[NCAP-Discuss] Possible inaccuracies in Study 2

Wed Aug 2 20:13:13 UTC 2023

I’ll offer some response to your questions.

On 29 Jul 2023, at 14:45, Rubens Kuhl via NCAP-Discuss wrote:

> I have done a full re-read of Study 2, and have some comments I suggest addressing:
>
> 1. It’s assumed in many sections of the text that root loopback and QNAME minimization will have the full impact of its adoption on seeing collisions at the root server system. But this doesn’t take into account that most of the adoption of such technologies is done by more sophisticated operators (Global recursive such as quad8/9, large ISPs) that were not creating collision opportunities in the first place. There could be a small intersection, like an operator of a local namespace using forward to ISP/global recursive, but the point is that most collisions that actually happen is more likely to still be visible at the root servers.

I agree with you that current deployment of such technologies is “in progress” and even limited today.

However, I do believe that the proposal for name collision assessment is based only or even primarily on the existence of those technologies.  I understand the current proposal to be observing the existence of such things combined with other global changes to the DNS infrastructure and realizing that the DNS infrastructure will continue to evolve.  So, the proposal is about creating a data collection methodology that has a high probability of success, certainly within today’s infrastructure, and based on the best that we know today should be successful going forward.

Of course, if it’s not, then even the data collection will have to evolve and the TRT will be responsible for managing this.

> 2. Root Loopback is mentioned by RFC 7706, but it was obsoleted by RFC 8806. Perhaps mentioning both would cover historic and current aspects.

This is a good catch, thanks.  I expect that Heather is noting this.

> 3. .mail is made a benchmark of high risk, but .mail is not an ordinary collision string. Most of its collisions were found to be dotless (single label mail),  and other than that .mail is very different from the dispersion seen in .internal, .corp or .home. So a string having a higher CDM score than .mail is not surprising and not an indication per se that those delegated strings shouldn’t have been. These comparisons also look at the score as a single dimension, where other factors in the text are mentioned to also be relevant to a collision assessment, thus making the study contradict itself.

Could you be more specific about where you believe that .mail is called out as high risk?  Hopefully this report does not say that explicitly.

It’s worth noting that 7 other TLDs with limited CDMs such as those used to evaluate .mail, were actually delegated in the 2012 round.  To me, that suggests to me that perhaps .mail is not high risk, but then again it’s not for me to say nor is it for this discussion group to say.  That is a decision only the Board/TRT can make.

Jim

>
>
>
> Rubens
>
>
>
>
>
>
>
>
> _______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.