levine" writes: > >Administrators should consider whether the lack of user-specified > >hostnames is a drawback. > > > >This is not true - it would be trivial to allow the enduser to specify a > >few specific hostnames and

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

>Administrators should consider whether the lack of user-specified >hostnames is a drawback. > >This is not true - it would be trivial to allow the enduser to specify a >few specific hostnames and deterministically auto generate the rest. Putting names into the zone is the easy part.

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

Hello, just cleaning up a backlog, I know I missed the last call date :) Yes, we know of various (PowerDNS) deployments doing live and dynamic signing. There are 300k domain setups doing live signing. CloudFlare signs everything live. It is a solved problem. Regarding the draft, in section

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On 5/4/16 8:43 AM, Ted Lemon wrote: > Jinmei-san, with all due respect, I think that you are missing the mark > here. The point of this document is not to make normative requirements. > That's why it's informational. It's simply to enumerate the set of > options that ISPs have. The reason

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On 5/9/16, 2:15 PM, "DNSOP on behalf of 神明達哉" wrote: >At Fri, 6 May 2016 14:59:12 -0400, >Ted Lemon wrote: > >> > While a reverse mapping is generally useful for informational >> > purposes, some people use it

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Fri, May 6, 2016 at 12:34 PM, 神明達哉 wrote: > I fully understand this document does not provide normative > requirements. But in the way it's currently organized, I'm afraid > it will simply promote a vicious circle: more people will think they > need to provide reverse

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

At Wed, 4 May 2016 11:43:16 -0400, Ted Lemon wrote: > Jinmei-san, with all due respect, I think that you are missing the mark > here. First off, I didn't intend to be opposed to providing reverse mappings per se. If my comments read that way, that was because of my poor

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

M To: "sth...@nethelp.no<mailto:sth...@nethelp.no>" <sth...@nethelp.no<mailto:sth...@nethelp.no>> Cc: tjw ietf <tjw.i...@gmail.com<mailto:tjw.i...@gmail.com>>, dnsop WG <dnsop@ietf.org<mailto:dnsop@ietf.org>> Subject: Re: [DNSOP] Working Group Last C

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

I believe that this was unintentional. I think Lee agreed to fix it. On Fri, May 6, 2016 at 5:32 AM, wrote: > > > The point of this document is not to make normative requirements. > > > > But it does: 'Best practice is that "Every Internet-reachable host > > should have a

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

> > The point of this document is not to make normative requirements. > > But it does: 'Best practice is that "Every Internet-reachable host > should have a name"'. I agree. Especially with IPv6 in mind, "Every Internet-reachable host should have a name" is *not* best practice. Steinar Haug,

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Wed, May 04, 2016 at 11:43:16AM -0400, Ted Lemon wrote a message of 518 lines which said: > The point of this document is not to make normative requirements. But it does: 'Best practice is that "Every Internet-reachable host should have a name"'. > It's simply to

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

Jinmei-san, with all due respect, I think that you are missing the mark here. The point of this document is not to make normative requirements. That's why it's informational. It's simply to enumerate the set of options that ISPs have. The reason that the author, who works for an operator,

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Tue, May 03, 2016 at 10:56:14AM -0700, 神明達哉 wrote a message of 181 lines which said: > I'm not sure how we can move forward from here *if* my above concerns > are valid. I can think of a few possibilities, but I'm afraid the > author (and probably other people) don't

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

At Mon, 25 Apr 2016 16:50:42 -0400, Tim Wicinski wrote: > This starts a Working Group Last Call for draft-ietf-dnsop-isp-ip6rdns > > Current versions of the draft is available here: > > https://datatracker.ietf.org/doc/draft-ietf-dnsop-isp-ip6rdns/ > > Please review the

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On 5/3/16, 11:14 AM, "Stephane Bortzmeyer" wrote: >On Mon, May 02, 2016 at 09:03:20PM +, > Howard, Lee wrote > a message of 159 lines which said: > >> If your ISP allows you to run a mail server on the service you buy, > >I think this nicely

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Mon, May 02, 2016 at 09:03:20PM +, Howard, Lee wrote a message of 159 lines which said: > If your ISP allows you to run a mail server on the service you buy, I think this nicely summarizes the disagreement. My ISP does not have to "allow" me to do this or that.

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On 5/3/16, 5:00 AM, "Stephane Bortzmeyer" wrote: >On Mon, May 02, 2016 at 08:59:45PM +, > Howard, Lee wrote > a message of 289 lines which said: > >> Having forward and reverse match isn't BCP (Stephane Bortzmeyer, and >> others) > >No, that was

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Mon, May 02, 2016 at 08:59:45PM +, Howard, Lee wrote a message of 289 lines which said: > Having forward and reverse match isn't BCP (Stephane Bortzmeyer, and > others) No, that was not my point. My point was that having a PTR isn't BCP. _If_ there is a PTR,

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

>So, ISPs not doing reverse DNS for IPv6, like my current ISP, are making it >impossible to use your own mail server to deliver mail over IPv6. I think >they are doing a serious disservice to the open internet. That's a separate conversation. If your ISP allows you to run a mail server on the

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

Sorry for not replying last week; I somehow got unsubscribed from the list a few days before WGLC was started. So let me reply to a few points made so far: Privacy Considerations (Christian Huitema) Thanks to you and other for pointing out this gap. How about: Change Title of "4. Security

