discuss AT lists.opennicproject.org
Subject: Discuss mailing list
List archive
- From: Erich Eckner <opennic AT eckner.net>
- To: discuss AT lists.opennicproject.org
- Subject: Re: [opennic-discuss] broken https on reg.libre
- Date: Fri, 29 May 2020 20:08:22 +0200 (CEST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
On Fri, 29 May 2020, Walter H. wrote:
On 29.05.2020 16:31, Rouben wrote:
Hi all,
Interesting conversation! My apologies for the wall of text and for breaking the quote-thread.
First of all, congrats on setting up the ACME service prototype, I’ll give it a whirl and report back when I get the chance.
Second, with regards to email working on OpenNIC domains (which is a prerequisite for S/MIME),
a prerequisite not only for S/MIME;
I think the “parallel universe” issue boils down to the fact that we would need to pretty much start operating our own internal, OpenNIC email service that uses a standard ICANN TLD in order to talk to the rest of the world. A gateway between the parallel universes, if you will. :)
a workaround for solving a problem, which wouldn't exist without the parallel universe?
just the question: what was the origin goal of OpenNIC?
- free domains?
Yes, "free" like in freedom, I think. (and also gratis, as it turns out)
- something different?
- - A playground for dns-wannabe-admins like me :-)
- - Independent dns roots.
I guess not really building up a parallel universe what it is in fact ;-)
Right, if ICANN provided free (not to be confused with gratis) domains, the parallel universe would not be necessary. But since they don't (and probably never will), we are stuck with that.
The MTAs (mail servers) would need to maintain a database, ...
a little bit weired; don't you think just integrating the OpenNIC TLDs into the ICANN TLD system would solve this and all other problems, too? ;-)
<irony>
ok, you write to ICANN to propose including our tlds - maintained by us, as it is done currently.
</irony>
think of your solution for email a layer deeper: in DNS
your solution has a horse leg;
e.g. the so called transfer TLD is .opennic and this is just added as TLD to opennic TLDs
you have the E-mail address hugo AT boss.libre and want to get a S/MIME certificate for this
let me play the official CA for you; you send an E-mail to me e.g. master AT opennicca.net
guess which E-mail I would really receive:
From: hugo AT boss.libre.opennic
To: master AT opennicca.net
guess which S/MIME certificate you will get from me?
not one for hugo AT boss.libre, you will get one for hugo AT boss.libre.opennic
because it is only possible for me to validate hugo AT boss.libre.opennic
a good way for playing a little bit, but not a solution for the problem ...
Every other protocoll-breaking way of communication will be broken, too:
Should I put mailto:erich AT super.geek or mailto:erich AT super.geek.opennic onto my website?
it is not always good having a parallel universe ;-)
I agree, here. A parallel universe for email seems irreparable. OTOH, I consider email to be "free" - at least no one complained so far to me about any suspicious subjects I used (and I use them a lot).
Walter
regards,
Erich
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAl7RT5gACgkQCu7JB1Xa
e1plUQ//dNgeEMxg2V94zpDrpn7D4ljSkQAoPOcy/Plstqn6yAjwcHLHw6QuyHMM
O1tzuoOpZwjLyVJuyPm/cck9BmXLcDAOAajLE5iIPIrB5C4inVAtaRHVczJZ3aN2
aCaKSZcKI+S1dsNyT+WaXBGdEDkh00QM0Dhhk6Y74Zkn9B3yj5Hk0/aMA03dGxO0
+vLuRbGdNphkTxxlq1KNgBBMaFQIKI+FxIqFBJUV0/66VOSDCI1FouIVGLTLAXMm
gf7JgMjDgdb4V06WRDmGZ19aJsLvZHp7vxv4ZmSfVStyIgJ5VQgilQFdhmMdYbzS
uvBaMQ71jHi0Y2CjcCR31/cTXJN3fjohlhpI+kp3HJiPb1aMZYrd8WSeknq6Sbbx
2Em7mU1hwya3eRfQHGaEPtWNbD5LPtcV3/0sJUSAYwBASq5b0QbI81POFSoP0NKX
DO+rgWU85iwiXJyaN97ial6KvYv/jjiR+L8IgxaIy4f9IwMyThRPg98v0GIzisJ3
881RWzp93b51hTIpOQiE9BaChp1EeDlR/YDzwiOiGIhJgWtjLINI2YjwAOdXdQwk
y1xCxgoixLcX4HDqMv2+nelqmGs5KxUCka0fQ9+/bdwVORPdQKLiGK93oXO3ydez
1YbdbavxuJsYeHjMZS7f0HlDFlDaNGq64qAIxSMlSsiB0pzKgoE=
=M0xY
-----END PGP SIGNATURE-----
-
Re: [opennic-discuss] broken https on reg.libre
, (continued)
- Re: [opennic-discuss] broken https on reg.libre, Erich Eckner, 05/28/2020
- Re: [opennic-discuss] broken https on reg.libre, Walter H., 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Erich Eckner, 05/29/2020
- [opennic-discuss] missing RRtypes on reg.libre, Erich Eckner, 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Walter H., 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Erich Eckner, 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Walter H., 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Erich Eckner, 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Rouben, 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Walter H., 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Erich Eckner, 05/29/2020
- Re: [opennic-discuss] broken https on reg.libre, Walter H., 05/30/2020
- Re: [opennic-discuss] broken https on reg.libre, Erich Eckner, 05/30/2020
- Re: [opennic-discuss] broken https on reg.libre, Walter H., 05/31/2020
Archive powered by MHonArc 2.6.19.