[dns-operations] Delegation checking (was: Re: Some DNSSEC trivia)
Patrik Fältström
patrik at frobbit.se
Thu Jan 10 07:18:58 UTC 2008
On 10 jan 2008, at 07.42, Paul Vixie wrote:
>> Child zone operaters will ignore problem reported to them
>> (particularly in logs) until a zone fails to load or a
>> delegation is pulled.
>
> perhaps if we write some good RFCs and good code, we can get child
> zone
> operators to know what the right thing is, know whether they're
> doing the
> right thing, and know how to do the right thing. google for "aesop
> sun and
> wind" for more information on this approach i'm recommending.
Indeed, and we can encourage everyone to opt-in (and pay for) having
their zones being checked now and then. This is something ccTLDs are
even interested in doing. Encouraging the registrants to opt-in to
such a service. That is btw why .SE is even funding development of
software that do checks.
But going from that (opt-in, helping registrants) to removing a
delegation is a _VERY_LARGE_STEP_.
Many child zone operators ignore the problem even if the zone fails to
load. They are not interested in the delegation, only the registration
of the domain name.
Patrik
More information about the dns-operations
mailing list