Hi Joe, On 5/5/23 20:45, Joe Abley wrote:
Pre-delegation checks add friction to the domain registration process.
[...]
To look at it another way, why would we give authority to a third party to break our domains just because they are not fully-informed about how we are using them?
+1 My suggestion was not to create guidance or a best practice document for pre-delegation checks, but rather that *if* such guidance were developed, it should very prominently say what *not* to do, precisely because too many checks cause too much friction.
And lastly, even if a delegation is genuinely broken and useless for all the world, and nobody cares enough to fix it, what harm does it do? What is the motivation to find a fix? A dribble of extra traffic relating to a mainly-unused domain to a nameserver that is already over-provisioned doesn't seem very compelling.
As a first reaction, I also agree with this (although I may be convinced by more data on cost/harm caused by the extra traffic, as Brian was hinting at).
Even if I thought this was a problem that needed a solution, I don't think the solution is likely to be easy.
Yes. It may be easier to just arrive at a document advising against certain checks, that is, a Worst Current Practice doc ;-) Peter -- https://desec.io/ _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
