From: "John Levine" <johnl@iecc.com>
To: musl@lists.openwall.com
Subject: Re: Re: Would not love to see reconsideration for domain and search
Date: 26 Oct 2015 02:14:32 -0000 [thread overview]
Message-ID: <20151026021432.20049.qmail@ary.lan> (raw)
In-Reply-To: <20151023042720.GE8645@brightrain.aerifal.cx>
>BTW I think there are other strong reasons to move to a model based on
>a local nameserver that does the unioning, not just performance. The
>most compelling is DNSSEC, which requires a trusted channel between
>the nameserver and the stub resolver in order for results to be
>meaningful/trusted. ...
Yes, definitely.
DNS search lists seemed like a good idea back in the 1980s. Then in
1990 they added .CS for Czechoslovakia to the DNS root, and in
Computer Science departments all over the world, addresses like
joe@frodo.cs stopped working, since the search list that used to turn
it into joe@frodo.cs.stateu.edu didn't do that any more.
ICANN has added about 600 new top level domains in the past two years,
There's still nearly a thousand more in the pipeline, and they're
talking about another round that will add thousands more. I went to a
two day meeting about name collisions after the London ICANN meeting,
and a great deal of the discussion was about how to flush out old
search list queries before they started resolving wrong.
If you want to have a local namespace overlaid on the DNS, it is not
hard to configure bind or unbound to do that so, e.g. names in
whatever.blah resolve locally. You can even configure in local DNSSEC
anchors for .blah if you want. In that case if there's ever a global
.blah TLD, your local users won't be able to see it, but your local
applications will keep working.
I'd strongly suggest that the lack of DNS search lists is a feature,
and not to change it.
R's,
John
next prev parent reply other threads:[~2015-10-26 2:14 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-22 21:24 Would " Tim Hockin
2015-10-22 21:56 ` Rich Felker
2015-10-22 22:36 ` Tim Hockin
2015-10-22 23:00 ` Josiah Worcester
2015-10-22 23:37 ` Tim Hockin
2015-10-23 4:27 ` Rich Felker
2015-10-23 5:13 ` Tim Hockin
2015-10-23 5:31 ` Rich Felker
2015-10-23 5:37 ` Tim Hockin
2015-10-23 6:00 ` Rich Felker
2015-10-23 6:04 ` Tim Hockin
2016-01-29 0:57 ` Rich Felker
2015-10-27 0:30 ` Rich Felker
2015-10-27 0:37 ` Tim Hockin
2015-10-27 0:45 ` Rich Felker
2015-10-27 8:11 ` u-uy74
2015-11-28 22:48 ` Jan Broer
2015-11-28 23:20 ` Rich Felker
2015-11-29 3:06 ` Jan Broer
2016-01-29 0:58 ` Rich Felker
2015-10-26 2:14 ` John Levine [this message]
2015-10-26 5:14 ` Re: Would not " Tim Hockin
2015-10-26 16:16 ` Rich Felker
2015-10-26 17:41 ` John Levine
2015-10-26 18:08 ` Rich Felker
2015-10-23 8:12 ` Re: Would " u-uy74
2015-10-23 9:35 ` Laurent Bercot
2015-10-23 12:23 ` Laurent Bercot
2015-10-23 15:57 ` Tim Hockin
2015-10-23 5:26 ` Kurt H Maier
2015-10-24 21:33 ` Tim Hockin
2015-10-24 21:57 ` Kurt H Maier
2015-10-24 23:31 ` Rich Felker
2015-10-24 22:02 ` Rich Felker
2015-10-24 22:32 ` Tim Hockin
2015-10-25 8:20 ` u-uy74
2015-10-25 13:06 ` Jan Broer
2015-10-25 13:19 ` u-uy74
2015-10-25 13:39 ` Jan Broer
2015-10-25 14:08 ` u-uy74
2015-10-25 19:08 ` Rich Felker
2015-10-26 1:26 ` Isaac Dunham
2015-10-26 15:35 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151026021432.20049.qmail@ary.lan \
--to=johnl@iecc.com \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).