[dns-operations] check if a domain has been registered via DNS
ajs at anvilwalrusden.com
Thu May 4 08:38:15 UTC 2017
I certainly don't imagine a bright shiny protocol will eliminate a social problem. But Whois doesn't have the facilities to give different responses unless you build an enormous amount of knowledge about transport into the application. A "bulk access" credential to rdap could allow you to see only non-pii fields. Privacy people seem to get that distinction.
And if the policy doesn't have something to say about rate limits, I'll be amazed.
Please excuse my clumbsy thums.
> On May 1, 2017, at 08:45, David Conrad <drc at virtualized.org> wrote:
>> On Apr 29, 2017, 4:35 PM -0400, Andrew Sullivan <ajs at anvilwalrusden.com>, wrote:
>>> On Fri, Apr 28, 2017 at 04:24:12PM -0700, David Conrad wrote:
>>> Use of RDAP here seems largely irrelevant to the use case Mark and Paul are talking about, i.e., automated bulk queries.
>> I don't see why, since that use case was quite explicitly discussed
>> during WEIRDS to cope with use cases very much like this one.
> Sure, but this doesn't mean that that use case couldn't be addressed by convention using the existing Whois "protocol".
>>> Do you think registries/registrars will not rate limit RDAP (differentiated access or not)?
>> Surely that will depend in part on what the consensus policy is.
> I wasn't aware the consensus policy was going to delve into rate limiting.
> That is, the problem isn't actually in the protocol, but rather how the protocol is deployed. It may be that with RDAP and differentiated access that it'll be easier for registries to white list the good guys for bulk access due to their credentials, but the same could likely be done with Whois and source IP address. I guess it feels to me like you're assuming a bright shiny new protocol is going to address a social problem...
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations