[dns-operations] Delegation health was Re: Worst current practice example

Patrik Fältström patrik at frobbit.se
Mon May 10 15:25:11 UTC 2010

On 10 maj 2010, at 10.10, Patrik Wallström wrote:

>> You have four roles for each domain: Registry, Registrar, Holder of the domain and DNS operator.
> And when you talk about "DNS operator" it might not only be one role either. Within the "DNS operator" role you have name server operators, zone editor and zone signer. All of which can be different entities, and "name server operators" can be more than one - and depending on the type of organization, zone editor and zone signer can also be multiple entities (look at the root signing stuff).


>> In some cases the same entity have more than one role, but in an amazingly large number of cases that is not the case.
> For the 70 of so domains that I host on my primary server I am the primary DNS server, editor and signer for about half of them. Secondaries are external parties in about 50% of those cases. I don't think this is very uncommon.

Agree, and for some of the domains I am running DNS for, I am also registrar and signer (but not editor, the registrant is), For some I am doing all of the above, but not running any authoritative nameserver at all (no delegations are to my nameservers, but I run a hidden primary).

>> I do also think that most of the confusion is that *we* who actually know the difference about the four roles are not careful enough when we use the terminology are ourselves creating most of the confusion.
>> I know some registries that talk about "webhosting company" or "registrar" when they in both cases in reality mean DNS operator... Or the registries that have "www." wherever they talk about domain names.
>> We must because of this ourselves be more careful with terminology, or else the world will never learn. I.e. we have ourselves to blame for many confusions.
> Yes. And even the term "DNS operator" is not very clear.


Even we must define a terminology, so we know what we talk about.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20100510/5227c0be/attachment.sig>

More information about the dns-operations mailing list