[dns-operations] Delegation checking (was: Re: Some DNSSEC trivia)
michael.monnerie at it-management.at
Thu Jan 10 02:51:04 UTC 2008
On Mittwoch, 9. Januar 2008 Patrik Fältström wrote:
> But, back to what I have found the harder question during the years,
> and that is what should happen if the tests fail? Should the
> delegation be withdrawn?
I've read all this thread with big interest, and there seems to be the
side of techies who like to fix broken and bad things, and the lawyers
who are concerned about contracts.
Has anybody got estimations or real numbers about how many problems
would be solved, how many domains would not meet requirements, and what
this would help to save the planet? I read about "bad
domains", "hackers", "poisoning" etc. but how many are there really?
It would be interesting to see some agreement on what checks should
exactly be done, and then just run these (silently, without any
shutdowns or informational e-mails or whatever) - looks like there are
enough people here that are able to to it to a respectful number of
Compare the results, and maybe the discussion will be shut down or you
will find it would help such a lot that it's worth discussing with
ICANN or whoever about any penalties for broken domains.
My business is mostly anti spam, and with mailservers I see the same
problem: Too many do not follow the rules, and if they did, internet
cables around the planet would carry a whole lot less "Viagra" words.
If there were such a discussion list for mailservers, I'd also want to
enforce conformance tests with shutdowns for broken MX's. It would
definitely serve the world.
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0676/846 914 666 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: www.keyserver.net Key-ID: 1C1209B4
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 194 bytes
Desc: This is a digitally signed message part.
More information about the dns-operations