ICANN opens up Pandora's Box of new TLDs

Christopher Morrow morrowc.lists at gmail.com
Sat Jun 28 04:31:25 UTC 2008

On Fri, Jun 27, 2008 at 11:11 PM, Roger Marquis <marquis at roble.com> wrote:
> On Fri, 27 Jun 2008, Christopher Morrow wrote:
>> I'd point out that FastFlux is actually sort of how Akamai does
>> it's job (inconsistent dns responses)
> That's not really fast flux.  FF uses TTLs of just a few seconds with
> dozens of NS.  Also, in practice, most FF NS are invalid.  Not that FF has
> a fixed definition...

www.yahoo.com.          24      IN      CNAME   www.yahoo-ht3.akadns.net.
www.yahoo-ht3.akadns.net. 57    IN      A

akamai, 60 second TTL's... most of the FF things I've seen sit around
300seconds for NS and for A records. either way, this is 60 seconds
which is fast enough.


that goes fairly well to what I was referencing as FF and Double-Flux.

>> Domain tasting has solutions on the table (thanks drc for
>> linkages) but was a side effect of some
>> customer-satisfaction/buyers-remorse loopholes placed in the
>> regs...
> The domain tasting policy was, if I recall, intended to address buyers of
> one to a few domains, not thousands.  Would be a simple matter to fix, in a
> functional organization.

sure, policy by committee I think drc made some references to that
process. It's taking time :(

> Yes, sorry, DHS. :-)  At least they are sensitive to security matters and
> would, in theory, not be as easily influenced by politics as was the NSF.

I'm not sure that a us-focused law/regulatory answer serves 'the
tubes' very well. Certainly DHS can help make things useful inside the
US-Govt. they may also be able to help advise, but implementation is
left to the operators and policy folks in ICANN + registries +


More information about the NANOG mailing list