Re: Update of RFC 2606 based on the recent ICANN changes ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Jul 7, 2008, at 10:49 AM, John C Klensin wrote:
--On Monday, 07 July, 2008 17:19 +0000 John Levine
<johnl@xxxxxxxx> wrote:
John,

While I find this interesting, I don't see much logical or statistical justification for the belief that, if one increased (by a lot) the number of TLDs, the amount of "invalid" traffic would remain roughly constant, rather than increasing the multiplier.

And, of course, two of the ways of having "networks [to] clean up their DNS traffic" depend on local caching of the root zone (see previous note) and filtering out root queries for implausible domains. Both of those are facilitated by smaller root zones and impeded by very large ones.

Agreed. This is happening while some email providers suggest widespread adoption of MX resource records targeting roots to signify opting-out. Not only does this form of email opt-out unfairly burden the victim, this scheme also victimizes roots. Are roots really inexhaustible and capable of sustaining high levels of horizontal growth, and ever greater levels of DNS misuse while adopting an additional security layer? How will roots be able to block abuse once it proves destructive?

From the human aspect, the list of common file extensions is mind- numbingly long. With a changing TLD landscape, one will no longer be sure whether a reference is to a file or to an Internet host. This becomes critical since automation is often used to fully construct links. Will obvious names be precluded such as .C0M, or those less obvious having international domain names? While this might help ICANN raise money, their profit seems destine to come at the expense of those currently supporting existing infrastructure. If domain tasting is an example of governance, then how can ICANN be trusted to operate in the greater interest of the Internet? It seems more reasonable to extend ccTLDs into a comparative list of international domain names where desired, and then wait a decade to measure its impact and to allow wider deployment of DNSsec.

Smaller steps rather faith in ever greater capacity seems more appropriate. If DNS were to approach the ability of roots to respond, then DDoS attacks take on truly global proportions.

-Doug


_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]