[dns-operations] Delegation checking (was: Re: Some DNSSEC trivia)

Michael Monnerie michael.monnerie at it-management.at
Thu Jan 10 02:51:04 UTC 2008

On Mittwoch, 9. Januar 2008 Patrik Fältström wrote:
> But, back to what I have found the harder question during the years,
>   and that is what should happen if the tests fail? Should the
> delegation be withdrawn?

I've read all this thread with big interest, and there seems to be the 
side of techies who like to fix broken and bad things, and the lawyers 
who are concerned about contracts.

Has anybody got estimations or real numbers about how many problems 
would be solved, how many domains would not meet requirements, and what 
this would help to save the planet? I read about "bad 
domains", "hackers", "poisoning" etc. but how many are there really?

It would be interesting to see some agreement on what checks should 
exactly be done, and then just run these (silently, without any 
shutdowns or informational e-mails or whatever) - looks like there are 
enough people here that are able to to it to a respectful number of 

Compare the results, and maybe the discussion will be shut down or you 
will find it would help such a lot that it's worth discussing with 
ICANN or whoever about any penalties for broken domains.

My business is mostly anti spam, and with mailservers I see the same 
problem: Too many do not follow the rules, and if they did, internet 
cables around the planet would carry a whole lot less "Viagra" words. 
If there were such a discussion list for mailservers, I'd also want to 
enforce conformance tests with shutdowns for broken MX's. It would 
definitely serve the world.

mfg zmi
// Michael Monnerie, Ing.BSc    -----      http://it-management.at
// Tel: 0676/846 914 666                      .network.your.ideas.
// PGP Key:         "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38  500E CE14 91F7 1C12 09B4
// Keyserver: www.keyserver.net                   Key-ID: 1C1209B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080110/15f60886/attachment.sig>

More information about the dns-operations mailing list