[dns-operations] register nameservers in different TLD's NS

Patrik Fältström paf at frobbit.se
Mon Jul 16 20:16:12 UTC 2012

On 16 jul 2012, at 21:37, Joe Abley wrote:

> On 2012-07-16, at 11:21, Mark Jeftovic wrote:
>> Sorry, I mispoke when I said glue record. It's not a glue record that
>> needs to exist, BUT there does need to be a nameserver defined for that
>> hostname at the registry before you can delegate a .com or .net domain
>> to it.
> For even more clarity, it's perhaps worth mentioning that in gTLDs this is mainly an artifact of the EPP data model (which itself inherited aspects from earlier data models).
> Registries (e.g. ccTLD registries) which take other approaches might not need the registration of a host object (or equivalent, in their model).

Well, I think the policy in any epp based registry should be able to be such:

- It is for a registrar to add a domain object, and link that domain object to a named host object
- A host object has as a sponsoring registrar the registrar that is sponsor of the to the name of the host object inferior domain object
- A named host object can be created by anyone, but glue can only be added to the host object by the for the host object sponsoring registrar

An alternative is to allow domain objects to be created with hostnames that are host objects only in the case that the explicit glue is needed (that the host has a domain name in the delegated domain).

Sure, it might create problems if you have cross-referenced glue, but I have at the moment a case where a registrant due to policy in the registry can not get a domain name of NS to what they want because the domain name of the NS has a different sponsoring registrar than the sponsoring registrar of the delegated domain.

I.e. we have example1.com with a name server that is for example ns.example2.com. Now, example1.com and example2.com have different registrars, and the registrar for example1.com is not allowed to create the host object ns.example2.com that is needed for the domain example1.com.

If only example2.com did use ns.example2.com as name server, then the host object would exist in the registry database, and the example1.com domain object could reference it. But as it is now, nope.

I have no problems with registries providing rope that the registrant can hang themselves in, but having registries having policies that prohibit the registrant to do "the right thing", that makes me irritated.


More information about the dns-operations mailing list