On Mon, 21 February 2000, bmanning@vacation.karoshi.com wrote:
Yes there are interesting scoping issues. Yes there are concerns wrt evil people and tolerent applications. But this tactic clearly puts the onus on the people in control of the useage, not some centralized repository.
That sounds great, except the time when WHOIS is most important is when the contact has totally screwed up their site and can't be reached by any in-band network. The nice thing about WHOIS is it tends to be out-of-band with respect to most screw-ups. The notable exception is when NSI screws-up. The open question is why can RIPE get people to put good data in their database, and NSI can't manage to keep the little correct data they have uncorrupted?
Behalf Of Sean Donelan Sent: Monday, February 21, 2000 1:22 PM
On Mon, 21 February 2000, bmanning@vacation.karoshi.com wrote:
Yes there are interesting scoping issues. Yes there are concerns wrt evil people and tolerent applications. But this tactic clearly puts the onus on the people in control of the useage, not some centralized repository.
That sounds great, except the time when WHOIS is most important is when the contact has totally screwed up their site and can't be reached by any in-band network. The nice thing about WHOIS is it tends to be out-of-band with respect to most screw-ups. The notable exception is when NSI screws-up.
The open question is why can RIPE get people to put good data in their database, and NSI can't manage to keep the little correct data they have uncorrupted?
Because RIPE actually cares? All of the RIPE registries are enjoined to keep the data pure and RIPE checks it. NSI, OTOH, doesn't find out about bad contact data until the bill is due for payment. However, it is almost invariably true that the Billing Contact info is accurate. Ergo, they may not even find out at the next billing cycle (two-years, for the first cycle and annualy after that). RIPE actually ENFORCES data integrity.
On Mon, 21 Feb 2000, Roeland M.J. Meyer wrote:
Behalf Of Sean Donelan
Because RIPE actually cares?
All of the RIPE registries are enjoined to keep the data pure and RIPE checks it. NSI, OTOH, doesn't find out about bad contact data until the bill is due for payment. However, it is almost invariably true that the Billing Contact info is accurate. Ergo, they may not even find out at the next billing cycle (two-years, for the first cycle and annualy after that).
RIPE actually ENFORCES data integrity.
I know that at least in the case of RIPN.NET (who handles .RU (Russian) domains), they also enforce that the DNS servers in the registration actually respond, and that the NS records match that which was put in the registration, that the DNS servers are on different networks, AND they test periodically (once a month I think), not just when you register. Of course they deal in a very different volume than NSI. And as far as the contact info is concerned, for 2-nd level domains at least, they require your passport number, so it's pretty darn accurate usually, though only in Russia can they get away with such invasion of privacy IMHO... Grisha
"Roeland M.J. Meyer" <rmeyer@mhsc.com> wrote:
Behalf Of Sean Donelan Sent: Monday, February 21, 2000 1:22 PM
On Mon, 21 February 2000, bmanning@vacation.karoshi.com wrote:
Yes there are interesting scoping issues. Yes there are concerns wrt evil people and tolerent applications. But this tactic clearly puts the onus on the people in control of the useage, not some centralized repository.
That sounds great, except the time when WHOIS is most important is when the contact has totally screwed up their site and can't be reached by any in-band network. The nice thing about WHOIS is it tends to be out-of-band with respect to most screw-ups. The notable exception is when NSI screws-up.
The open question is why can RIPE get people to put good data in their database, and NSI can't manage to keep the little correct data they have uncorrupted?
Because RIPE actually cares?
All of the RIPE registries are enjoined to keep the data pure and RIPE checks it. NSI, OTOH, doesn't find out about bad contact data until the bill is due for payment. However, it is almost invariably true that the Billing Contact info is accurate. Ergo, they may not even find out at the next billing cycle (two-years, for the first cycle and annualy after that).
RIPE actually ENFORCES data integrity.
I can attest to this personally. It took about two weeks of constant coordination to get our DNS provider authoritative for a .de domain. It was in the end successful, but the process those folks follow is impressive. They are VERY thorough (to the point of checking the ttl and rejecting the change if it falls outside their guidelines). Very thorough...and that's not a bad thing! -ls-
Sean Donelan wrote:
On Mon, 21 February 2000, bmanning@vacation.karoshi.com wrote:
Yes there are interesting scoping issues. Yes there are concerns wrt evil people and tolerent applications. But this tactic clearly puts the onus on the people in control of the useage, not some centralized repository.
That sounds great, except the time when WHOIS is most important is when the contact has totally screwed up their site and can't be reached by any in-band network. The nice thing about WHOIS is it tends to be out-of-band with respect to most screw-ups. The notable exception is when NSI screws-up.
Not exactly out-of-band, as it requires the network to be up to special servers, which are notoriously single points of failure. Meanwhile, Bill's proposal _is_ out-of-band to the addressed destination, so long as they have an off-site DNS secondary. I like Bill's proposal a lot, except that the speed of propagation is kinda slow. Look how fast DNSsec has been deployed :-(
The open question is why can RIPE get people to put good data in their database, and NSI can't manage to keep the little correct data they have uncorrupted?
Which is one of the reasons that I proposed the Operators version of OpenWhois, as these will be the ones we've needed to use, and thus will be kept more up-to-date. (At least we can pressure the smaller set of miscreants directly.) Unlike NSI, we'd have an incentive to keep the data up-to-date, as our focus is keeping the network going, rather than raking in one time charges. That's why I like a central repository. Verification is also in one place. So, I think we need both -- whois and DNS contacts. I expect that RIPE also exerts some leverage, but have never asked.... Or many Europeans are just better behaved than Yankees? WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
On Mon, 21 February 2000, bmanning@vacation.karoshi.com wrote:
Yes there are interesting scoping issues. Yes there are concerns wrt evil people and tolerent applications. But this tactic clearly puts the onus on the people in control of the useage, not some centralized repository.
That sounds great, except the time when WHOIS is most important is when the contact has totally screwed up their site and can't be reached by any in-band network. The nice thing about WHOIS is it tends to be out-of-band with respect to most screw-ups. The notable exception is when NSI screws-up.
See DNS slaves w/ long timeouts. :)
The open question is why can RIPE get people to put good data in their database, and NSI can't manage to keep the little correct data they have uncorrupted?
'cause change control is tied up in legalities? 'cause the databases are too large/centralized? ... :)
participants (6)
-
bmanning@vacation.karoshi.com
-
grisha@verio.net
-
Larry Snyder
-
Roeland M.J. Meyer
-
Sean Donelan
-
William Allen Simpson