[Collisions] "controlled interruption" - 127/8 versus RFC1918 space

Joe Abley jabley at hopcount.ca
Thu Jan 9 17:14:21 UTC 2014 

Hi Jeff,

On 2014-01-09, at 11:18, Jeff Schmidt <jschmidt at jasadvisors.com> wrote:

> re: "controlled interruption" (see http://domainincite.com/15512-controlled-interruption-as-a-means-to-prevent-name-collisions-guest-post)

The title of that article is a bit misleading; this appears not to be a method for preventing name collisions, but rather a method for changing the fallout from a collision.

The implementation is a bit vague, too.

Are you talking about changing the mechanism by which new TLDs are provisioned, such that a new TLD will initially be implemented with A and MX records in the root zone, to be followed by a more conventional NS set later?

Or are you rather talking about introducing a new requirement for new gTLD registry operators whereby delegations from the TLD zone are handled that way?

Given the number of new gTLDs that have already been delegated, it seems as though implementation of the former has a dependency on some form of time travel. I can't speak to the feasibility of changing delegation policy for new gTLD registry operators, but I suspect any change in their operational requirements here is at best impractical, and at worst likely to result in a partial mesh of lawsuits.

Specifying the use of a wildcard in a TLD zone (as you suggest as a possible mechanism) is bringing back all kinds of bad memories. A nod towards mail (with the MX reference) is better than the assumption that the only thing anybody ever looks up in the DNS is an address, but it's far from exhaustive. What about SRV lookups by Active Directory clients, for example, or TXT lookups by systems receiving mail? What about all the internal uses of DNS we don't know about? You talk about A records; what about IPv6?

More generally, it's not clear to me that your proposed approach (wherever and however it is implemented) is going to offer much relief for people who might be afflicted by a collision between an internal-use name and a name in the global DNS namespace. Which particular damage scenarios do you think would be mitigated (or easier to diagnose) if this kind of idea was in place?


Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.dns-oarc.net/pipermail/collisions/attachments/20140109/ab676ffa/attachment-0001.pgp>

More information about the Collisions mailing list