On Tue, 22 May 2007, Roger Marquis wrote:
Why are people trying to solve these problems in the core?
Because that's the only place it can be done.
it is A PLACE, not necessarily THE PLACE. With every decision as to where there are tradeoffs, be prepared to accept/defend them.
These issues need to and must be solved at the edge.
Been there, done that, with smtp/spam, netbios, and any number of other protocols that would also be ideally addressed at the source or edge but, in reality, cannot.
maybe this is also a definition problem? "what is the core" and "what is the edge" in this discussion?
These issues should not be "solved" by the registry operators or root server operators, that's very dangerous.
Do you know that it is dangerous to fix problems at the core or are you speculating? If you can cite specific examples please do. Simply
it is dangerous, making assumptions about how people use a basic plumbing service is what gets people into trouble, ask verisign about sitefinder. much of this discussion of mitigating this issue revolves around the 'belief' that 'no one should/would ever want to rotate NS records around every five minutes'. Making statements that include absolutes is bound to be problematic. What if, for some reason unknown today, people thought that pushing around NS records regularly was helpful to their application? What if it were automated into a product like bittorrent or other widely deployed thing? What if the usage wasn't for 'where is www.sun.com' but as a signalling method or metric/best-path decision process that was never revealed to the end users? you simply can't know what options folks might use in future applications when it comes to basic plumbing things. people expect basic plumbing to 'just work' and 'just work according to the standards'. giving back falsified information is bound to generate problems (see sitefinder for a quick/simple example).
Can you say what that 'anything else' might consist of?
Sure work on an expedited removal process inside a real procedure from ICANN down to the registry. Work on a metric and monetary system used to punish/disincent registrys from allowing their systems to be abused. Work on a service/solution for the end-user/enterprise that allows them to take action based on solid intelligence in a timely fashion with tracking on the bits of that intelligence. three options, go play :) -Chris