On Thu, Jul 30, 2020 at 1:44 PM Joe Abley <jab...@hopcount.ca> wrote:
> > There are some 20,000 examples in the ORG zone, of which at least 7,000 > are due to the domain suspension mechanism I gave as an example. There are > lots of well-functioning domains that would fail if all of those A/AAAA > records suddenly stopped resolving. > > > That also seems quite imprecise. Here's a more specific worked example to > make sure we understand each other. > > $ORIGIN ORG. > > BADDOMAIN NS ... > BADDOMAIN NS ... > NS1.BADDOMAIN A 192.0.2.1 > > GOODDOMAIN NS NS1.BADDOMAIN.ORG. > GOODDOMAIN NS ... > > If BADDOMAIN.ORG is suspended (or if the domain is suppressed for some > equivalent reason) then the zone cut betwen ORG and BADDOMAIN.ORG will be > removed (the BADDOMAIN.ORG NS set will disappear) but the A record above > will remain, since it is linked to another domain, GOODDOMAIN.ORG, that > depends upon it. Without a zone cut, that makes the ORG servers > authoritative for the A record. > > I realize this is close to going down a rabbit/rat hole, so I'll try to keep it as focused as possible. Those two numbers (7000 and 20000) raise a question in my mind: What's the typical range of domains impacted for each suspended domain? I.e. given BADDOMAIN and GOODDOMAIN_1 through GOODDOMAIN_N, what would the median value of N be, and the max or 95%ile value of N? (I'm guessing it would be easier for you to get the answer than it would be for me.) The reason to ask is, what is the reasonableness of alternatives to the current method depend? Those very much on the expected size of N. If N is most typically about as many fingers as there are on one hand, that suggests that changing the glue for the remaining domains, on a per-domain basis, is not an unreasonable amount of work. (I.e. replace all instances of "NS NS1.BADDOMAIN.ORG" with "NS NS1.GOODDOMAIN_1.ORG", and replace NS1.BADDOMAIN A <value> with NS1.GOODDOMAIN_1 <value> everywhere it occurs in the ORG zone.) It's unclear whether this crosses the line of what registrars should do vs what registries should do. If the "suspend" action is not literally accompanied by the registrar doing the removal of the NS records, then the (temporary) renaming of the object by the registry on behalf of the registrar(s) involved, would seem to not be unreasonable. It keeps the GOODDOMAIN_N delegations functioning, and avoids promoting glue to authoritative. Of course, the OTHER question is, of those 20000 instances, in how many of those cases is the registrant for BADDOMAIN and GOODDOMAIN_N the same party? Is the expectation of the registrant that their error (lapse) or action (abuse) on BADDOMAIN should not also have the same impact on the related domains operated by the registrant a reasonable expectation? (That's probably a lawyer question.) I'm happy to stick to the technical aspect, on the renaming option: for each suspended domain, what is the number of domains sharing a nameserver below the delegation point, and thus how many actual renaming things and address substitutions would be expected/required? Brian
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
