Re: [DNSOP] Re: AS112 for TLDs
Mark Andrews <Mark_Andrews@isc.org> Wed, 05 December 2007 19:01 UTC
Return-path: <dnsop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IzzVC-0006gu-Uq; Wed, 05 Dec 2007 14:01:46 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IzzVB-0006be-GN for dnsop@ietf.org; Wed, 05 Dec 2007 14:01:45 -0500
Received: from [2001:df8:0:16:216:6fff:fe46:b75d] (helo=drugs.dv.isc.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IzzVA-0007lj-RW for dnsop@ietf.org; Wed, 05 Dec 2007 14:01:45 -0500
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (8.14.1/8.14.1) with ESMTP id lB5J1hsq003015; Thu, 6 Dec 2007 06:01:43 +1100 (EST) (envelope-from marka@drugs.dv.isc.org)
Message-Id: <200712051901.lB5J1hsq003015@drugs.dv.isc.org>
To: Joe Baptista <baptista@publicroot.org>
From: Mark Andrews <Mark_Andrews@isc.org>
Subject: Re: [DNSOP] Re: AS112 for TLDs
In-reply-to: Your message of "Wed, 05 Dec 2007 13:41:25 CDT." <4756F0D5.6040902@publicroot.org>
Date: Thu, 06 Dec 2007 06:01:43 +1100
X-Spam-Score: -1.4 (-)
X-Scan-Signature: 9a2be21919e71dc6faef12b370c4ecf5
Cc: dnsop@ietf.org
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Errors-To: dnsop-bounces@ietf.org
> Mark Andrews wrote: > > > It's been done. IT DOES NOT WORK. named has code to prevent > > the records being added because IT DOES NOT WORK and we got > > sick and tired of telling people who ran up against sites > > that did it that IT DOES NOT WORK. It's better to prevent than > > to spend repeated amounts of time dealing with the repercussions. > > > Can't we make it work? I appreciate your honesty. But there are other > dns packages that do allow it. I'm looking for the flexibility to > extra-zone so i can manage root traffic in bind. Its obvious root get > bugus traffic - i advocate a traffic can to send those bogus tlds too. > I would love an AS112 stop sign. That also eliinate the legal liability > to me as a commercial operator of root. > > > > It's easy to remove the checks but then you need to make sure > > all clients will work with the resultant mess. > > > > > It already is a mess. has been for years. What we are doing is fixing > the mess using AS112. I know alot of root operators who would welcome > that friendly terminator for wayward traffic. But I need bind to > terminate *. NS. I feel sorry it does not. "*." NS will result in lookups for non-existant labels return NODATA rather than NXDOMAIN. This is a BAD change. Lots of sites depend upon NXDOMAIN being returned. The AS112 delegations return NXDOMAIN for almost all queries directed to them as they are the result of gethostbyname(). The times when they don't but those are when the client is searching for the containing zone and expect to get the other types of response. The queries to the root at a mixture of single and multi-label queries. All the single lable queries (unqualified hostname for example) will get a DIFFERENT rcode as a result of this change. This does not if the AS112 usage model. > > Wildcard is defined for intra-zone use. It is not defined > > for extra-zone use. > > > Lets define it. Just call it experimental. or something convenient. i > think its needed for root services. I am told it works under Dr. > Bernstein's named daemon. I still have not tested that myself. But > will eventually. I pray it is the case. Any root operator would > welcome a trash can for bogus traffic. > > and its christmas time. what a wonderful gift. > > regards > joe baptista > > -- > Joe Baptista www.publicroot.org > PublicRoot Consortium > ---------------------------------------------------------------- > The future of the Internet is Open, Transparent, Inclusive, > Representative & Accountable to the Internet community @large. > ---------------------------------------------------------------- > Office: +1 (202) 517-1593 > Fax: +1 (509) 479-0084 > > > --------------000503020107010809040908 > Content-Type: text/x-vcard; charset=utf-8; > name="baptista.vcf" > Content-Transfer-Encoding: 7bit > Content-Disposition: attachment; > filename="baptista.vcf" > > begin:vcard > fn:Joe Baptista > n:Baptista;Joe > org:PublicRoot Consortium > adr:;;963 Ford Street;Peterborough;Ontario;K9J 5V5 ;Canada > email;internet:baptista@publicroot.org > title:PublicRoot Representative > tel;fax:+1 (509) 479-0084 > tel;cell:+1 (416) 912-6551 > x-mozilla-html:FALSE > url:http://www.publicroot.org > version:2.1 > end:vcard > > > --------------000503020107010809040908 > Content-Type: text/plain; charset="us-ascii" > MIME-Version: 1.0 > Content-Transfer-Encoding: 7bit > Content-Disposition: inline > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www1.ietf.org/mailman/listinfo/dnsop > > --------------000503020107010809040908-- > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop
- [DNSOP] AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Phil Regnauld
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- L-Root address change [Re: [DNSOP] AS112 for TLDs] Peter Koch
- [DNSOP] Re: L-Root address change (Was: AS112 for… Stephane Bortzmeyer
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: [DNSOP] Re: L-Root address change (Was: AS112… Ralf Weber
- Re: L-Root address change [Re: [DNSOP] AS112 for … Matt Larson
- Re: L-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: L-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: B-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: L-Root address change [Re: [DNSOP] AS112 for … JINMEI Tatuya / 神明達哉
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: L-Root address change [Re: [DNSOP] AS112 for … John Crain
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Phil Regnauld
- Re: [DNSOP] AS112 for TLDs Brian Dickson
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Masataka Ohta
- Re: [DNSOP] AS112 for TLDs Elmar K. Bins
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- [DNSOP] Re: AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Mohsen Souissi
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Paul Vixie
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Edward Lewis
- Re: [DNSOP] Re: AS112 for TLDs Paul Vixie
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: L-Root address change (Was: AS112… Florian Weimer
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] Re: AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Sebastian Castro Avila
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Sebastian Castro
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Joe Abley
- Re: [DNSOP] AS112 for TLDs Paul Vixie
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Frederico A C Neves
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs John L. Crain
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Dean Anderson
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Jaap Akkerhuis
- Re: [DNSOP] AS112 for TLDs Dean Anderson
- Re: [DNSOP] AS112 for TLDs Peter Koch
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Paul Vixie
- Re: [DNSOP] AS112 for TLDs Warren Kumari