To:
Daniel Senie <dts@senie.com>
Cc:
dnsop@cafax.se
From:
Randy Bush <randy@psg.com>
Date:
Mon, 10 Sep 2001 08:01:18 -0700
Sender:
owner-dnsop@cafax.se
Subject:
Re: I-D ACTION:draft-ietf-dnsop-dontpublish-unreachable-00.txt
> I just read this new I-D, and am not sure it's a "good thing." My concern > centers around the draft's assumption that there are two types of > environments, public and private, and that it is easy to tell the > difference. I worry that with the increased use of policy routing, IPSec > and such, we might well find cases where the degree of "publicness" or > "privateness" of information is highly dependent on where a particular > station is on the Internet, and what its authorizations are. seems to me that there are two partitions being discussed. the first, sec 2, is 1918 private address space. considering the proscriptions in 1918 itself, and the rather clear boundaries, i hope that you have no problem proscribing leakage of dns data where sourced packet addresses are not supposed to leak. other 'unreachable' space, section 3, is a more interesting case. why i think philip's position seems reasonable is that, with all the multi-view capabilities we have these days, it would seem reasonable to ask that whatever is blocking reachability should also handle the different dns view. on the other hand, i will admit to worries about multiple views in general, though negligible worries at a 1918 boundary. so i think i support at least the 1918 hiding. randy