[62254] in North American Network Operators' Group
Re: Root Server Operators (Re: What *are* they smoking?)
daemon@ATHENA.MIT.EDU (Paul Vixie)
Wed Sep 17 01:13:55 2003
From: Paul Vixie <paul@vix.com>
To: nanog@merit.edu
In-Reply-To: Message from william@elan.net
of "Tue, 16 Sep 2003 19:08:25 MST."
<Pine.LNX.4.44.0309161904460.27427-100000@sokol.elan.net>
Date: Wed, 17 Sep 2003 05:07:04 +0000
Errors-To: owner-nanog-outgoing@merit.edu
> Can you also program something to do this for all root zones,
> i.e. something like 'zone ".*" { type deligation-only; };'
no. not just because that's not how our internal hashing works, but
because "hosted" tld's like .museum have had wildcards from day 1 and
the registrants there are perfectly comfortable with them. there's
no one-policy-fits-all when it comes to tld's, so we would not want
to offer a knob that tried to follow a single policy for all tld's.
> And make it default configuration for new bind releases...
never. not for your example, nor for any set of tld's. the default for
bind will be what it's always been -- to respect the autonomy of the
zone administrator/publisher. overriding that autonomy has to be a
local act by a local name server administrator who is fully conscious of
the impact of their configuration change. once, with "check-names", isc
was accused of "legislating from the bench". never again.
