Re: [DNSOP] Asking TLD's to perform checks.

"Ralf Weber" <> Fri, 06 November 2015 07:46 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 311841B3685 for <>; Thu, 5 Nov 2015 23:46:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9oJ22AZ3wISr for <>; Thu, 5 Nov 2015 23:46:14 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id A1D031A82E2 for <>; Thu, 5 Nov 2015 23:46:14 -0800 (PST)
Received: by (Postfix, from userid 107) id 4A6605F40640; Fri, 6 Nov 2015 08:46:13 +0100 (CET)
Received: from [] ( []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id ABD715F4036B; Fri, 6 Nov 2015 08:46:12 +0100 (CET)
From: Ralf Weber <>
To: Mark Andrews <>
Date: Fri, 06 Nov 2015 08:46:10 +0100
Message-ID: <>
In-Reply-To: <>
References: <>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Mailer: MailMate (1.9.3r5164)
Archived-At: <>
Subject: Re: [DNSOP] Asking TLD's to perform checks.
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Nov 2015 07:46:16 -0000


This may be totally in appropriate 

On 6 Nov 2015, at 0:54, Mark Andrews wrote:
> 	I keep getting told the IETF can't tell people what to do
> 	but that is *exactly* what we do do when we issue a BCP.
> 	We tell people what best current practice is and ask them
> 	to follow it.
> 	Today we have TLDs that do perform all sorts of checks on
> 	servers they delegate zones to and some do inform the
> 	operators of those zones that they have errors.  Those
> 	checks cover in part tests described in
> 	draft-andrews-dns-no-response-issue.
Really TLDs doing repeated checks? I know some do when you 
register domains, but repeatedly? Examples?

> 	So do we adopt this or do we continue to lie to ourselves
> 	about what BCP actually do?
They recommend something. The problems is when your 
recommendations are interfering with business or policy aspects
which this draft clearly does:

"If repeated attempts to inform and get the customer to correct /
   replace the faulty server are unsuccessful the TLD operator shall
   remove all delegations to said server from the zone."

<cynic mode=on>
So you are telling TLD to spend money for checks that will decrease
there revenue. TLDs make money by registering domains. The don't make
money by running DNS, that is cost.
</cynic mode>

I know that a lot of TLDs go to great lengths running a good DNS
service and have sensible policies for there registrars to run a good
DNS service also, and the above comments are not for them, but some 
people only look at the money.

So long