Joe Abley wrote:
Well, let's rephrase that. Anyone can't get a TLD zone?
While there are many smaller TLD zones that don't get updated very often and which have wide-open AXFR to all and sundry, I'm betting that the majority of zones that people on this list care about either update sufficiently rapidly that zone synchronisation is non-trivial, or have zone transfer restrictions in place, or both.
It has been some years since I had to worry about these issues wearing a Nominet hat, but I would say that for majority of well-managed TLD operators, data mining is a very serious concern. There have various incidents in the past where squatters, scammers or spammers have made strenuous efforts to reverse-engineer registry data for their own ends. Sometimes even significant technical prevention is not enough, and legal remedy is also required. Restricting AXFRs is only the most entry-level counter-measure against such abuses. My understanding is that best TLD registry practice is to only allow AXFRs to boxes which are either under control of or contract to the registry, or at the very least to a 3rd parties with whom a restricted redistribution agreement is in place. Keith