|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: AW: Odd policy question.
On Sat, Jan 14, 2006 at 04:44:02PM -0500, Jeffrey I. Schiller wrote: ... > As an engineer, I believe we would need a protocol that would permit > someone to query an IP address to ask what DNS domains it may be an NS > for. A simple client server response protocol. Lack of a response would > mean "all are welcome here." Sort of the analogue of "robots.txt" for > webservers. Then if you wanted to disclaim a domain, you setup a server > and notify the registrar of the offending domain. > > Now as a practical matter, I don't see this happening any time soon. > This is simply because this is a lot of mechanism for a problem that I > doubt many people have. ... On Sat, Jan 14, 2006 at 05:06:20PM -0500, Jeffrey I. Schiller wrote: ... > Foolish me. Indeed all that is required is a way to detect that the > delegation is lame (hopefully in a secure fashion) and remove the lame > delegations. Of course that does leave the problem of what to do if all > of the delegations are lame, as Randy has alluded to. ... If the intent of the first is to ask, for what zones are you authoritative, with the return being a complete list, then: (a) for many servers this would be a very long list, which may even require TCP/53, which will break some who don't yet accept TCP/53 for queries, which may be seen in the long run as a GOOD thing but in the short run causes problems; and (b) ISTM that a number of people don't WANT to announce every domain that they may be hosting, which is their right, and which may be why there is no such query to date. If the intent of the first is to ask, here is a zone, are you authoritative for it? then just do the query. If it is up and authoritative, it will reply and say so. If it is up and not authoritative, it will either reply and say so, or not reply, depending on its configuration. If it is down, you need to try another server anyway. [Begs the question of what the DNS police do, but ...] The second is a long-acknowledged problem more or less equivalent to the immediately above. -- Joe Yao ----------------------------------------------------------------------- This message is not an official statement of OSIS Center policies.
|