[dns-operations] iVenue and CommunityDNS.

Stephane Bortzmeyer bortzmeyer at nic.fr
Fri Mar 25 09:05:04 UTC 2011


On Thu, Mar 24, 2011 at 10:48:27PM +0000,
 Simon Munton <Simon.Munton at communitydns.net> wrote 
 a message of 24 lines which said:

> As a matter of interest, why do you make it available for public
> AXFR on all name servers if you don't want people to use it?

[TLD hat on]

I strongly oppose the idea that allowing AXFR means the TLD allow
every person on earth to serve authoritatively this data on their own
name servers. These are two different things.

[Back to operations]

The biggest practical risk is that some of these non-official name
servers may serve stale info, and the TLD will not know it, because it
does not monitor these servers (and, no, DNSSEC is not a perfect
protection, for instance .FR signatures last two months, thus allowing
large delays.)



More information about the dns-operations mailing list