IETF Logo Mail Archive

Re: [DNSOP] Asking TLD's to perform checks.

"Ralf Weber" <dns@fl1ger.de> Fri, 06 November 2015 07:46 UTC

Return-Path: <dns@fl1ger.de>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 311841B3685 for <dnsop@ietfa.amsl.com>; Thu, 5 Nov 2015 23:46:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9oJ22AZ3wISr for <dnsop@ietfa.amsl.com>; Thu, 5 Nov 2015 23:46:14 -0800 (PST)
Received: from smtp.guxx.net (nyx.guxx.net [85.10.208.173]) by ietfa.amsl.com (Postfix) with ESMTP id A1D031A82E2 for <dnsop@ietf.org>; Thu, 5 Nov 2015 23:46:14 -0800 (PST)
Received: by nyx.guxx.net (Postfix, from userid 107) id 4A6605F40640; Fri, 6 Nov 2015 08:46:13 +0100 (CET)
Received: from [64.89.232.145] (p57B9F004.dip0.t-ipconnect.de [87.185.240.4]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by nyx.guxx.net (Postfix) with ESMTPSA id ABD715F4036B; Fri, 6 Nov 2015 08:46:12 +0100 (CET)
From: Ralf Weber <dns@fl1ger.de>
To: Mark Andrews <marka@isc.org>
Date: Fri, 06 Nov 2015 08:46:10 +0100
Message-ID: <8D78B784-34D3-421E-B82C-52DD32E22B74@fl1ger.de>
In-Reply-To: <20151105235402.39FFC3BF2F29@rock.dv.isc.org>
References: <20151105235402.39FFC3BF2F29@rock.dv.isc.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Mailer: MailMate (1.9.3r5164)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnsop/fOnlvi9JFD-JZpQGTawn8URDDyI>
Cc: dnsop@ietf.org
Subject: Re: [DNSOP] Asking TLD's to perform checks.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2015 07:46:16 -0000

Moin!

This may be totally in appropriate 

On 6 Nov 2015, at 0:54, Mark Andrews wrote:
> 	I keep getting told the IETF can't tell people what to do
> 	but that is *exactly* what we do do when we issue a BCP.
> 	We tell people what best current practice is and ask them
> 	to follow it.
>
> 	Today we have TLDs that do perform all sorts of checks on
> 	servers they delegate zones to and some do inform the
> 	operators of those zones that they have errors.  Those
> 	checks cover in part tests described in
> 	draft-andrews-dns-no-response-issue.
Really TLDs doing repeated checks? I know some do when you 
register domains, but repeatedly? Examples?

> 	So do we adopt this or do we continue to lie to ourselves
> 	about what BCP actually do?
They recommend something. The problems is when your 
recommendations are interfering with business or policy aspects
which this draft clearly does:

"If repeated attempts to inform and get the customer to correct /
   replace the faulty server are unsuccessful the TLD operator shall
   remove all delegations to said server from the zone."

<cynic mode=on>
So you are telling TLD to spend money for checks that will decrease
there revenue. TLDs make money by registering domains. The don't make
money by running DNS, that is cost.
</cynic mode>

I know that a lot of TLDs go to great lengths running a good DNS
service and have sensible policies for there registrars to run a good
DNS service also, and the above comments are not for them, but some 
people only look at the money.

So long
-Ralf

v2.23.0 | Report a Bug | By Email