[dns-operations] Weirdness with glue for old (gone) DNS servers

[Andrew Sullivan]

On Thu, May 15, 2014 at 07:18:48AM +1000, Mark Andrews wrote:

> Then why does't the registry remove all the records below a delegation
> and any records that refer to them from the published zone when a
> delegation is removed?

By the time the domain object is deleted, there _are_ no subordinate
host names underneath it, or the deletion wouldn't be permitted.  You
may consult the EPP specifications for all of this, by the way, since
I think all the registries we're talking about use that as the
protocol any more.  Note that we're only talking about registries that
use host objects, and not ones that use the domain attribute approach.

There is no communication path between the two registrars (in EPP
terms, "sponsors") in the registry such that RegistrarA can say to
RegistrarB, "Hey!  You're depending on this record, and I'm about to
delete it."  That's actually the path I proposed to create (with some
timers, so that deletions could happen in time) some years ago, and I
was told it was too hard and too complicated and nobody would do it
and tin soldiers and GNSO and ICANN coming and we're all gonna die.  I
decided that fight wasn't worth having, so I didn't have it.  Perhaps
you think there's a worthy windmill there.

> What is currently being done leaves a zone that "works" some of the
> time for some servers.  Once a recursive server learns that the
> name servers don't exist (any dual stack recursive server unless
> there is both A and AAAA glue) then the zone fully breaks for that
> server.

Yes, I agree what is being done now is stupid.  I think the
overwhelming response among registries and registrars was to tell
people not to set up their zones this way, and they won't have such a
problem.  That is also a solution to the problem, I note.  "Doctor it
hurts," and all that.

Regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com