Opt-in planned obsolescence

[Sam Weiler <weiler@tislabs.com>]

This proposal addresses one of the technical concerns re: opt-in.

Two of the objections to opt-in are that it 1) reduces security and 2)
adds complexity.  As time and technology make signing whole zones less
expensive, we might get the stronger security guarantees back.  We do
not, however, ever get to remove the opt-in code from resolvers unless
we can guarantee that ALL opt-in zones are gone.  As such, the
complexity cost of opt-in will stay with us eternally, long after the
justification for it has passed by.

If we could somehow limit the number of zones that use opt-in, we
might eventually be able to obsolete opt-in and remove the opt-in code
from resolvers, saving that ongoing complexity cost.

The proposal: limit opt-in to TLDs.  Since TLDs are relatively few in
number, it's tractable to track all the operators down and beat them
up.  Once none use opt-in, opt-in code can be removed from resolvers.
Specific text: "TLDs MAY use opt-in.  Deeper delegations MUST NOT use
opt-in.  Resolvers SHOULD reject opt-in delegations from non-TLDs."

Technically, it's still better to not do opt-in.  The objections I've
heard to this planned obsolescence proposal, though, aren't technical.
We shouldn't put on our technical blinders just because financial and
political issues are forcing us down the opt-in road -- we should
still try to make the technical best of the situation.

Olaf's and Scott's May 13th messages reminded me to dig this proposal
up.  Remember to thank them when you next see them.

-- Sam


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>