[dns-operations] Is it illegal to query the .berlin TLD servers?

Chris Thompson cet1 at cam.ac.uk
Sun Jan 12 15:34:45 UTC 2014

On Jan 11 2014, Peter Koch wrote:

>On Sat, Jan 11, 2014 at 08:49:15AM -0800, Paul Hoffman wrote:
>> From an operations point of view, this TXT is problematic in that it
>> shows that the zone operator is willing to break its agreement with ICANN
>> without notice. They agreed to only put the following in the TLD zone:
>> 	? Apex SOA record.
>> 	? Apex NS records and in-bailiwick glue for the TLD?s DNS servers.
>there is no such thing.
>> They broke that agreement as soon as they could. Which other agreements
>> with ICANN are they willing to break? Or, if this really is a simple
>> mistake, which other simple mistakes are they willing to make until
>> ICANN tells them not to?
>Take a breath - or let the compliance jihad begin:
>ninja.                  0       IN      TYPE65534 \# 5 08D7050001
>ninja.                  0       IN      TYPE65534 \# 5 0818510001

That's clearly an unintended consequence of using BIND's signing
mechanisms. But what about the simply informative/debugging:

kiwi.  86400  IN  TXT  "Generation Time: 1389539700"

As regards the TXT records for berlin & wien, I don't really understand
what "unauthorised entry" is meant to mean. Not that it matters.

I hope we aren't going to see TXT records containing fatuous legal
disclaimers added to DNS responses in the annoying way that they are
too often used in e-mail... :-)

Chris Thompson               University of Cambridge Computing Service,
Email: cet1 at ucs.cam.ac.uk    Roger Needham Building, 7 JJ Thomson Avenue,
Phone: +44 1223 334715       Cambridge CB3 0RB, United Kingdom.

More information about the dns-operations mailing list