Hellekin, On May 8, 2015, at 10:50 AM, hellekin <helle...@gnu.org> wrote: > >> "home", "corp" and perhaps "mail" need special handling if we really > >> want to not cause problems for those using those tlds internally. > > > > Why? > > > these are the 3 names that were identified as posing operational > hazards by SSAC and both ICANN name collision studies.
Yes, quite aware of Lyman's and Mark's draft, in fact I commented on it earlier on this mailing list (http://www.ietf.org/mail-archive/web/dnsop/current/msg13604.html). The justification for removing home/corp/mail primarily appears to be "because they showed up 'a lot' at the root servers". Without characterizing this a bit better, it seems to me it would be trivial to set up situations to move pretty much any undelegated name to the "Special Names" registry -- just fire up a few thousand zombies to query names in the TLD you want removed using random source addresses. Perhaps something like two or three standard deviations over normal noise at the root servers for undelegated TLDs over a period of months? Of course, that would require an ability to actually collect that sort of data over long periods of time and wouldn't completely protect against the trivial attack above, but I figure it'd be better than subjective evaluations of 'a lot'... Regards, -drc (ICANN CTO, but speaking for myself only. Really.)
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
