[62725] in North American Network Operators' Group
Re: VeriSign SMTP reject server updated
daemon@ATHENA.MIT.EDU (Eric A. Hall)
Sun Sep 21 13:17:29 2003
Date: Sun, 21 Sep 2003 12:14:24 -0500
From: "Eric A. Hall" <ehall@ehsco.com>
To: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
Cc: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>,
nanog@nanog.org
In-Reply-To: <Pine.LNX.4.44.0309211657210.27145-100000@serv1.thn>
Errors-To: owner-nanog-outgoing@merit.edu
on 9/21/2003 12:00 PM Stephen J. Wilcox wrote:
>> At this point, I think we're on the verge of having multiple
>> (different) namespaces, which is extremely dangerous. At the same
>> time, the arguments against multiple roots are pretty much going out
>> the window.
>
> Not at all, the problem is with .com and .net ... you arent seriously
> going to use an alternative root using someone elses .com/.net zones
> surely..
I'm not advocating it, just pointing out the inconsistency that is exposed
by this practice.
On the one hand, we've got different servers returning different kinds of
data for domains under com/net, depending on whether they are using a
workaround or not (some give A or NODATA, others give NXDOMAIN). The
namespace is inconsistent.
Meanwhile, the argument against multiple roots (at the high level) is that
the namespace becomes inconsistent.
I don't see any substantitive difference at the high level of the debate.
Sure there are other substantitive differences -- workarounds are
contained to an administrative scope (until you consider the impact of
cached glue data, anyway) -- but not at the high level.
This is something VeriSign has invited. Just like when they post queries
about fixing mail servers that were broken by their own deployment.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
