[dns-operations] Please contribute data to OARC!
brunner at nic-naa.net
Mon Feb 8 13:38:07 UTC 2010
Continuing the on-list Q&A ....
In the Summer of 2008 we, CORE, MIT, GoDaddy and NetSol, the registrar
reps active on the GNSO Fast Flux PDP Working Group, discussed the
equivalence of mod and add timing as the fundamental mechanism
necessary for the support of flux exploits.
We had already determined that to a first order, flux exploits
corollated to registry volume, and the available data supported a
similar determination for registrar volume, where each presented
generally indistinguishable real resource acquisition costs.
We sent a briefing note to the registry operators and held a larger
discussion, still a side-bar from the GNSO Fast Flux PDP Working Group.
Some months later the registry operators on the call, but excluding
CORE, did a press release announcing a group which specifically does
not address the issue of mod and add timing equivalence.
Thanks for the technical WG summary of that group's primary focus, I
don't want to trivialize the mission, but identification of registrant
purpose is less interesting to me than identification of mechanisms,
of the APIs exported by the registry and registrar platforms.
On 2/8/10 3:34 AM, Ray.Bellis at nominet.org.uk wrote:
> > The operator of .org is Afilias. Afilias, NeuStar and Verisign were
> > all RyC participants in the FF PDP WG, and in the side-bar that the RC
> > participants, lead by myself, initiated on the relation of mod rate of
> > change and flux.
> > We're not going to agree on this, obviously, and as I've mentioned, we
> > don't have the problems complained of.
> I'm really not sure what your point is.
> As Jay explained, RISG is a separate group. I'm a member of the
> technical WG within RISG and to the best of my knowledge fast-flux has
> never been on the agenda.
> The primary discussions have been on what data on phishing sites may be
> exchanged between registrars, registries and others to allow for earlier
> identification of suspected "bad actors", particularly those that are
> specifically registering new domain names for nefarious purposes.
More information about the dns-operations