Greg, you're tryin' too hard

Sun Jan 28 16:08:12 UTC 2001

[Apologies to NANOG; Greg sent me a reply off list, all three of his
addresses feed to weird, and weird is *still* *entirely* too Catholic
about machines with perfectly valid A records that do not also have MX
records.  I won't be continuing this thread, so as to avoid annoying
anyone.]

I don't know that you'll actually *get* this; ISTR you having your
mailer set to be More Catholic Than The Pope...

On Sun, Jan 28, 2001 at 02:12:27AM -0500, Greg A. Woods wrote:
> [ On Saturday, January 27, 2001 at 21:57:00 ( -0500), Jay R. Ashworth wrote: ]
> > Subject: Re: How common is lack of DNS server diversity?
> >
> > Well, actually, Greg, there are multiple root clusters, with multiple
> > sets of authoritative root servers -- but only one of those is
> > consecrated by DoC/ICANN.
> 
> Yeah, OK, but the "consecrated" set isn't a "cluster", If I'm guessing
> correctly what you mean by that...

I meant it in the administrative sense, not the technical one.  Yeah,
by that definition, it's a cluster.

> > The other ones do exist, do work, and so far as I'm aware, there are
> > not currently any rogue redelegations of "traditional" gTLDs, nor many,
> > if any, collisions of non-traditional gTLDs, amongst the various ones.
> 
> Yeah, but just what percentage of real users ever hit them?  I know of
> no major ISP that uses anything but the DoC/IANA DNS.  Come to think of
> it I don't know of *any* ISP using the rogues.

No, I don't think they do, at the moment.  None of the first or second
tier access providers, certainly.  I do know of at least a few
third-tier (read: mom-n-pop's) that are.

> I don't know exactly how the rogues work either, though if I'm guessing
> right they're not very safely or securely implemented since they'll
> require recursion be enabled.  So, "work" might be a relative term here.

Indeed.  I don't know if they're separating resolver and zone servers
or not.  They should be, of course; I haven't dug into the technical
details.

I *can* say, though, that not all the people involved are
Friends-of-Gene, nor kooks.

> I don't think I've ever seen a published URL point to any of there new
> TLDs either, and of course even if I did I couldn't see if it "worked"
> anyway.

That depends, of course, on your definition of "published".  :-)

> Nice experiments maybe, pushing the envelope possibly, but otherwise a
> total waste of time and effort.

I don't think so at all.  While who runs the root servers and who runs
the root *zone* are two separate questions, unfortunately almost always
conflated, in the long run I think that the word 'confederation' will
almost have to be the best term for the former...  (I absolutely
*shudder* at the thought of the FBI pulling a raid on NetSol and
yanking *all* their roots down simultaneously... and if you think that
can't happen, you ain't been paying attention), and as for the
latter...well, we'll see.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra at baylink.com
Member of the Technical Staff     Baylink
The Suncoast Freenet         The Things I Think
Tampa Bay, Florida        http://baylink.pitas.com             +1 727 804 5015