Stephane Bortzmeyer wrote:
The ICANN Anti-Phishing Working Group has put forward a set of best
practice recommendations for ICANN registrars, currently a draft:
http://gnso.icann.org/mailing-lists/archives/registrars/msg05187.html
One item is of relevance to us. They state:
Name servers should be specified as both FQDN *and* as IP addresses;
do not allow FQDN's alone.
[The rationale is to detect and limit Fast Flux.]
I thought that there was a wide agreement in the TLD community that it
was bad practice to keep IP addresses of name servers, except when it
was necessary for the glue?
The document is not clear. The text to which you refer appears in a
section on data validation, where the measures enumerated are only for
the purpose of detecting "suspicious" domain registrations. But, the
subsections directly underneath that text read:
"(i) This can reduce the use of fast flux name servers
(ii) Tying FQDN to specific IP's will ensure illegitimate domains can
not [sic] be associated with botnets [lack of punctuation here leads to
syntactic ambiguity - kcd] ensuring the timely removal of illegitimate
content"
both of which contemplate some sort of "tying" between names and
addresses which is not clearly spelled out in the document. (Glue? Not
glue?)
I reserve judgment until the document is clarified.
- Kevin
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
