Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site brl-tgr.ARPA
Path: utzoo!linus!philabs!cmcl2!seismo!brl-tgr!tgr!netinfo%jade@ucb-vax.ARPA
From: netinfo%jade@ucb-vax.ARPA (Postmaster + BITINFO)
Newsgroups: net.mail.headers
Subject: Mail Domain Names: Host table vs. Nameservers
Message-ID: <2593@brl-tgr.ARPA>
Date: Wed, 30-Oct-85 05:18:22 EST
Article-I.D.: brl-tgr.2593
Posted: Wed Oct 30 05:18:22 1985
Date-Received: Fri, 1-Nov-85 01:50:19 EST
Sender: news@brl-tgr.ARPA
Lines: 192

In reply to:

	From @MIT-MC.ARPA:GEOFF@SRI-CSL.ARPA Tue Oct 29 00:06:43 1985
	Date: 28 Oct 1985 23:17-PST
	Sender: GEOFF@SRI-CSL.ARPA
	Subject: Re: Mail to UC Berkeley hosts
	From: the tty of Geoffrey S. Goodfellow 
	Cc: Header-People@MIT-MC.ARPA, MRC@SIMTEL20.ARPA
	Cc: Postmaster@UCBVAX
	Message-Id: <[SRI-CSL.ARPA]28-Oct-85 23:17:44.GEOFF>
	In-Reply-To: <8510282352.AA28981@ucbjade.Berkeley.Edu>

First of all. Let's stop the shouting match.  Shouting at me
(postmaster@ucbjade) is not going to solve anything.
I do not control the Internet gateway software at Berkeley,
"postmaster@ucbvax.Berkeley.EDU" does.

	netinfo@jade.berkeley.edu, that's dumb thinking.

Sorry, but what is dumb? Certainly not full domain names which the Internet
has been working towards for years. (Read the RFC's for more information.)

Unfortunately, sites in the DARPA research community are caught in the
middle. One side we are being told to use full domain names (which
by the way we have been using within the BERKELEY.EDU mail domain for
years while we have waited for the rest of the Internet to get their act
together.)  On the other hand, when UCBVAX switched to full domain names
names as mandated in RFC 920 and RFC 921, we found that even though RFC 921
was published in October 1984, software developers did not meet the scheduled
dates for implimentation of nameservers, and did not recognize the problems of
having part of the Internet using the nameservers and part using host tables.
Also sites have been slow in registering their new domain names.

The DARPA research community's shift to full mail domain names is based
on the following from RFC 921:

        15 Jul 85  Implementation of the Domain Naming System Completed

           The goal is to complete the switch over to the domain style names
           and the use of the servers by this date.  All programs that
           translate host name to Internet addresses should now use
           procedures based on the use of the domain style names system of
           resolvers and servers and the distributed data base.

        15 Sep 85  Decommission Host Table

           At this point the master host table maintained by the NIC need no
           longer be complete for the DARPA research community.  A full table
           of the DDN operational hosts will be maintained by the NIC.

        15 Oct 85  DDN Plan for Domains Name Service

           The DDN PMO may establish a plan for the future support of name to
           address translations in the DDN community.

Note the actions scheduled for 15 Jul 85 and 15 Sep 85. I interprete
the actions that were scheduled to apply to all Internet mail hosts,
not just the sites in the research community. For example, if the
research community hosts are deleted from the master host table, how
are other sites on the Internet going to know what they are unless
they use a nameserver?  My interpretation of the 15 Oct 85 was that
this refers to MILNET and other non-research sites changing their
names from @something.ARPA to @something.MIL, etc. Unfortunately,
some non-research sites interprete this to mean that they do not
have to switch over to using software that uses nameservers. Note
that the issue of switching to using nameservers is separate from
the issue of changing @something.ARPA to one of the new top domain
name addresses.

	do you honestly expect every single user on the Internet to know
	about your local routing hacks thru user%host@ucbvax.Berkeley.EDU
	or ...@Berkeley.EDU or ...Berkeley.ARPA??  Really!?

You must be a newcomer to the net, for years UC Berkeley has been using
the % hack and until recently, our "From:" line addresses had the format:
. One solution for Berkeley, MIT, Columbia,
and other sites having hosts in their mail domain is to go back to
using the % kludge address, but this solution is in conflict with
RFC 921 which call for a "complete the switch over to the domain style
names".  (See how the research sites are caught in the middle again.)

	heck, i couldn't even reply to your message because your
	...@jade.berkeley.edu host isn't registered in the NIC.  Foo!

