[dns-operations] Verisign won't delete obsolete glue records?
Andrew Sullivan
ajs at anvilwalrusden.com
Thu Mar 4 18:06:51 UTC 2021
On Thu, Mar 04, 2021 at 05:24:54PM +0000, Tony Finch wrote:
>But that check doesn't work for delegations that span mutiple registries.
>If gratisdns.dk disappears there's nothing nic.at can do about the
>now-lame nameserver attributes on dotat.at.
No, definitely not. You cannot depend on the registry to enforce this
if you use "external" nameservers.
>And there were earlier discussions in this thread about how registrars can
>force delegations to go lame so that they can cancel a deadbeat customer's
>domain.
Of course, but if a host object is renamed there is at least a
mechanism by which you can be informed of it: the poll queue ought to
send messages about such a thing. (I worked with someone who also
broke this on purpose because, well, he was too lazy to do it the
right way, IMO; but the mechanism at least exists.)
>(Yeah, I'm kind of grumpy about EPP host objects. I can't just write an
>API client that says, make my domain's delegation look like this. The
>combination of inter-object dependencies and asynchronous updates makes
>for a ridiculously complicated state machine that has to poll waiting for
>changes to take effect. Yuck.)
It's for sure impefect. I think an awful lot of its misfeatures are
really the effect of the RRR model and its implementation in
ICANN-land ca. 2000, but I know others disagree with me about that.
A
--
Andrew Sullivan
ajs at anvilwalrusden.com
More information about the dns-operations
mailing list