In message
<6(_dot_)2(_dot_)5(_dot_)6(_dot_)2(_dot_)20130522123025(_dot_)0b3efed0(_at_)resistor(_dot_)net>,
SM writes:
At 05:56 22-05-2013, Moriarty, Kathleen wrote:
providers. While tying this to contracts seems like a good idea,
that is out of our hands at the IETF. If we went down the path of
enforcement through contracts, I wouldn't view this as picking
fights, but rather a proactive service to 'help' customers. Having
said that, I think if we can improve the applications that
generate their DNS files, it would be more effective long
term. While some teams are technical enough to validate their own
DNS, others prefer more full service applications.
Maybe a review of existing applications would be helpful for the
community? I just see the following on Wikipedia:
http://en.wikipedia.org/wiki/Comparison_of_DNS_server_software
and
http://en.wikipedia.org/wiki/DNS_management_software
How about adding a column for compliance to RFCs? Or a description
that makes people
RFC 1035 is updated by 24 RFCs. There are a few errata which has
been filed. The topic says "standards complaint". Which standard(s)
does that refer to? I read "compliance to RFCs", which RFCs does the
implementation have to comply with?
RFC 1034 and RFC 1035 I've tried to capture the reason why I started
this thread in:
http://tools.ietf.org/html/draft-andrews-dns-no-response-issue-01
Basically nameservers are supposed to reply to queries directed at
them. RFC 1034 and RFC 1035 have enough error codes that you
should be able to reply to every query sent to them. You don't
have to return the data. You don't even have to understand the
query. You do have to respond.
So if the message is 12 octets or bigger and the QR bit is set to
1 you should be able to respond. RFC 1034 and RFC 1035 have a
response code for *every* possible message you receive.
It has been mentioned [1] on this mailing list that:
"But there was no energy to get the work done and the drafts languished
for months without any changes. It still seems a worthwhile project,
but there is no evidence that we have a population interested enough
to do the work."
If the IETF discusses about contracts the discussion will evolve into
turf wars (an acrimonious dispute between rival groups over territory
or a particular sphere of influence). The interesting point in the
message (quoted above) is about providing information so that people
can assess what's good or bad. In my opinion it's doable (note that
I am leaving out a few minor details :-)).
At 07:00 22-05-2013, John C Klensin wrote:
I wouldn't suggest trying to mandate anything top-down. If
nothing else, ICANN's track record for being able to enforce its
mandates is very poor (and that is arguably a good thing). On
:-)
the other, we talk a lot about reputations and the advantages of
end sites being able to base policies on them. If whatever the
actual restrictions that, according to Stephane, forbid TLDs
from imposing "we require you to have a competent nameserver and
will test" were removed then, especially with the coming huge
increase in TLDs, it would make it possible for registries to
compete on the degree to which they wanted to offer assurances
of quality DNS servers and services in subsidiary zones.
Yes. I gather that domain name are registered to advertise services
and that these services rely on working nameservers.
I was reading the following [2] (the reader is cautioned against
drawing hasty conclusions):
"AFNIC (The sole registrar of .fr domains) does not follow the
ICANN policies
for name server queries."
Here's a gem:
"Other registrars are fully able to query our name servers on TCP port 43
(the ICANN required port)."
Nameservers hosting Icelandic domains (.IS domains) must comply with
requirements [3].
More reading [4]:
"The .DE registry has certain requirements for nameservers that
can be applied
to .DE domains. Some of those requirements are that the
nameserver IP addresses
must be in separate class C networks, and that the nameserver
must provide SOA."
For .NL domains, the nameservers must comply with the registry
requirements [5].
People put more effort and money in trademarking strings than making
the strings work.
Regards,
-sm
1. http://www.ietf.org/mail-archive/web/ietf/current/msg79409.html
2. https://my.bluehost.com/cgi/help/536
3. http://www.isnic.is/en/host/req
4. http://www.namecheap.com/support/knowledgebase/article.aspx/294/
5. http://www.opensrs.com/docs/opensrsrwi/nl_dns_requirements.htm
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka(_at_)isc(_dot_)org