[dns-operations] conspiracy theories?
Olivier Guillard / AFNIC
Olivier.Guillard at nic.fr
Tue Apr 22 08:57:15 UTC 2008
Hi Ed and all,
IMHO 1: as rightly pointed by Kim Davies, many TLDs have already
expressed at many occasion the view that this was not the
job of anyone to tell a TLD operators how to configure
"their" zone ;
IMHO 2: tests performed before that changes are introduced in the
root zone is a process that everybody understands and that
is not questionned by anyone as far as I know : one could
say that this is not perfect, another that this is a hudge
effort to accept, another that this is better than nothing,
another one that ... take your pick.
Are the tests implemented the right ones is another question,
as pointed by Jaap, IANA has widely consulted on this issue.
IMHO 3: this is a collective problem when a branch is broken, since
the whole DNS tree is weaker in that situation: we are all
sharing the same ressource (have a look in your zones).
There are initiatives to monitor TLD, I know for example about these:
http://dnsmon.ripe.net/dns-servmon/about.html
http://www.generic-nic.net/dyn/mon/
May be there are others.
IMHO 4 : we share the opinion that "it is very hard to determine the
rationale behind any situation from just looking at
what is in DNS". That's why an error spotted by a specific
monitoring is not irrespectfull to the professionalism of
anyone : this is just an "indication", it reports about a
"perception from somewhere" (that can always be discussed
BTW).
IMHO 4bis : these monitoring portails have no "legitimacy", they are
only "informative". They are not irrespectfull (BTW many
factors could cause error reports such as a connectivity
failure for example). There are simply and just of interest
to the community, the more such informative spots would be
installed on the net, the more access points of monitoring
would be available to confirm or infirm analysis, the less
risk of genetic degeneration. They would just be usefull.
Best regards,
---
Olivier
le mardi 22 avril à 00 H 03 , Edward Lewis a ecrit :
> At 9:39 +0900 4/22/08, T.Suzuki wrote:
> >For example, AC,IO,SH,TM were in dangerous state for several years.
>
> >Then, IANA should have known it in Aug 2005.
> >Finally, the mistake was corrected in May 2007.
> >
> >Is this a conspiracy ?
>
> Perhaps IANA "should have known" about it, but if so, what does IANA do?
>
> Do you think IANA should be the caretaker, an overseer, an enforcer
> of a code of operations? Or is IANA's role to be a neutral, central
> registry that levies no requirements on the participants?
>
> When I notice an inconsistency, my first contact is to the technical
> contact for the child, then the administrative contact, then a report
> to IANA if nothing is fixed along the way. I don't go to a public
> list while doing this, for a few reasons.
>
> One reason is to respect the professionalism of the organization
> involved. The second, and probably more important, it is very hard
> to determine the rationale behind any situation from just looking at
> what is in DNS. Increasingly, before drawing any conclusions about
> "breakage" you need to have confirmation from someone who has a
> password to the box in question.
>
> Any changes to a TLD's delegation (speaking to root zone management)
> has to be initiated by the TLD. When we have migrated a zone from
> one set of servers to another, we do so by changing the apex,
> watching the change, and then submitting to IANA. The wrong thing
> for IANA would be to see our NS change and then alter the root zone -
> because what if we want to roll back?
>
> I learned when working for the US Federal Government in the 80's-90's
> that the closer you are to the central base of information (such as
> the root zone), the less proactive you should be. Small changes at
> such a position ripple into big waves at the far edges.
>
> And remember the Internet motto - innovate at the fringes!
>
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis +1-571-434-5468
> NeuStar
>
> Never confuse activity with progress. Activity pays more.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations
--
Olivier
More information about the dns-operations
mailing list