Re: [DNSOP] Asking TLD's to perform checks.

["Ralf Weber" <dns@fl1ger.de>]

Moin!

On 6 Nov 2015, at 21:17, Mark Andrews wrote:

> In message <8D78B784-34D3-421E-B82C-52DD32E22B74@fl1ger.de>, "Ralf 
> Weber" write
> s:
>> Really TLDs doing repeated checks? I know some do when you
>> register domains, but repeatedly? Examples?
>
> Yes.  Daily checks of all delegated server.  I don't believe they are
> currently reporting the discovered faults.
>
> 	http://bamus.switch.ch/edns/summary.html
Cool, but unless they inform someone it won't help improve anything.
Others do and it's good to see some people on the authoritative side
doing something about it. IMHO it's still a drop in the ocean.

>> <cynic mode=on>
>> So you are telling TLD to spend money for checks that will decrease
>> there revenue. TLDs make money by registering domains. The don't make
>> money by running DNS, that is cost.
>> </cynic mode>
>
> If they don't run the DNS they don't get to take in the money.
Ever heard of negative registration or the .sucks domain....

[lots of DNS operational failure modes deleted]
> The operational problems that result from these behaviours should be
> obvious to everyone on this list.
>
> There are lots of other incorrect responses that cause operational
> problems.
I agree with you on both points, but that doesn't help to get these
wrong behaviours fixed. After working decades on operating recursive
servers I have lost hope that we will get these behaviours fixed.

Whenever such a thing occurs no customer gave a damn about the wrong
configuration of the authority, they all wanted the domain to resolve.
That is the reason why advancing new technologies in the DNS is so
difficult (impossible ;-).

Honestly I'd rather direct my energy to helping the end user with
DNS than fixing all the DNS misconfigurations on the internet, but
maybe this is because I'm getting old and have chased windmills
long enough ;-).

So long
-Ralf