Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
Florian Streibelt wrote: # dig +short txt berlin ;; Truncated, retrying in TCP mode. The .berlin-zone is protected through the German Copyright-Law. Beyond it is protected by criminal law and data protection law. Unauthorised entry to the zone is prohibited. All rights, in particular the right of duplication, circulation or usage, belong exclusively to nic.berlin, unless you have an explicit written agreement with nic.berlin. As the backend operator for .berlin, we have now removed the respective record from our zone generation logic. As far as I understand, the original intent of the record was to attach a legal notice to the zone that survives a zone transfer, and - as far as i know - the intent was also that this disclaimer would only apply to the zone as a whole. A similar record has been in use under .at for ages, and never caused any technical nor administrative issues. thanks, Alex Mayrhofer ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
Em 13/01/2014, à(s) 12:52:000, Alexander Mayrhofer alexander.mayrho...@nic.at escreveu: Florian Streibelt wrote: # dig +short txt berlin ;; Truncated, retrying in TCP mode. The .berlin-zone is protected through the German Copyright-Law. Beyond it is protected by criminal law and data protection law. Unauthorised entry to the zone is prohibited. All rights, in particular the right of duplication, circulation or usage, belong exclusively to nic.berlin, unless you have an explicit written agreement with nic.berlin. As the backend operator for .berlin, we have now removed the respective record from our zone generation logic. As far as I understand, the original intent of the record was to attach a legal notice to the zone that survives a zone transfer, and - as far as i know - the intent was also that this disclaimer would only apply to the zone as a whole. A similar record has been in use under .at for ages, and never caused any technical nor administrative issues. There's also been a dot less A record for .dk for ages, but even then ICANN prohibited those on gTLDs and IAB considered them harmful. Rubens ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] DNS namespace collisions and controlled interruption
On Fri, Jan 10, 2014 at 03:56:56PM +, Jeff Schmidt jschm...@jasadvisors.com wrote a message of 184 lines which said: I'm not sure I understand this thinking precisely - if Joe Employee has a problem accessing Acme's resources (the bookmarked web page) isn't he likely to seek support from Acme? No, he will probably say oh, s..t, I'm not in the office, that's why it fails and will do something else (start the VPN?) As you know, users don't report the real problems. 2). Importantly, his traffic will have never left his host, so it almost certainly won't be exposed to sniffing at the open coffee shop wifi or his compromised home router. True, but it is not what I said. You asked several questions about your proposal and I was only replying to the one I quoted, Will serving localhost IPs cause the kind of visibility required to inspire action? What you say here is different, it is that it will protect Joe. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
On Sat, Jan 11, 2014 at 06:32:00PM +0100, Peter Koch p...@denic.de wrote a message of 21 lines which said: Take a breath - or let the compliance jihad begin: These ICANN rules (against dotless domains) are meaningless and ridiculous, anyway. I agree that such a TXT or TYPE65534 does no harm and should not be forbidden. If it is, it means the law is wrong (Dickens?) ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
On Sat, Jan 11, 2014 at 09:41:51PM +0100, Jaap Akkerhuis j...@nlnetlabs.nl wrote a message of 18 lines which said: I vaguelt remember that the AFNIC.fr people also noticed these popping up in some cases. https://www.dns-oarc.net/files/workshop-201103/DNSSEC_Key_Deletion_Issue-Vincent_Levigneron-afnic.pdf ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
On Mon, Jan 13, 2014 at 01:16:43PM -0200, Rubens Kuhl rube...@nic.br wrote a message of 43 lines which said: There's also been a dot less A record for .dk for ages, Many TLD have a A at the apex. .dk is the only one with a at the apex :-) See RFC 7085 ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
On Mon, Jan 13, 2014 at 10:54 AM, Stephane Bortzmeyer bortzme...@nic.fr wrote: On Sat, Jan 11, 2014 at 06:32:00PM +0100, Peter Koch p...@denic.de wrote a message of 21 lines which said: Take a breath - or let the compliance jihad begin: These ICANN rules (against dotless domains) are meaningless and ridiculous, anyway. I agree that such a TXT or TYPE65534 does no harm and should not be forbidden. If it is, it means the law is wrong (Dickens?) Perhaps -- but them's the laws (in *this* context). ccTLDs are not constrained by these, new gTLDs are -- they signed a contract. If you believe the laws are wrong (as many do!), come help change them. I personally think that many of the USA laws are wrong, but seeing as I don't (usefully) participate in the political process I've lost the right to kvetch... W And yes, they are not laws, they are contracty bits, and participating is hard / icky, but... _ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
