- From: Paul Hoffman <ietf-lists@proper.com>
- Date: Wed, 21 Jun 1995 20:27:37 -0700
- To: dupuy@smarts.com (Alexander Dupuy)
- Cc: uri@bunyip.com
>This is actually a pretty good example of why using existing DNS names is a >bad idea. Presumably URNsRUs will use urnsrus.com for their own hosts. This >will cause security concerns if they wanted to delegate proper.urnsrus.com >URNs to nameservers at proper.com - making URNs containing urnsrus.com much >less flexible than URNs using just OIDs. I don't understand this logic. URNsRUs loses nothing if it delegates urnsrus.urnsrus.com to its own host, and lets Proper Publishing decide where to host proper.urnsrus.com. That is, the name "urnsrus.com" is really just a base. If Proper Publishing wants to host its own URNs, it can; if it wants URNsRUs to host them, it can. I don't see where the security concern comes in. >Not to mention the problems that >might be caused if a company like O'Reilly started a URN resolution service >using ora.com, but then sold off the service to America Online or OCLC. Well, the same problem exists with the content of the URNs, not just the resolution. I don't think this issue is particular to URNs. >The more I think about it, the more convinced I am that if URNs are to be as >persistent as possible, that they should be numeric (or alphanumeric codes >like the LoC numbers or British/Canadian postal code system). If you use >human-readable names like "proper" or "ibm" people will get emotional and/or >possessive about them, making it much harder to prevent the URNs containing >them from changing over time. I believe that this is a very valid point. As the "owner" of a domain name, I'm certainly guilty of the possesiveness of which you speak. >If you aren't willing to trust IANA to >require reasonable subdelegation arrangements from naming authorities, >why are you willing to trust the IETF standardization process to come up >with a URN protocol? Well, this is the first mention of the IANA, and this is also the first mention that your proposal involves a small number (sounds like <25) second-level naming authorities. I do trust the IANA, but I don't think anyone has asked them if they want to take this on. Further, I'm not sure that they would want to limit the number in the way you would want. But, I agree that a smallish number of DNS-style NAs, particularly if some of them let folks subdivide for almost free, would be a viable solution for the long term. --Paul Hoffman --Proper Publishing
Received on Wednesday, 21 June 1995 23:27:40 UTC