— John Bambenek
On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 19:41, Paul Vixie <p...@redbarn.org> wrote: > > > John Bambenek wrote on 2019-07-09 17:29:> >> On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license >> which means commercial use will require a license. Contact >> sa...@bambenekconsulting.com for details >> On Jul 9, 2019, at 19:13, Paul Vixie <p...@redbarn.org> wrote: >>> whois and rdap servers are a dime a dozen. i can run one for all >>> of my domains, and put it behind a rate limiter to make life >>> harder for scrapers. >> The reason scraping and rate-limiting make sense with registry operates >> servers is because scrapers want to query the whole portfolio. > > this is wrong. stop being obstreperous and deflective about this topic > for a few days if you want me to tell you why. i'm done otherwise. How is it wrong? I’m not being deflective (or at least not trying to be). If I’m an attacker who wants lots of emails in whois, I’d hit up .com 140 million or so for each domain. In my proposal, you’d query the auth server for say bambenekconsulting.com once and have what you need. Why would an attacker query a whois record twice for the same domain? Sincerely, I’m not being deflective I just don’t see rate limiting helping you in the proposed model. > >> In this scenario, the attacker only queries your record once and has what he >> needs to move on to next domain. Any rate limit beyond 0 doesn’t protect you. > > same. > >> And if you run DNS Auth, don’t have the ability to rate limit today? > > i think you mean "don't you have", and no, because as i said up-thread, > i can't ask my friendly secondaries to do custom name server settings > for those of my zones they handle. I meant if you run the authoritative (and secondary) NS for a domain you could. If you share that with a third party, obviously you are constrained by the rules of that third party. > > -- > P Vixie > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
