[dns-operations] The strange case of fox.com
warren at kumari.net
Mon Feb 29 21:08:44 UTC 2016
On Mon, Feb 29, 2016 at 11:35 AM David C Lawrence <tale at akamai.com> wrote:
> Mark Andrews writes:
> > Note: this should have been caught by the registry when it is
> > checking the delegation as per RFC 1034. Registries have two sets
> > of customers and failing to perform the checks is doing a disservice
> > to *both* sets of customers.
> I don't see an expectation in 1034 that a registry will perform
> continuous monitoring of delegations. Have I overlooked a relevant
> When the zone in question was first established over 15 years ago I
> presume that it had a working apex NS set. It also did when its
> delegation was subsequently updated to point to its current
> nameservers, what looks like happened half a decade ago. The change
> to the broken apex NS RRset happened a couple of months ago (and was
> detected, and was reported to the customer).
... and typing 'www.fox.com' into a web browser get's you (well, me) a
picture of some alien person with a ray-blaster and some woman who looks
very vaguely familiar (I'm a little behind on popular culture). In other
words, even though it is "incorrect", it is working well enough that people
get to see, er, whatever that alien chappie is.
Perhaps the underlying message is that the DNS works a bit too well?!
> Verisign as the .com registry should have detected the change? What
> should they have done when they discovered it was broken?
Well, that could have:
1: refused to make the change
2: been sad.
There are various policies which prevent #1. I'm all for number 2.
I think that part of the issue is that gTLDs are generally not incentivized
(or allowed) to care about this - perhaps this is the actual problem we
should be solving?
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> dns-jobs mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations