[dns-operations] iVenue and CommunityDNS.
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri Mar 25 09:05:04 UTC 2011
On Thu, Mar 24, 2011 at 10:48:27PM +0000,
Simon Munton <Simon.Munton at communitydns.net> wrote
a message of 24 lines which said:
> As a matter of interest, why do you make it available for public
> AXFR on all name servers if you don't want people to use it?
[TLD hat on]
I strongly oppose the idea that allowing AXFR means the TLD allow
every person on earth to serve authoritatively this data on their own
name servers. These are two different things.
[Back to operations]
The biggest practical risk is that some of these non-official name
servers may serve stale info, and the TLD will not know it, because it
does not monitor these servers (and, no, DNSSEC is not a perfect
protection, for instance .FR signatures last two months, thus allowing
large delays.)
More information about the dns-operations
mailing list