North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Internic hosage (fwd)

  • From: Dean Robb
  • Date: Fri Mar 20 22:10:56 1998

At 15:21 3/19/98 -0500, Eric Eden wrote:
>You're right, that's an interesting question.  However, 
>validating the requests to create hosts within ISO 3166 
>domain names is a difficult issue.  Each ISO 3166 registry 
>has different registration look-up systems and we have 
>little or no information to gain authentication for 
>creation or updates to these hosts.   
>How would you recommend that we interface with the 240 
>ISO 3166 registries around the world to authenticate 
>these requests in a cost effective manner?  I don't
>think ns lookup queries do not provide a robust solution - 
>specifically with authentication.
>I agree with your point.  We haven't been able to define 
>a workable solution for this problem.  We welcome any 
>input you have.

The easiest thing in the world; already proposed weeks ago (now months ago)
for WhoIs in general [using the specified problem as example]:

1.  Users spot errors (Dal saw that the IPs for were wrong).

2.  Users send an email to InterNIC regarding errors, including methodology
and other resources used to discover that the info was erroneous.

3.  InterNIC verifies information provided in email (look at WhoIs, verify
that the methodology was sound, etc.)

4.  If the information is clearly a lie (such as a phone number of
555-1212), InterNIC deletes the domain (as provided in para L of the
Registration Agreement).  If the information might be an error (transposed
numbers in IP), InterNIC sends an email (again, as provided in the
Registration Agreement) requesting clarification.

4a.  If the domain does not reply with the 30 days mentioned in the
Registration Agreement, or if the email bounces, the domain is deleted.

5.  Problem solved, database corrected, slimeball taken down.

5a.  In the event of an erroneous deletion, the domain is simply reinstated.

5b.  If the slimeball liar wants to re-register, he/she/it pays another $100.

A simple, cost-effective solution to the problem.  No new hardware needed.
No new software needed.  POSSIBLY a single employee needed (although since
the problem is self-diminishing, using an existing employee would probably
work fine).  According to the July 97 IPO filing with the SEC, NSI earned a
net profit of $391,688 Jan-Mar 97 from domain registrations, so there's no
cost barrier to the solution.

Now...why can't this be done? 

Spam:  it's not just for breakfast anymore....

Dean Robb
On-site computer services
(757) 495-EASY [3279]