* From: Luke Besson * Date: Thu Oct 19 08:54:47 2006 I work for a big French ISP and I manage the DNS architecture (based on Linux+Bind); Golog proposed to our society the DNS redirect service (redirect all the not existant domains according to marketing criteria). Even if our marketing team would like to join this solution, our technical team opposes hardly to such a not-standard implementation of the DNS. Can you suggest me any objective reason in order to invalidate this proposal?
This is a network autonomy issue. What occurs inside the provider edge related to routing and applications is the responsibility of the provider and they have the right to modify answers or routes in their networks, even if they are not "theirs". There is some "holy grail" you should consider, like making sure that etrade.com is etrade.com, the legitimate IP/trademark holder. The questions to ask yourself as an organization are something like this: a) is there enough revenue here to consider? b) is someone else going to capture revenue between my customer and myself if I don't? c) will this break my network or the networks of others? If you can answer the first two yes, the third is worth trying to make "no". -M< -- Martin Hannigan (c) 617-388-2663 Renesys Corporation (w) 617-395-8574 Member of Technical Staff Network Operations hannigan@renesys.com
What would a query result for a non-functioning domain look like? Or would this only apply to unregistered domains? Would a common user be able to distinguish between a domain that was registered, but for which DNS was not functioning, and one that was unregistered? If I were a user, and forgot to renew a domain, would it immediately go into this pool when it expired - thus presenting all of the potential viewers not with an DNS error message, but someone else's advertising? If I ran utilities and services which expected to obtain a different response, depending on whether a DNS query was successfully resolved, what would happen to them? How would, say, SMTP servers which rejected hosts for which no valid DNS could be determined, behave as a result of this set up - would mail no longer be rejected if it came from evilspammer@adfasdfjjlasdfafdkasdf.com? How about programs designed to time out when DNS lookups failed... etc. etc. There are a whole host of issues that emerge when you deliberately and consciously "break" DNS this way... if golog has answers to these questions, it might be interesting to hear them... ... finally, why go through all this hassle for what has to be an utterly trivial amount of money resulting from people being presented with something totally unexpected and clicking on a link therein... how valuable are these people as customers? I can't imagine much... Thomas Martin Hannigan wrote:
* From: Luke Besson * Date: Thu Oct 19 08:54:47 2006 I work for a big French ISP and I manage the DNS architecture (based on Linux+Bind); Golog proposed to our society the DNS redirect service (redirect all the not existant domains according to marketing criteria). Even if our marketing team would like to join this solution, our technical team opposes hardly to such a not-standard implementation of the DNS. Can you suggest me any objective reason in order to invalidate this proposal?
This is a network autonomy issue. What occurs inside the provider edge related to routing and applications is the responsibility of the provider and they have the right to modify answers or routes in their networks, even if they are not "theirs".
There is some "holy grail" you should consider, like making sure that etrade.com is etrade.com, the legitimate IP/trademark holder.
The questions to ask yourself as an organization are something like this:
a) is there enough revenue here to consider?
b) is someone else going to capture revenue between my customer and myself if I don't?
c) will this break my network or the networks of others?
If you can answer the first two yes, the third is worth trying to make "no".
-M<
-- Martin Hannigan (c) 617-388-2663 Renesys Corporation (w) 617-395-8574 Member of Technical Staff Network Operations hannigan@renesys.com
At 06:53 PM 10/19/2006, Thomas Leavitt wrote: Hi Thomas! [ snip ]
... finally, why go through all this hassle for what has to be an utterly trivial amount of money resulting from people being presented with something totally unexpected and clicking on a link therein... how valuable are these people as customers? I can't imagine much...
a) is there enough revenue here to consider?
This isn't something that's so easy to determine, but golog and others must have a financial model in order to be pursuing it. Here's a visionary article related to this topic, but at the root server level, even more of a delicate issue, but with the same principles as the one we're discussing: http://www.circleid.com/posts/techies_wanna_do_policy/ And this article shows the convenience of falling back on standards when they serve your purpose: http://www.circleid.com/posts/paul_vixie_on_fort_nocs/ YMMV: Best Regards, Martin -- Martin Hannigan (c) 617-388-2663 Renesys Corporation (w) 617-395-8574 Member of Technical Staff Network Operations hannigan@renesys.com
On Friday 20 Oct 2006 00:35, you wrote:
Here's a visionary article related to this topic, but at the root server level, even more of a delicate issue, but with the same principles as the one we're discussing:
No this is the difference between impersonation, and service. I think one problem is that IANA doesn't have a "brand name", so when you buy an Internet connection you aren't told you are getting an IANA DNS, that is assumed. The interesting question is whether that is sustainable if a lot of ISPs provide a non-IANA DNS service. There may be an argument for saying that "non IANA DNS" services can't be described as "Internet services", but that is an issue for ICANNs lawyers.
Karl was so wrong on the F root-server issue. Paul asserted no new right, most companies and organisation would act legally against impersonators of their products and services, Paul is merely asserting he believes IANA (or the ISC since it is their address space) would do the same. Let us assume, for the moment at least, that the ISC will do what Paul thinks is the correct thing to do! There is a HUGE difference between providing a modified DNS service to ones consenting clients, and subverting the Internet experience in such a way that clients find that systems clients are talking to, are fakes.
And this article shows the convenience of falling back on standards when they serve your purpose:
The only standards fallen back on, are an assertion that there are standards root server operators must adhere to, or lose their role. That is a statement of fact -- although one might argue as to whether one could effectively enforce these standards -- bringing facts, and expertise, to the debate is why you want people like Paul involved.
participants (3)
-
Martin Hannigan
-
Simon Waters
-
Thomas Leavitt