Jelte,
don't forget there are ccTLD registries run by third parties for
purely economic reasons, some better some worse. And a particular
compatriot comes to mind :-)-O
Then there are a number of smaller ccTLDs which are overwhelmed by
all of this. Never mind those who only answer their email w
On 11/12/2015 01:30 AM, Tim Wicinski wrote:
>
> (as chair)
>
> I was the one who told Mark I liked the document but we needed to do
> less badgering of TLDs (my words, not his) and more on giving them
> advice on the best practices.
>
+1
I'd like to add that they may be badgered just as hard f
(as chair)
I was the one who told Mark I liked the document but we needed to do
less badgering of TLDs (my words, not his) and more on giving them
advice on the best practices.
I'm stuck in the office in San Francisco this week, but I will read the
newer versions. It sounds like something
On Wed, Nov 11, 2015 at 07:25:39AM +0100, Patrik Fältström wrote:
...
>
> That said, initiatives like the one I did run did push errors (for some
> definition of errors) from 22% to maybe 17% in .SE and my inspection of the
> rest say that getting errors down to 15% is possible, but more is very
On Wed, Nov 11, 2015 at 12:22:05PM +, Lawrence Conroy wrote:
> ISTM that the IETF isn't in a position to force its suggestions through
> the 'industry'.
Who said anything about "forcing", I thought this was intended to
be a BCP. As for whether the checks are done by registries or
registrar
Hi Patrik, Jim, folks,
+1
Not an IETF thing, but ISTR that the RRR model can make pushing error reports
difficult:
e.g., if Registry runs tests and finds problems, the Registrar may be unhappy
for an email
to be sent from Registry direct to "the Registrar's" customer.
Quite apart from anythin
On 11 Nov 2015, at 11:42, Stephane Bortzmeyer wrote:
> On Wed, Nov 11, 2015 at 11:29:41AM +0100,
> Patrik Fältström wrote
> a message of 57 lines which said:
>
>> Some registries even requires MX records at the zone apex! Even more weird.
>
> Less so now that we have RFC 7505.
Sure, but still do
In message <2015104833.gb29...@sources.org>, Stephane Bortzmeyer writes:
> On Tue, Nov 10, 2015 at 03:25:11PM +0100,
> Shane Kerr wrote
> a message of 49 lines which said:
>
> > My guess is that part of the resistance is because you are going to
> > be asking people to spend money on some
On Tue, Nov 10, 2015 at 03:25:11PM +0100,
Shane Kerr wrote
a message of 49 lines which said:
> My guess is that part of the resistance is because you are going to
> be asking people to spend money on something that does not provide
> them or their customers any (direct) benefits. Further, it b
>> Does the scenario look like this?
>>
>> * Client asks to registrar to set up frobbit.se
>
> Yes, someone want to register frobbit.se domain name. For pure
> IPR reasons. It should not resolve.
Ah, OK. Then this is first and foremost a registry policy issue:
do you in your policy support regist
On Wed, Nov 11, 2015 at 11:29:41AM +0100,
Patrik Fältström wrote
a message of 57 lines which said:
> Some registries even requires MX records at the zone apex! Even more weird.
Less so now that we have RFC 7505.
___
DNSOP mailing list
DNSOP@ietf.or
Viktor Dukhovni wrote:
>
A good list of problems. Sounds like it was a lot of hard work discovering
those!
> * Having DS records in the parent zone with no matching DNSKEYs
> at the zone apex is wrong.
It's OK provided that at least one DS of each algorithm has a matching
DNSKEY. You get
On 11 Nov 2015, at 11:17, Havard Eidnes wrote:
> A zone registered with delegation records, but where none of the
> name servers respond to queries for the zone does noone any good,
> so why must it be acceptable?
Because only registration of the domain name is what is wanted.
No one want record
On 11 Nov 2015, at 11:17, Havard Eidnes wrote:
> Does the scenario look like this?
>
> * Client asks to registrar to set up frobbit.se
Yes, someone want to register frobbit.se domain name. For pure IPR reasons. It
should not resolve.
> * Registrar is lazy and doesn't want to set up a separate z
>> It may not be possible for everyone to agree on a comprehensive
>> set of 'wrongs' with no omissions, but it should be possible to
>> get consensus on a core set of 'wrongs' that are not controversial.
