delegation-only can break .name

Jeremy_Powell at sbcss.k12.ca.us Jeremy_Powell at sbcss.k12.ca.us
Fri Oct 10 15:13:00 UTC 2003 

Isn't this what the excludes part of the
root-delegation-only is meant for.  However,
I have wondered since the introduction of
root-delegation-only why it did not default
to none with an include list rather than
default to all with an exclude list?

Jeremy Powell

> -----Original Message-----
> From: Aage Strand [mailto:astrand at gnr.com]
> Sent: Friday, October 10, 2003 7:32 AM
> To: bind-suggest at isc.org
> Cc: bind-users at isc.org; bind9-users at isc.org
> Subject: delegation-only can break .name
>=20
>=20
> Dear ISC,
>=20
> Recently, in response to the introduction of wildcard records=20
> for .com and
> .net, the ISC added functionality to BIND that modifies some=20
> answers given
> by name servers to NXDOMAIN responses. It turns out that=20
> certain ISPs and
> other DNS server operators have not deployed this patch on a
> necessity-only basis. As a result, certain services supplied=20
> by operators
> of TLD servers are experiencing operational issues.
>=20
> The .name gTLD works by allowing a user to register the address
> firstname at lastname.name. Currently, MX records for lastname.name are
> issued by the authoritative .name servers. This is part of=20
> the original
> agreement between the .name operator and ICANN, and can be read here:
>=20
> http://www.icann.org/tlds/agreements/name/registry-agmt-appc-1
> -8aug03.htm#d
>=20
> Anyone who configures the .name zone as delegation-only, or fails to
> exclude .name from their root-delegation-only configuration,=20
> is currently
> blocking email to any address of the type=20
> firstname at lastname.name. This
> includes ALL people who have registered their .name email-forwarding
> address.
>=20
> We recommend that the root-delegation-only functionality be=20
> removed from
> future versions of BIND, and that delegation-only functionality be
> deployed by DNS operators on a strict necessity-only basis. We suggest
> that users be given a clear warning of the possible=20
> consequences of using
> this configuration, possibly with warnings in the logs and/or=20
> warnings on
> start-up of BIND.
>=20
> We kindly ask that the ISC take reasonable measures to inform BIND
> operators of the need to exclude the .name gTLD from any=20
> delegation only
> functionality. Any additional steps that can be taken to=20
> inform operators
> that have downloaded this specific patch would be much appreciated.
>=20
> This sample query against the ISC resolving name server clearly
> demonstrates the consequences for .NAME customers if ISPs deploy the
> delegation-only functionality without excluding the .NAME zone:
>=20
> $ dig @204.152.184.76 smith.name mx
>=20
> ; <<>> DiG 9.2.1 <<>> @204.152.184.76 smith.name mx
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63359
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>=20
> ;; QUESTION SECTION:
> ;smith.name.			IN	MX
>=20
> ;; Query time: 2699 msec
> ;; SERVER: 204.152.184.76#53(204.152.184.76)
> ;; WHEN: Fri Oct 10 15:29:30 2003
> ;; MSG SIZE  rcvd: 28
>=20
>=20
>=20
> Best Regards,
> Aage Strand
>=20
>=20
> --=20
> Aage Strand
> Development Manager
> Global Name Registry Ltd.
>=20
> Information contained herein is Global Name Registry Proprietary
> Information and is made available to you because of your=20
> interest in our
> company. This information is submitted in confidence and its=20
> disclosure=20
> to you is not intended to constitute public disclosure or=20
> authorization=20
> for disclosure to other parties.
>=20
>=20
>=20
>=20


_________________________________________________________________________=
________

Statement of Confidentiality:  The contents of this e-mail message and =
any attachments are intended solely for the addressee.  The information =
may also be confidential and/or legally privileged.  This transmission =
is sent for the sole purpose of delivery to the intended recipient.  If =
you have received this transmission in error, any use, reproduction, or =
dissemination of this transmission is strictly prohibited.  If you are =
not the intended recipient, please immediately notify the sender by =
reply e-mail, send a copy to postmaster at sbcss.k12.ca.us and delete this =
message and its attachments, if any.

E-mail is covered by the Electronic Communications Privacy Act, 18 USC =
SS 2510-2521 and is legally privileged. =20

Date Sent (d/m/yy): 10/10/2003  -  Sender: Jeremy_Powell at sbcss.k12.ca.us

More information about the bind-users mailing list