Now for a legal issue. The 26 research hosts out of 300 plus hosts
at Berkeley that are registered are systems involved with ARPA grants
or other computer science research. Most of the users on these systems
are hopefully legal users of the US Defense Communications Agency Internet.
Most of the users on other systems at Berkeley are not. Host administrators
are suppose to restrict access to the USDCA Internet. How can we do that if we
register all hosts at Berkeley in the Internet host table? The answer is
(with current software) we can't.

Nameservers offer a method of registering hosts as mail only sites and
permit hosts which are in the local mail domain, but not on the physical
Internet, to be addressed. The host table restricts the mail domain to
hosts on the physical Internet.

Even with nameservers we have a problem.  At Berkeley, the Berkeley
Internet is interconnected with the UCSF Internet.  There are no "US
Government Business Only" restrictions between these nets. We want full
network services between these nets, but need to have mail only to
other "government" nets. So we can even put them in the nameserver
as mail only sites.  I do not think anyone has come up with a
solution to this problem yet.  In fact, the domain naming scheme does
not offer a solution for EDU sites.  How do you determine which hosts
we are to restrict access to. (Actual we do not want to restrict access
but the only guidance I have seen is the DDN directory which says to
restrict access.)  Perhaps that policy should be rewriten identifying
specific domains (eg. GOV, MIL) or specific nets (eg. MILNET).


	what do you think someone like Bob Kahn or some other money bags
	source on a MILNET host is going to do when he can't reply to
	messages originated by hosts like yours at UCB which isn't
	registed in the NIC's host tables (and doesn't know about your
	special address "hack")??

I am flustrated by not being to use an automatic reply feature too.

	Damn it, why don't you just register your hosts with the NIC and
	make it easy for yourself, your correspondents and the rest of
	the net??

See legal issue above. Of course I could ask the opposite question,
why don't you switch to software that uses a nameserver as mandated
by RFC 921? (No need to reply to that, I have already seen all the
answers to that earlier in this discussion.)

	i seem to be gaining increased appreciation every day for SMTP
	servers on hosts which *reject* incoming mail from hosts they
	doesn't know about.  SRI-CSL will join the ranks as soon as i
	field one question from a user on how do they reply to a message
	from one of your unknown hosts.

	-------

I think the Internet world needs to recognized that the Internet Mail
world extends beyond the physical Internet.

I think we can declare RFC 921 a failure and recognize that having
part of the Internet using not using full domain names and a host table
and the other half using full domain names and nameservers is not
going to work. So it looks like it is back to % sign address kludges and
"no progress" in the implimentation of distributed domain servers
and full domain names until the whole internet starts using name servers.

I think some practical ideas for how to test out the name server
software with out a "complete shift" to full domain names is in order.
Also a revision to RFC 921 is needed.

Bill Wells
postmaster%ucbjade@Berkeley.EDU

PS. For those of you who want to do more reading about domains,
is a list of references.

-----------

     RFC "Request for Comments" reports from the DDN Network Information
     Center, SRI International, Menlo Park, CA are available to Internet
     hosts by FTP from the ARPANET host SRI-NIC, and to CSNET members as
     either electronic messages or paper copies from the CSNET CIC
     .

     [1] RFC 822 "Standard for the Format of ARPA Internet Text Messages",
         David H. Crocker, August 13, 1982. (Replaces RFC 733.)

     [2] RFC 920 "Domain Requirements", J. Postel, J. Reynolds, October
         1984.  This memo restates and refines the requirements on
         establishing a Domain first described in RFC-881.  It adds
         considerable detail to that discussion, and introduces the limited
         set of top level domains.

     [3] RFC 921 "Domain Name System Implementation Schedule - Revised",
         Jon Postel, October 1984. (Updates RFC 897.)

     [4] RFC-881 "The Domain Names Plan and Schedule", J. Postel, November
         1983.

     [5] RFC 882 "Domain Names - Concepts and Facilities", P. Mockapetris,
         November 1983.

     [6] RFC 883 "Domain Names - Implementation and Specification", P.
         Mockapetris, November 1983.

     [7] RFC 733 "Standard for the Format of ARPA Network Text Messages",
         David H. Crocker, John J. Vittal, Kenneth T. Progran, D. Austin
         Henderson, Jr., 21 November 1977.

     [8] 921ISO, "Codes for the Representation of Names of Countries",
         ISO-3166, International Standards Organization, May 1981.