>
> Yes and no. I think going for a minimum will be a good goal,
> but for example to have la
On Wednesday, November 11, 2015 07:43:30 AM Mark Andrews wrote:
> Perhaps we should be getting Jari, Suzanne and Andrew to push this
> at IGF meetings.
that's a right-thinking goal but with incorrect implementation semantics.
for IGF to care about this, you'd have to show the cost to end users an
Mark,
please point me to the tools :-)-O
el
On 2015-11-11 10:23, Mark Andrews wrote:
[...]
>> Well we have tools that can test every server in a zone.
[...]
--
Dr. Eberhard W. Lisse \/ Obstetrician & Gynaecologist (Saar)
e...@lisse.na/ * | Telephone: +264 81 124 6733
On Wed, Nov 11, 2015 at 07:53:25AM +0100, Patrik Fältström wrote:
> > It may not be possible for everyone to agree on a comprehensive
> > set of 'wrongs' with no omissions, but it should be possible to
> > get consensus on a core set of 'wrongs' that are not controversial.
>
> Yes and no. I think
In message <5642ea31.5060...@lisse.na>, Dr Eberhard W Lisse writes:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> For smaller (cc)TLDs it's not only the enforceability that's
> difficult (or as mentioned counterproductive) it's also the real
> world (Open Source Tools)
>
> If someone wri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
For smaller (cc)TLDs it's not only the enforceability that's
difficult (or as mentioned counterproductive) it's also the real
world (Open Source Tools)
If someone writes me a zonemaster based tool that can read a list of
all domain names in the CoCCAt
On 11 Nov 2015, at 7:47, Viktor Dukhovni wrote:
> It may not be possible for everyone to agree on a comprehensive
> set of 'wrongs' with no omissions, but it should be possible to
> get consensus on a core set of 'wrongs' that are not controversial.
Yes and no. I think going for a minimum will be
On Wed, Nov 11, 2015 at 07:25:39AM +0100, Patrik Fältström wrote:
> Everything has so far collapsed into collision between tech people not
> agreeing on what is right and wrong. It also collapses into clashes between
> registry policy and the tests made. I.e. just the registration policy is
> sett
In message <5373ddab-1ed2-489b-ab62-ba7cf6d3d...@frobbit.se>, "Patrik =?utf-8?b
?RsOkbHRzdHLDtm0=?=" writes:
> On 10 Nov 2015, at 22:24, Jim Reid wrote:
>
> >> Or perhaps we should not.
> >
> > +1
>
> This discussion on making tests is coming back now and then. In RIPE, in
> IETF, in discussions a
On 10 Nov 2015, at 22:24, Jim Reid wrote:
>> Or perhaps we should not.
>
> +1
This discussion on making tests is coming back now and then. In RIPE, in IETF,
in discussions around TLDs (specifically ccTLDs).
I have run one such initiative myself.
Everything has so far collapsed into collision b
On Wed, Nov 11, 2015 at 07:43:30AM +1100, Mark Andrews wrote:
> Perhaps we should be getting Jari, Suzanne and Andrew to push this
> at IGF meetings.
Not knowing what IGF meetings are, I can't comment on this specific
point.
> So we don't say what's right because you fear that not everybody
> wi
> On 10 Nov 2015, at 21:11, Paul Hoffman wrote:
>
> On 10 Nov 2015, at 12:43, Mark Andrews wrote:
>
>> Perhaps we should be getting Jari, Suzanne and Andrew to push this
>> at IGF meetings.
>
> Or perhaps we should not.
+1
___
DNSOP mailing list
DN
On 10 Nov 2015, at 12:43, Mark Andrews wrote:
> Perhaps we should be getting Jari, Suzanne and Andrew to push this
> at IGF meetings.
Or perhaps we should not.
--Paul Hoffman
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/
Perhaps we should be getting Jari, Suzanne and Andrew to push this
at IGF meetings.
In message <20151110152511.6f1a1...@pallas.home.time-travellers.org>, Shane Ker
r writes:
> Mark,
>
> On Fri, 06 Nov 2015 10:54:02 +1100
> Mark Andrews wrote:
>
> > I keep getting told the IETF can't tell p
Mark,
On Fri, 06 Nov 2015 10:54:02 +1100
Mark Andrews wrote:
> I keep getting told the IETF can't tell people what to do
> but that is *exactly* what we do do when we issue a BCP.
