RFC 6303 doesn't help, because locally-served zones are all under .arpa, and hence can have secure delegations. It is analogous to .ONION, yes.
On Thu, Nov 17, 2016 at 2:06 PM, Shane Kerr <sh...@time-travellers.org> wrote: > Ted, > > Isn't this more-or-less the same as .ONION then? We're searching for a > label-based switch to disable DNS? > > An alternate interpretation would be that this is something that could > be added to RFC 6303, "Locally Served DNS Zones". While that RFC is > only about reverse DNS now, one could step back a bit and squint and > think that maybe localhost is similar. :) > > Cheers, > > -- > Shane > > At 2016-11-17 13:19:28 +0900 > Ted Lemon <mel...@fugue.com> wrote: > >> The reason I ask is that the document proposes /not/ to use DNS to resolve >> it, which I think is correct. So it really doesn't sound like a dnsop >> issue. It's sounds like an intarea issue, or else keep it in sunset4. >> >> Additionally, the root zone will respond to queries for localhost with a >> secure denial of existence. This means that it is literally an error to >> look up "localhost" with DNS--you will get a failure instead of an IPv4 or >> IPv6 address. I don't see any particular harm in having this reviewed in >> DNSOP, but I hope it doesn't take too long. >> >> On Nov 17, 2016 13:04, "Dan York" <y...@isoc.org> wrote: >> >> > Ted, >> > >> > > On Nov 17, 2016, at 12:46 PM, Ted Lemon <mel...@fugue.com> wrote: >> > > >> > > Just to play the devil's advocate here, what does this have to do with >> > DNS? >> > >> > From the abstract: >> > >> > This document updates RFC6761 by requiring that the domain >> > "localhost." and any names falling within ".localhost." resolve to >> > loopback addresses. This would allow other specifications to join >> > regular users in drawing the common-sense conclusions that >> > "localhost" means "localhost", and doesn't resolve to somewhere else >> > on the network. >> > >> > It's an update to RFC 6761 and all about resolution of "localhost". >> > >> > To me that seems like a DNS issue... and since we already have a heap of >> > open issues with 6761, this would seem to be one more thing to consider. >> > >> > I should mention that Terry Manderson (INT AD) and Joel Jaeggli (OPS AD) >> > were both in the SUNSET4 room and agreed they would have a discussion about >> > which WG this document should live in. Both agreed that DNSOP should at >> > least definitely look at it. >> > >> > Peter Koch and I both recommended from the mic that it be brought to DNSOP >> > (which I guess I then did by posting it here). >> > >> > Peter also mentioned that there was a long history with the resolution >> > around "localhost" and that this topic had been discussed at length >> > multiple times. (I took it that he was not saying it should NOT be brought >> > up again, but rather that the authors should be aware that it had a good >> > bit of history.) >> > >> > Dan >> > >> > >> > >> > >> > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
