[dns-operations] check if a domain has been registered via DNS

Mark Jeftovic markjr at easydns.com
Fri Apr 28 15:58:12 UTC 2017 

Following on the wildcards aspect:

Some of the new TLDs will have a domain delegated, yet it's designated a
"premium" domain, meaning it *is* available for registration but you'll
have to pay (or even negotiate) a price for it.

Domain "registration" status is not a DNS thing. As counter-intuitive as
that sounds. In fact entire the premise of my [expletive-deleted] book
which has been going on near 3 years was to bridge the gap between the
"domain registration" side of the equation to the "dns ops" side.

They are definitively related, I assert that there is too often an
artificial separation between the two silos within many organizations,
but trying to use DNS to determine registry availability isn't a path
between the two.

Not unless the registries decide to start pushing some meta-data into
their zones, (via TXT records?) which I think would be a fine idea, like

* a flag to announce various registry statuses (pendingDelete, on-hold,
expired)

* a flag that announces if whois privacy is enabled (I really wish for this)

* hey, while we're at it, a flag to announce if the string is available
for registration!

- mark


Stephane Bortzmeyer wrote:
> On Fri, Apr 28, 2017 at 09:32:34AM +0800,
>  Peng Yonghua <pyh at vodafonemail.de> wrote 
>  a message of 9 lines which said:
> 
>>> What would work for your situation is to test for the presence of
>>> NS records at the registry level, and if they are absent to fall
>>> back to whois to confirm.
>> good idea.
> 
> No bad idea. Really, you should drop the entire project. There are
> more things in the domain world than you imagine.
> 
> Two reasons why it may fail (thanks to a colleague who is too shy to
> post here):
> 
> 1) Some TLD do not delegate at all
> 
> % dig @d.ns.tk -t NS +norecurs tkj6g.tk
> 
> ; <<>> DiG 9.10.3-P4-Debian <<>> @d.ns.tk -t NS +norecurs tkj6g.tk
> ; (2 servers found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18776
> ;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 512
> ;; QUESTION SECTION:
> ;tkj6g.tk.		IN NS
> 
> ;; AUTHORITY SECTION:
> tk.			5 IN SOA a.ns.tk. joost\.zuurbier.dot.tk. (
> 				1493361600 ; serial
> 				10800      ; refresh (3 hours)
> 				3600       ; retry (1 hour)
> 				604800     ; expire (1 week)
> 				5          ; minimum (5 seconds)
> 				)
> 
> ;; Query time: 17 msec
> ;; SERVER: 2001:678:5c::1#53(2001:678:5c::1)
> ;; WHEN: Fri Apr 28 09:22:22 CEST 2017
> ;; MSG SIZE  rcvd: 97
> 
> 
> 2) Some have wildcards:
> 
> % dig @ns3.dns.ws -t NS x$(hexdump -e '/1 "%02x"' -n 31 /dev/urandom).ws
> 
> ; <<>> DiG 9.10.3-P4-Debian <<>> @ns3.dns.ws -t NS x2d6fcbd3fc6c1edce18c874a1bcb550672a5ee4afba6e374bcd67494296567.ws
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3215
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 4096
> ;; QUESTION SECTION:
> ;x2d6fcbd3fc6c1edce18c874a1bcb550672a5ee4afba6e374bcd67494296567.ws. IN NS
> 
> ;; AUTHORITY SECTION:
> IIG01QLMMRJU3J9C5UEJ2AQP0D5OJR3F.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
> 				IM0O08O5F0TE608RESL6HCPCDMPDO86S
> 				A NS SOA MX RRSIG DNSKEY NSEC3PARAM )
> IIG01QLMMRJU3J9C5UEJ2AQP0D5OJR3F.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
> 				20170528052917 20170428052917 6141 ws.
> 				H09I05I3L+gmrnUsRQZ9ymcBQ1rxDH1RsERps16WnsJo
> 				qrvLx/AdB8NqA5iJPnE86koGkPdmXHc2b9zbU3uuh3qm
> 				ay++KWlT1dlmCf0mbevoAycN0dW5PuDKb7pmlMnSPg/H
> 				hl28XbLfOfX/8sRHjI79aiPFFic7G3DXwOBQEAo= )
> 34IBHP0CB49CNPSD60EMTLD3CK9TMM8E.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
> 				37M2A7SE2UL454TMII7BHOVSDC7SB5HJ
> 				TXT RRSIG )
> 34IBHP0CB49CNPSD60EMTLD3CK9TMM8E.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
> 				20170528052917 20170428052917 6141 ws.
> 				fPq50AVHgTCVitw++vCldJ2wRG/cI94HzxwYNZ4vuIyM
> 				VGHWudqGm3qVM14QgUq7B/mGcrZy1Yo7wWYIGAuSpyUU
> 				KMAl6vrdQU7kI0rVWRzj5AzGsWunWbHPymsd9UTFykHl
> 				ofvcpS5Yg/1Xw8m3b2FwyfkPUKkFw2SPcOu8JfI= )
> F77R4FHVT9543N9GLP9DJTDFHVBN1PCJ.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
> 				FBK53JUKM6O8TSOVH915VC5IOB319HMF
> 				A MX TXT RRSIG )
> F77R4FHVT9543N9GLP9DJTDFHVBN1PCJ.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
> 				20170528052917 20170428052917 6141 ws.
> 				qlEo3nvJqwVrXtzIEbyWYGWEF40Cpj5Sxk5I9YGCTR8u
> 				93eIFLYQ6kPavN8Z8BQXrONcrp7EPhRTZPhSNoOGytrI
> 				KHFBaTsEZIwunQiip2rPajUZAX6cmz+H6ACgkIecSi6v
> 				Intl9psAYuSSEnufoStMK7ILdvcPcJSl6OuLM7k= )
> ws.			21600 IN SOA ns2.dns.ws. hostmaster.dns.ws. (
> 				1704271729 ; serial
> 				86400      ; refresh (1 day)
> 				3600       ; retry (1 hour)
> 				604800     ; expire (1 week)
> 				86400      ; minimum (1 day)
> 				)
> ws.			21600 IN RRSIG SOA 8 1 21600 (
> 				20170528070952 20170428060952 6141 ws.
> 				CKGJ65huqS5FWT/+SVvZioC8TNTf3XBH3ymahTIGsu3O
> 				nPvQ7M7jywxxBJ2yJUFTJKbpTQqfjh6e+AqTlfd4zMp2
> 				Rtu25Wh5PUttvLgBjAPG5p1G9z/UaE9uIg+f2HG3BSez
> 				h2CBXzFLP8HT9rFku8ABnzZznaN3d33gZ02BhFI= )
> 
> ;; Query time: 107 msec
> ;; SERVER: 173.228.153.149#53(173.228.153.149)
> ;; WHEN: Fri Apr 28 09:23:31 CEST 2017
> ;; MSG SIZE  rcvd: 1060
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

-- 
Mark Jeftovic <markjr at easydns.com>
Founder & CEO, easyDNS Technologies Inc.
http://www.easyDNS.com

More information about the dns-operations mailing list