Re: [DNSOP] unrelated name server name recommendation
Peter Thomassen <peter@desec.io> Mon, 04 March 2024 19:20 UTC
Return-Path: <peter@desec.io>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31703C17C8B6; Mon, 4 Mar 2024 11:20:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.906
X-Spam-Level:
X-Spam-Status: No, score=-6.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=a4a.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pX1fWnONiRAp; Mon, 4 Mar 2024 11:20:12 -0800 (PST)
Received: from mail.a4a.de (mail.a4a.de [IPv6:2a01:4f8:10a:1d5c:8000::8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9A40C14F749; Mon, 4 Mar 2024 11:20:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=a4a.de; s=20170825; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From: References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=8tHXWNzhVXLfw6Z9nErHsKgZ0Ppk7FvPFbF4XMiXcnc=; b=gykxTtoHI+afrkGYPgneABWkyR gGsztLsYAXj+O3z1O1uT5d2KL5siF2zrtImR4gp+ERPh4aj8S0mk/uGpAbabqF+BU1h9W9Ij3iZ9M Zor5wk2/QD8PrYIJtUcOHncwPJoh1tcy0pbjG51jp6EQm5bS39nXyd4YmpUbnSh0fykGjmOQM9uQQ 6CA/haJtvtsOqeG+aS1jQirNFfKl5XVYfUzn43tUOPzmE6PIm0pJ/QSfCKZjjW/oUxu4hzRurNsbE ZOanXWlbClob1QA7VtWkksYKqfMnUDDMNQ9MKu1D9J0N7xcM9qbAMzZsMTwluU4Ry6LGun0YLfpWC qZSDJNGA==;
Received: from [2620:f:8000:210:4ea7:95f0:768b:d241] by mail.a4a.de with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from <peter@desec.io>) id 1rhDr5-004Rjy-FL; Mon, 04 Mar 2024 20:20:07 +0100
Message-ID: <3c4e2ac6-a4e4-42fd-801c-c43fef45069a@desec.io>
Date: Mon, 04 Mar 2024 15:20:03 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: Paul Wouters <paul@nohats.ca>, Paul Vixie <paul=40redbarn.org@dmarc.ietf.org>
Cc: dnsop@ietf.org
References: <978e2792-1cdf-b33e-532f-83356a5f1ff2@redbarn.org> <BE280DCA-104F-49AB-B28E-9C703E65E213@nohats.ca>
From: Peter Thomassen <peter@desec.io>
In-Reply-To: <BE280DCA-104F-49AB-B28E-9C703E65E213@nohats.ca>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/CDgZuxIX9Rk6FlBPQMefclZsF5U>
Subject: Re: [DNSOP] unrelated name server name recommendation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Mar 2024 19:20:16 -0000
On 3/4/24 15:14, Paul Wouters wrote: > It means every registrant, who doesn’t know about DNS, has to create host objects for glue and whenever the ISP changes nameserver names (eg gets bought, sold or merges), or IP address, the ISP has to talk to the registrant to fix things at their registry. I can promise you those in-domain name servers will quickly become very unreliable. For reference, Viktor's analysis from last year, on glue in .org: https://mailarchive.ietf.org/arch/msg/dnsop/EBT2_wg8XJkArA1boRX7GNSKdKw/ The analysis is focuses on sibling glue, not only in-domain, but my main takeaway is that 75% of them are stale. Peter -- https://desec.io/
- [DNSOP] unrelated name server name recommendation Kazunori Fujiwara
- Re: [DNSOP] unrelated name server name recommenda… Ben Schwartz
- Re: [DNSOP] unrelated name server name recommenda… Paul Vixie
- Re: [DNSOP] unrelated name server name recommenda… Paul Wouters
- Re: [DNSOP] unrelated name server name recommenda… Peter Thomassen
- Re: [DNSOP] unrelated name server name recommenda… Wessels, Duane
- Re: [DNSOP] unrelated name server name recommenda… Jim Reid
- Re: [DNSOP] unrelated name server name recommenda… Shumon Huque
- Re: [DNSOP] unrelated name server name recommenda… Kazunori Fujiwara
- Re: [DNSOP] unrelated name server name recommenda… Paul Vixie