Re: [provreg] domain's ds is affected by domain's ns ?
Klaus Malorny <Klaus.Malorny@knipp.de> Fri, 10 January 2014 08:51 UTC
Return-Path: <Klaus.Malorny@knipp.de>
X-Original-To: provreg@ietfa.amsl.com
Delivered-To: provreg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB2801AE06A for <provreg@ietfa.amsl.com>; Fri, 10 Jan 2014 00:51:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.788
X-Spam-Level:
X-Spam-Status: No, score=-2.788 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q-hjt0ndaZ8G for <provreg@ietfa.amsl.com>; Fri, 10 Jan 2014 00:51:11 -0800 (PST)
Received: from kmx10a.knipp.de (clust3c.bbone.knipp.de [195.253.6.130]) by ietfa.amsl.com (Postfix) with ESMTP id BA68F1A9313 for <provreg@ietf.org>; Fri, 10 Jan 2014 00:51:11 -0800 (PST)
Received: from localhost (localhost.bbone.knipp.de [127.0.0.1]) by kmx10a.knipp.de (Postfix) with ESMTP id A928749; Fri, 10 Jan 2014 09:51:00 +0100 (MEZ)
X-Knipp-VirusScanned: Yes
Received: from kmx10a.knipp.de ([127.0.0.1]) by localhost (kmx10a.knipp.de [127.0.0.1]) (amavisd-new, port 10004) with ESMTP id GT70OIRz6s5u; Fri, 10 Jan 2014 09:50:53 +0100 (MEZ)
Received: from hp9000.do.knipp.de (hp9000.do.knipp.de [195.253.2.54]) by kmx10a.knipp.de (Postfix) with ESMTP id 0600A43; Fri, 10 Jan 2014 09:50:53 +0100 (MEZ)
Received: from [195.253.2.27] (mclane.do.knipp.de [195.253.2.27]) by hp9000.do.knipp.de (@(#)Sendmail version 8.13.3 - Revision 1.000 - 1st August,2006/8.13.3) with ESMTP id s0A8oq3D022490; Fri, 10 Jan 2014 09:50:52 +0100 (MEZ)
Message-ID: <52CFB46C.2060500@knipp.de>
Date: Fri, 10 Jan 2014 09:50:52 +0100
From: Klaus Malorny <Klaus.Malorny@knipp.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:29.0) Gecko/20100101 Thunderbird/29.0a1
MIME-Version: 1.0
To: provreg@ietf.org
References: <20140110103627468294122@cnnic.cn>
In-Reply-To: <20140110103627468294122@cnnic.cn>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [provreg] domain's ds is affected by domain's ns ?
X-BeenThere: provreg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: EPP discussion list <provreg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/provreg>, <mailto:provreg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/provreg/>
List-Post: <mailto:provreg@ietf.org>
List-Help: <mailto:provreg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/provreg>, <mailto:provreg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jan 2014 08:51:13 -0000
On 10.01.2014 03:36, 齐超 wrote: > Hello, > > There is a question about the relationship between domain's ns and DS. > > In RFC 5910, domain's DS can be created with domain and its ns. But in epp, > domain-ns and ds may be operated(added/updated/removed) by different commands > (RFC5910\RFC5731). > > So my questions are: > > 1、registrar can create a domain and its DS without NS ? > > 2、when registrar rem the last ns in <domain:update>, if the domain already > has DS, will epp server return a failed response and suggest registrar delete > the domain's DS at first ? > > Is there any rules or good practice ? > > Please give some advice. Thanks a lot. > > > Best Regards. > Hi 齐超, I would clearly distinguish between the data management (via EPP) and the zone publishing. With the first, there are no real dependencies between the name servers and the DS data -- they are simply properties of the domain. Otherwise you would not only run into problems in the described case, but also if the domain is put on client or server hold. It only makes everything more complicated -- both for the registry and the registrar -- with no real benefit. Instead, it is much easier to put the logic in the zone generation that the DS records are published if and only if there is at least one NS record to publish, which in turn depends on whether any name servers are defined and the domain shall actually be published as such in respect to the hold states and redemption period. Similarly, you probably will publish glue records for in-zone hosts of the domain under similar conditions (which is, by the way, far more complicated due to cascading effects). So we do not have such dependencies in our own registry software, and I am not aware of any other that has them. Regards, Klaus