If the NIC would introduce the concept of "holding" a domain, where that would be a state of the domain being paid for (and thus not available) but not "activated" yet, thus not in DNS, then you could go to positive SOA verification, thus getting rid of the junk. This recognizes that there are people/firms who want to "buy" the domain name, but do not want to be beholden to an ISP to "hold" it, and it also recognizes that allowing just anyone to process a request throught the NIC without a valid SOA in place is a BAD IDEA for many different reasons... Doug On Tue, 18 Feb 1997, Dean Gaudet wrote:
What is your point? IMHO it's far better for NSI to accept the applications without working SOA. Otherwise you lock people into paying ISPs to hold domains for them. While that might give you business, it's not something that NSI should enforce, or should have to enforce.
Furthermore, the NSI registration system has become FAR more reliable since the removal of that check. In order to ensure that SOAs are always available they would have to continually check all the zones. I personally do not trust anyone, not you, not NSI, not even myself to do that without dropping zones accidentally now and then. Why introduce those problems into the system when it works just fine without them?
Furthermore, when I ran a similar survey four months ago things didn't seem nearly this bad. Although I was only taking the com.zone NS records and querying them for "nic." NS records. I was happy to see that less than 1% of them were corrupted by a bogus "nic." tld.
Dean
On Tue, 18 Feb 1997, Karl Denninger wrote:
There are approximately 50,000 name servers that are authoritative for .com (according to the .com zone file from the InterNIC).
No. There are approximately 50,000 unique nameserver hostnames. At least 1/3rd of these, according to the survey I'm running right now, are completely bogus and simply don't exist.
The survey that I'm running to study penetration of the eDNS roots gives a best guess of the ACTUAL .COM domains which are resolvable to be somewhere between 30% and 60% of the zones listed.
We're about 10% of the way through the list right now (started early this morning) so what I have at this point has statistical significance.
You hear that right folks. About 30% of the nameservers which supposedly are authoritative for .COM domains are either: 1) Non-existant (they don't resolve to an IP address) 2) Unreachable or 3) Don't know what "." is (!)
Now, if it turns out that the number of so-called delegations which aren't really backed by authority records is also 30% of the listing, then that means that of the 790,000+ domains in the COM zone, only about 265,000 are "real", in that they have both a nameserver online AND a proper authority record on that nameserver.
This is a direct result of NSI accepting applications for domains, and listing them, without checking for authoritative SOA records before issuing the records in the COM zone!
I'm apalled at these numbers. In general, DNS is so broken and polluted right now that anyone who wants to take cheap shots at the eDNS system had better clean up their own yard first.
The huge majority of eDNS registrars verify SOA and authority records before allowing the zone to issue. I know that we do here, and I was shocked at the number of bogus registrations that I had seen over the last few months.
Now that I've actually studied the existing .COM zone, I'm no longer astonished. What blows me away is the apparent fact that this large of a percentage of the data out there is absolute trash, and nobody has cleaned up the yard.
BTW, "entropy" doesn't explain this. 7 out of 8 registrations in COM are less than 18 months old according to NSI.
-- -- Karl Denninger (karl@MCS.Net)| MCSNet - The Finest Internet Connectivity http://www.mcs.net/~karl | T1's from $600 monthly to FULL DS-3 Service | 99 Analog numbers, 77 ISDN, Web servers $75/mo Voice: [+1 312 803-MCS1 x219]| Email to "info@mcs.net" WWW: http://www.mcs.net/ Fax: [+1 312 803-4929] | 2 FULL DS-3 Internet links; 400Mbps B/W Internal