> On 26 Jan 2018, at 3:17 am, Paul Hoffman <paul.hoff...@vpnc.org> wrote:
>
> On 25 Jan 2018, at 7:36, Warren Kumari wrote:
>
>> On Thu, Jan 25, 2018 at 10:10 AM, Tony Finch <d...@dotat.at> wrote:
>>> Isn't this going to cause problems with software that checks hostname
>>> syntax?
>
> Yes. However, that software will only be on the authoritative server side,
> yes? If you're a researcher who wants to run a sentinel test, you can use
> authoritative server software that doesn't block that. For example, I'm
> pretty sure Geoff's software either does not block that or could be tweaked
> easily to not block.
>
>>> Wouldn't it be better to use something like a double hyphen to avoid
>>> collisions?
>>
>> Possibly, or using CNAMES. I (personally) liked the underscores as it
>> separated this from the rest of the namespace, but the double hyphen
>> also sounds like an interesting idea.
>> What does the WG think?
>
> Sentinel would be the first example of label-based special cases in resolver
> software. The special-case labels can be anything that would not ordinarily
> appear at the left. Using dcyen28c5wxcf95fcsxceexwwe1z-ta-12345.example.com
> works just as well, and would probably cause fewer implementers to make bad
> assumptions about the future. Underscores are already used for preventing
> those assumptions, but any unused string works.
the draft’s authors have discussed this, and it appears prudent to stick to the
hostname syntax for this label.
What about if the sentinel spec proposes to use a left-most label of the
form(s):
xm—-is-ta-[key]
and
xm—-not-ta-[key]
would this form of hostname be a reasonable way forward?
Geoff
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
