Re: new port for DNS

Paul Hoffman (ietf-lists@proper.com)
Wed, 21 Jun 1995 20:27:37 -0700


Message-Id: <v02120c07ac0e914633f5@[165.227.40.31]>
Date: Wed, 21 Jun 1995 20:27:37 -0700
To: dupuy@smarts.com (Alexander Dupuy)
From: ietf-lists@proper.com (Paul Hoffman)
Subject: Re: new port for DNS
Cc: uri@bunyip.com

>This is actually a pretty good example of why using existing DNS names is a
>bad idea.  Presumably URNsRUs will use urnsrus.com for their own hosts.  This
>will cause security concerns if they wanted to delegate proper.urnsrus.com
>URNs to nameservers at proper.com - making URNs containing urnsrus.com much
>less flexible than URNs using just OIDs.

I don't understand this logic. URNsRUs loses nothing if it delegates
urnsrus.urnsrus.com to its own host, and lets Proper Publishing decide
where to host proper.urnsrus.com. That is, the name "urnsrus.com" is really
just a base. If Proper Publishing wants to host its own URNs, it can; if it
wants URNsRUs to host them, it can. I don't see where the security concern
comes in.

>Not to mention the problems that
>might be caused if a company like O'Reilly started a URN resolution service
>using ora.com, but then sold off the service to America Online or OCLC.

Well, the same problem exists with the content of the URNs, not just the
resolution. I don't think this issue is particular to URNs.

>The more I think about it, the more convinced I am that if URNs are to be as
>persistent as possible, that they should be numeric (or alphanumeric codes
>like the LoC numbers or British/Canadian postal code system).  If you use
>human-readable names like "proper" or "ibm" people will get emotional and/or
>possessive about them, making it much harder to prevent the URNs containing
>them from changing over time.

I believe that this is a very valid point. As the "owner" of a domain name,
I'm certainly guilty of the possesiveness of which you speak.

>If you aren't willing to trust IANA to
>require reasonable subdelegation arrangements from naming authorities,
>why are you willing to trust the IETF standardization process to come up
>with a URN protocol?

Well, this is the first mention of the IANA, and this is also the first
mention that your proposal involves a small number (sounds like <25)
second-level naming authorities. I do trust the IANA, but I don't think
anyone has asked them if they want to take this on. Further, I'm not sure
that they would want to limit the number in the way you would want. But, I
agree that a smallish number of DNS-style NAs, particularly if some of them
let folks subdivide for almost free, would be a viable solution for the
long term.

--Paul Hoffman
--Proper Publishing