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Sat, Apr 30, 2016 at 8:32 AM, Richard Clayton wrote: > "some network services still do" is rather vague (and thus unnecessarily > encourages those of a conservative viewpoint to continue a practice that > I still think is beyond its sell-by date). > This document

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

>... is it not possible to indicate that the only services ever believed >to have acted upon this type of check are email and (in the last >century) FTP ? Or is that an incorrect statement ? It is my impression that IRC has been a fairly enthusiastic user of rDNS. Matching forward and reverse

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message , Ted Lemon writes >NEW: >   RFC 1912 recommended that "every internet-reachable host should >have a name" and says "Failure to have

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns On Apr 29, 2016 4:15 PM, "John Levine" <jo...@taugh.com> wrote: [Christian Huitema wrote:]  >John is correct there. This draft appears to solve a marginal problem, while >creating a huge privacy issues. In fact, I coul

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Apr 29, 2016 4:15 PM, "John Levine" wrote: [Christian Huitema wrote:] > >John is correct there. This draft appears to solve a marginal problem, > while > >creating a huge privacy issues. In fact, I could not find any privacy > >consideration in the text, while provisions such

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

>John is correct there. This draft appears to solve a marginal problem, while >creating a huge privacy issues. In fact, I could not find any privacy >consideration in the text, while provisions such are placing a user name and >location in a PTR record are really privacy hostile. I think the

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Friday, April 29, 2016 9:56 AM, John Levine wrote: > > >So, ISPs not doing reverse DNS for IPv6, like my current ISP, are > >making it impossible to use your own mail server to deliver mail over > >IPv6. I think they are doing a serious disservice to the open internet. > > Aw, c'mon. This

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

>So, ISPs not doing reverse DNS for IPv6, like my current ISP, are making it >impossible to use your own mail server to deliver mail over IPv6. I think >they are doing a serious disservice to the open internet. Aw, c'mon. This argument was over a decade ago. If your ISP is like most other ISPs,

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

>Disclaimer: Personally I think that the whole notion of reverse IP is >ridiculous, especially in IPv6. I proposed that we skip the whole >notion in IPv6, possibly providing some alternate, non-DNS, method to >get hostname from IPv6 addresses for the rare case where that is useful. My problem

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

In your letter dated Fri, 29 Apr 2016 13:33:29 +0100 you wrote: >"needed" is rather a strong word historically reverse DNS was a de >facto requirement for access to some anonymous FTP servers (a use case >that is now rather long in the tooth) and it was seized on by mail >systems that were

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

In your letter dated Fri, 29 Apr 2016 14:26:27 +0200 you wrote: >I see two simple solutions for that. You mention one (ip6.arpa DNS >delegation), since, as you said, people who want to manage a mail >server probably can manage a DNS zone. > >There is another one, apparently not mentioned by the

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message , Philip Homburg writes >In your letter dated Fri, 29 Apr 2016 13:54:44 +0200 you wrote: > >>Having said all of that, I don't see any strong requirement that this >>document provide motivation for

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Fri, Apr 29, 2016 at 02:13:08PM +0200, Philip Homburg wrote a message of 40 lines which said: > In fact, some really big mail providers require reverse DNS. I know. > So, ISPs not doing reverse DNS for IPv6, like my current ISP, are > making it impossible to use

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Fri, Apr 29, 2016 at 01:54:44PM +0200, Shane Kerr wrote a message of 66 lines which said: > Having said all of that, I don't see any strong requirement that > this document provide motivation for reverse DNS solutions for > IPv6. People ask about the problem, and

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

In your letter dated Fri, 29 Apr 2016 13:54:44 +0200 you wrote: >Disclaimer: Personally I think that the whole notion of reverse IP is >ridiculous, especially in IPv6. I proposed that we skip the whole >notion in IPv6, possibly providing some alternate, non-DNS, method to >get hostname from IPv6

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

Stephane, At 2016-04-29 10:58:50 +0200 Stephane Bortzmeyer wrote: > On Mon, Apr 25, 2016 at 04:50:42PM -0400, > Tim Wicinski wrote > a message of 24 lines which said: > > > This starts a Working Group Last Call for draft-ietf-dnsop-isp-ip6rdns > >

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Mon, Apr 25, 2016 at 04:50:42PM -0400, Tim Wicinski wrote a message of 24 lines which said: > This starts a Working Group Last Call for draft-ietf-dnsop-isp-ip6rdns Summary: I think it must *not* be published as it is. The biggest problem is that it fails to explain

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

Section 2.5. "Dynamically Generate PTR When Queried ('On the Fly')" was originally written years ago. Some recent announcement from DNS vendors generating and signing DNS records on the fly seem to be an existence proof that this would actually work and the scalability concerns, certainly valid

Re: [DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

On Mon, Apr 25, 2016 at 4:50 PM, Tim Wicinski wrote: > This starts a Working Group Last Call for draft-ietf-dnsop-isp-ip6rdns > > Current versions of the draft is available here: > > https://datatracker.ietf.org/doc/draft-ietf-dnsop-isp-ip6rdns/ > > Please review the draft

[DNSOP] Working Group Last Call draft-ietf-dnsop-isp-ip6rdns

This starts a Working Group Last Call for draft-ietf-dnsop-isp-ip6rdns Current versions of the draft is available here: https://datatracker.ietf.org/doc/draft-ietf-dnsop-isp-ip6rdns/ Please review the draft and offer relevant comments. Also, if someone feels the document is *not* ready for