[72414] in North American Network Operators' Group
Re: VeriSign's rapid DNS updates in .com/.net
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Sat Jul 10 23:05:09 2004
Date: Sun, 11 Jul 2004 04:04:34 +0100 (BST)
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: "David A.Ulevitch" <davidu@everydns.net>
Cc: nanog@merit.edu
In-Reply-To: <B7552EF8-D2B4-11D8-AFC7-000393DC735E@everydns.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, 10 Jul 2004, David A.Ulevitch wrote:
> It also means that changes can be made to host records quickly which is
> important for people who don't plan well or have unexpected changes
> that they want propagated.
>
> I'm appreciative of this change -- but fyi, they aren't the only TLD
> operators doing this, there are quite a few doing near-instant changes
> to their respective zones.
.biz, .info etc do this as well.
It is an excellent policy, and a convenient thing not to wait several
hours for your new .com domain to appear online immediately.
The disadvantage is, of course, that several abusers who register domains
at a rapid clip with these two tlds, setting < 1 minute TTL on these and
pointing these domain names to IPs that are basically compromised boxes or
virus infected boxes, will now also start using .com / .net
There should be some way of fixing this, like requiring registrars to do
more due diligence when registering domains, maybe, and some better /
faster procedures to take down [say] phisher domains with fake contact
info. Well yes, there is already a process, but it could sure do with
more streamlining.
regards
--srs