At 16:00 +0200 6/9/08, Yngve Nysaeter Pettersen wrote:
>On Mon, 09 Jun 2008 15:32:11 +0200, Patrik Fältström <[EMAIL PROTECTED]>
>wrote:
>
>> The problem with any such mechanisms is that the barrier of entry for
>> new players (that does not match the currently used list -- including
>> non-upgraded software) is increased. More than what people think.
>
>That is why my subtld-structure draft is suggesting that TLD profiles be
>downloaded at regular intervals (and at need) from a repository, in order
>to make it possible to add new TLDs or new registry-like domains under a
>TLD, and to prevent problems with old software. My drafts also suggest a
>rule-of-thumb fallback in case a TLD is unknown.
This thread is going to go around in circles for
quite a while. There's a history of the IETF
wanting to define something without fixed
boundaries. DNS names is one, IPv6 addresses is
another. But when it comes to operations, having
fixed boundaries makes mass production much
easier.
E.g., in IPv6, IETFer's (as we know, the IETF
doesn't have any official statement source and no
members, so I refer to those in the debate that
brandish IETF credentials) would say that the
days of classful addressing are behind us, so
IPv6 addresses ought to be treated as nothing but
a string of 128 bits. But RIR policy writers
wanted to know whether to recommend /48's, /54's,
/32's, etc. for certain types of uses. ("Uses"
not users.)
Shifting back to DNS, there's not going to be a
scientific differentiation between one zone and
another. During the DNSSEC development days we
wanted to declare some zones as "widely
delegated" (such as .com) from other zones - to
alleviate the issues we see with NSEC, NSEC3,
etc. that are apparent still now. There's
nothing in DNS to differentiate, at a protocol
level, one zone from another, but at the
operational end of the stick, there are many
differentiators (like whether the administration
interface is on paper or via EPP).
I doubt that you'll find any repository that can
be used to register "registry-like" zones. The
DNS lacks anything like a RADB, RPSL, etc.,
mechanism employed by the routing infrastructure.
Partly because, unlike IP addresses, there is no
organizational link through all parts of the
Domain administrations. ICANN does not have it's
"thumbs" on all the TLDs - many ccTLDs do not
operate under any agreement with ICANN.
I admire and respect the effort of web browser
implementers to try to improve their code to make
it harder to abuse. Even if the desired tactic
is on target, it may still fail because the
information is just not available. Worse is
broken security which will just frustrate the
users and make the situation even more fertile
for abuse (through uncertainty and confusion).
The domain name industry is more complex than one
would think. It's not technical, it's a market
place with operators, wholesalers, resellers,
etc. I think the answers to building a domain's
reputation lie more in what happens at an ICANN
meeting than an IETF meeting.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Never confuse activity with progress. Activity pays more.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
