No salvation from DNSEXT (was: Additional thoughts on TRANSITIONAL)
Erik van der Poel
erikv at google.com
Fri Dec 4 17:08:52 CET 2009
Ah, in that case, please ignore that part of my email and focus on the
rest of the proposal. Thanks.
On Fri, Dec 4, 2009 at 7:03 AM, Andrew Sullivan <ajs at shinkuro.com> wrote:
> On Fri, Dec 04, 2009 at 04:11:47AM -0800, Erik van der Poel wrote:
>> However, I would encourage .de and .at registry folks to take a closer
>> look at the .gr registry's claims that DNAME is not good enough for
>> email, etc. If DNAME is not changed to include the root of the subtree
>> or if no new xNAME is defined for that purpose, we may decide to keep
>> Eszett DISALLOWED and add a mapping to ss.
> I am not totally sure I yet understand precisely what the problem is
> supposed to be for email -- it's not quite correct, I think, in the
> details. But there is in fact a practical problem with DNAME
> (basically, if you want to resolve at the owner name of the DNAME and
> not below it, you need both a DNAME and an A or something similar at
> that owner name, and that makes management awkward).
> All of _that_ said, if anyone thinks that our effort should depend on
> what happens over in DNSEXT with respect to some possible xNAME
> RRTYPE, please disabuse yourself of that notion right now. I don't
> want to get into the details, because they're off topic for this list,
> but there are three problems:
> 1. There are serious, possibly insurmountable, technical barriers
> to something that completely aliases a whole tree.
> 2. If you think it is hard to get consensus in this WG, you
> should follow the namedroppers (or dnsop) list for a while.
> 3. If you think browsers have a long tail for universal upgrade,
> you should have a look at how long it takes to get resolvers and
> servers replaced. (For example, EDNS0 is over ten years old, and
> penetration is still in pockets as low as 60% of the resolver
> population. Also, it turns out, one of the most popular resolvers
> on the planet implemented it wrong.)
> The concerns about ambiguity are a short-term one, and they have to be
> solved in the short term. That means that anything involving changing
> the way DNS works is not part of the solution. DNS changes take many,
> many years to deploy widely, and over 10 years to deploy universally.
> (I only say "over 10" because the actual time isn't yet known --
> AFAIK, they _never_ get deployed universally.)
> Andrew Sullivan
> ajs at shinkuro.com
> Shinkuro, Inc.
> Idna-update mailing list
> Idna-update at alvestrand.no
More information about the Idna-update