On Tue, Sep 29, 2020 at 10:27:37AM +0200, Florian Weimer wrote: > * Zbigniew Jędrzejewski-Szmek: > > > https://www.iab.org/documents/correspondence-reports-documents/2013-2/iab-statement-dotless-domains-considered-harmful/ > > in this particular case. > > I looked at this extensively a couple of months ago. There is also an > ICANN recommendation along similar lines, but focusing more on stub > resolver configuration and search path processing, which is a better fit > for systemd-resolved. > > The feedback I received from subject matter experts is that complying > with these ICANN recommendations (for search path processing) would > break about 60% of all deployed Kubernetes clusters (and not just inside > containers). I think some people have since started on updating > Kubernetes practices and recommendations, but I expect that it will be a > few more months until we see first effects. No, I don't think anyone did this kind of research. But Kubernetes was a (the?) primary motivation to optionally allow dotless lookups. (The assumption is that if you're running k8s, you are not just going to install latest Fedora there, but would do local configuration for the deployment anyway and can include the override.) > One problem with DNS is that you cannot take the standards and official > recommendations and use them as a reference for a new DNS > implementation. Many of the specifications are very old, some are quite > poor, several of the sub-protocols are very badly designed (like using > timeouts for protocol version negotiation; obviously that one never made > it into an RFC, but was still widely deployed), and the entire space is > extremely politicized. Not just by governments, but also by groups of > individuals who for some reason cannot get along at all. Yes, sadly. Zbyszek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
