On Wed, 12 Sep 2012, Joe Abley wrote: > [...] > Your central complaint seems to be that delegations exist which are > broken, intentionally or otherwise.
Yes. > It's not clear who you're > complaining about, though, or why you care. > > There is positive pressure to fix errors in the DNS if they matter. If > defective delegations are hurting a registry, the registry can push for > a policy change which permits them to remove the delegations. If > registrants feel pain because people can't resolve their names, no doubt > they will arrange for the brokenness to be fixed. I'll take that as your definition of "positive pressure". > [lemma 1] If something in the DNS is broken and nobody cares, you can > expect it not to be fixed. > > [...] [lemma 2] Bits that people don't care about can remain broken, > because nobody cares. > > Note that none of this has anything to do with EPP. Technically, narrowly: you are correct. It really isn't about EPP. Corollary from lemma 1: It's about people (primarily working for registrars, as I understand it) trying to solve a problem with orphan/zombie (call them whatever you wish) glue records (nameserver records published above the zone cut). They want to solve this problem, and they've crafted a solution. This is where we get the use case (which started this thread) about restrictions on the nameservers which people are allowed to register for their domains. Their solution causes a problem for their customers, and their customers too have found a solution: register (what is implemented as) garbage. As long as it meets the rules imposed on them from above at "interface value" it's good enough. Following from lemma 2: Large parts of the (RFC) requirements for what an authoritative nameserver is supposed to do/provide are effectively optional if all you're interested in is mapping an FQDN to an address or having it not map at all. The problem that I see is that as minimally as organizations which are in particular defensively registering domains care, somebody in the organization is likely to ask "is the DNS for X ok?" meaning not hijacked or doing something that they don't want done. The person asking this question is not someone reading this list and probably has a different definition of "ok" than many of us; and by the time the question gets put to us, the querant's definition of "ok" is lost (particularly what they want or don't want done). Also following from lemmas 1 and 2: The registries could obviate the need for most of this charade by allowing CNAMEs above the zone cut. But they don't. -- Fred Morris, internet plumber _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