> We tell people what best current practice is and ask them
> to follow it.
>
> Today
>> Yes. Daily checks of all delegated server. I don't believe they are
>> currently reporting the discovered faults.
>>
>> http://bamus.switch.ch/edns/summary.html
> Cool, but unless they inform someone it won't help improve anything.
> Others do and it's good to see some people on the autho
Moin!
On 8 Nov 2015, at 0:52, Mark Andrews wrote:
> Fixing misimplementations of the protocol is different to fixing
> misconfiguration of servers. The draft is aimed primarially at
> fixing misimplementations rather than misconfigurations though both
> need fixing.
Sorry I over generalised. To
Moin!
On 7 Nov 2015, at 18:20, Antoin Verschuren wrote:
But that’s not the point.
The point is that we need consensus on criteria for what is good and
what is bad DNS(SEC).
Isn't that what the RFCs describe. Is there really a point where someone
disagrees?
I agree with you that there is no i
In message <53fe03ef-9c40-40dc-a403-50c0a339c...@fl1ger.de>, "Ralf Weber" write
s:
> Moin!
>
> On 6 Nov 2015, at 21:17, Mark Andrews wrote:
>
> > In message <8d78b784-34d3-421e-b82c-52dd32e22...@fl1ger.de>, "Ralf
> > Weber" write
> > s:
> >> Really TLDs doing repeated checks? I know some do whe
On Fri, Nov 06, 2015 at 10:54:02AM +1100, Mark Andrews wrote:
> I keep getting told the IETF can't tell people what to do
> but that is *exactly* what we do do when we issue a BCP.
> We tell people what best current practice is and ask them
> to follow it.
>
> Today
Op 7 nov. 2015, om 16:17 heeft Ralf Weber het volgende
geschreven:
> Cool. Thanks for the link, and thanks to SIDN for doing this. Seems to be
> effective, though the number doesn't seem to go to 0. If I understand it
> correctly (or google translated it correct) there is no sanction for the
Moin!
On 6 Nov 2015, at 21:17, Mark Andrews wrote:
In message <8d78b784-34d3-421e-b82c-52dd32e22...@fl1ger.de>, "Ralf
Weber" write
s:
Really TLDs doing repeated checks? I know some do when you
register domains, but repeatedly? Examples?
Yes. Daily checks of all delegated server. I don't b
Moin!
On 6 Nov 2015, at 18:50, Antoin Verschuren wrote:
Op 6 nov. 2015, om 08:46 heeft Ralf Weber het volgende
geschreven:
Really TLDs doing repeated checks? I know some do when you
register domains, but repeatedly? Examples?
.nl f.e.
Registrars get a monthly report on DNS errors with a
In message <8d78b784-34d3-421e-b82c-52dd32e22...@fl1ger.de>, "Ralf Weber" write
s:
> Moin!
>
> This may be totally in appropriate
>
> On 6 Nov 2015, at 0:54, Mark Andrews wrote:
> > I keep getting told the IETF can't tell people what to do
> > but that is *exactly* what we do do when we is
Op 6 nov. 2015, om 08:46 heeft Ralf Weber het volgende
geschreven:
>>
> Really TLDs doing repeated checks? I know some do when you
> register domains, but repeatedly? Examples?
.nl f.e.
Registrars get a monthly report on DNS errors with a score of how they
technicaly compete to their competit
> > Today we have TLDs that do perform all sorts of checks on
> > servers they delegate zones to and some do inform the
> > operators of those zones that they have errors. Those
> > checks cover in part tests described in
> > draft-andrews-dns-no-response-issue.
> Really TLDs
Moin!
This may be totally in appropriate
On 6 Nov 2015, at 0:54, Mark Andrews wrote:
> I keep getting told the IETF can't tell people what to do
> but that is *exactly* what we do do when we issue a BCP.
> We tell people what best current practice is and ask them
> to fol
I keep getting told the IETF can't tell people what to do
but that is *exactly* what we do do when we issue a BCP.
We tell people what best current practice is and ask them
to follow it.
Today we have TLDs that do perform all sorts of checks on
serv
42 matches
Mail list logo
