Looking at the rest of the document, I do find that it is written rather
oddly.
The document essentially says 'the DNS is designed with these assumptions in
mind, therefore applications must take these into account'.
I would hope that an Internet Architecture Board would look at the features
that applications require and propose an architecture to support them.
There are some DNS architectural assumptions that cannot be changed. For
example, ownership of names must be unambiguous. There cannot be two
example.com domains being run by separate parties. But that does not mean
that the mappings within that namespace must be universal and context free.
The market has abandoned the notion that DNS mappings be global long ago.
The weakest DNS architectural idea is the notion that DNS resolvers are
untrusted. This is simply wrong. Every DNS resolver performs a trusted role.
The failure to recognize this fact in the DNS architecture is an
architectural failure of the type I would like to see the IAB saying 'this
is wrong, this is bad, this should change'.
There is no reason intrinsic to the DNS design that requires hosts to engage
in promiscuous resolution. There are obvious health risks to doing so.
Deprecating this bad architectural commitment allows many other DNS flaws to
be mitigated, the vulnerability to traffic analysis and denial of service,
for example.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf