North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Interesting new dns failures
On May 24, 2007, at 10:45 PM, John Levine wrote: I ask you: What would you suggest? It's quite hard to craft technical solutions to policy failures. Agreed, but adding a preview process doesn't cost much and would help establish stability. There are millions of domains churning every day. Just keeping track of which domains are new is costly. Once it becomes common place for providers to withhold DNS information of new domains, does it really make sense to permit domain records to change frequently and within milliseconds after some holding period? While provisions should be established for granting exceptions, requiring a 12 hour zone preview before going "live" should lead to significant reductions in the amount of criminal activity depending upon this insane agility that thwarts tracking and takedowns. Allow security entities time to correlate upcoming domain changes, and this swamp will drain rapidly. -Doug
|