On Jan 13, 2014, at 6:52 AM, Alexander Mayrhofer alexander.mayrho...@nic.at wrote: As the backend operator for .berlin, we have now removed the respective record from our zone generation logic. Cool, thanks. As far as I understand, the original intent of the record was to attach a legal notice to the zone that survives a zone transfer, and - as far as i know - the intent was also that this disclaimer would only apply to the zone as a whole. Interesting logic. You should bring this up with ICANN, given that you earlier agreed to not put any such records in your zone, but it sounds like you have a believable business case to want something there. A similar record has been in use under .at for ages, and never caused any technical nor administrative issues. ccTLDs cannot have administrative issues because politics. --Paul Hoffman ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] bind-9.9.4-P1 crash
FYI: https://kb.isc.org/article/AA-01078 On Dec 17, 2013, at 9:00 PM, Jared Mauch ja...@puck.nether.net wrote: Anyone seen this crash:? I’m hitting it fairly often right now and trying to poke at the code for triage: ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
On Mon, Jan 13, 2014 at 02:52:47PM +, Alexander Mayrhofer wrote: A similar record has been in use under .at for ages, and never caused any technical nor administrative issues. Without addressing the issues around text records and claims of copyright, I'm curious about one other thing - why is the record in English? The nic.at website isn't (at least, not by default), and I would expect the record to be likewise. Bill. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
In message 19f54f2956911544a32543b8a9bde0750a42c...@nics-exch2.sbg.nic.at, Al exander Mayrhofer writes: Florian Streibelt wrote: # dig +short txt berlin ;; Truncated, retrying in TCP mode. The .berlin-zone is protected through the German Copyright-Law. Beyond it is protected by criminal law and data protection law. Unauthorised entry to the zone is prohibited. All rights, in particular the right of duplicati on, circulation or usage, belong exclusively to nic.berlin, unless you have an explicit written agreement with nic.berlin. As the backend operator for .berlin, we have now removed the respective recor d from our zone generation logic. As far as I understand, the original intent of the record was to attach a legal notice to the zone that survives a zone transfer, and - as far as i know - the intent was also that this disclaimer w ould only apply to the zone as a whole. A similar record has been in use unde r .at for ages, and never caused any technical nor administrative issues. That you have been made aware of. Entering anything at a zone apex of a tld is effectively introducing unqualified data into the system. No, the period at the end does not qualify the name given how search algorithms in stub resolvers work. This would be less if a issue if searches stopped on no data responses but they don't. Note entering anything that is found by adding a automatic prefix to a tld which is found as the result of the resolver searching is also effectively unqualified data. e.g. _http._tcp.berlin SRV would be just as bad a berlin A or berlin (assuming that _http._tcp is the eventual SRV prefix for http) as it would be found by entering berlin and searching. However entering _whois._tcp.berlin would not be as whois arguments are absolute by default. thanks, Alex Mayrhofer ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
These ICANN rules (against dotless domains) are meaningless and ridiculous, anyway. not at all. they serve to remind us of icann's relevance. randy pgpy8iUxci4Km.pgp Description: PGP signature ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
On 13 jan 2014, at 16:54, Stephane Bortzmeyer bortzme...@nic.fr wrote: These ICANN rules (against dotless domains) are meaningless and ridiculous, anyway. I agree that such a TXT or TYPE65534 does no harm and should not be forbidden. If it is, it means the law is wrong (Dickens?) Possible, but there is a difference, as you point out implicitly, between whether TXT or whatever might create problems or not and the question whether the rules of ICANN is violated. Lets keep the two issues separated from each other. Patrik signature.asc Description: Message signed with OpenPGP using GPGMail ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] Is it illegal to query the .berlin TLD servers?
If you believe the laws are wrong (as many do!), come help change them. i know this will come as a shock, warren. but some people do not see bashing their heads against concrete walls as a good use of their time. randy pgprHfxoA80bE.pgp Description: PGP signature ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
