On Mon, Aug 20, 2001 at 11:58:37PM -0700, William X Walsh wrote:
> Monday, Monday, August 20, 2001, 11:20:48 PM, John Payne wrote:
>
> > Where is the proof that they're using it responsibly? All I see is
> > Verisign saying "we're not releasing any domains" on one hand, and on
> > the other "if you pay us $79 we'll get you this domain".
>
> > How can Verisign say that they oppose registrars constantly trying to
> > get dropped domains when they are endorsing a service that claims that
> > they monitor activity 24 hours a day, 7 days a week?
>
> They aren't saying that at all. What they are saying is that they are
> technically unable to handle the load generated by the registrars who
> are engaging in mass connections in order to achieve these activities
> (its really just a couple registrars, and not one that Snapnames uses
> and there is nothing to indicate that snapnames contributes to it in
> any way), and that until they can, the only way to eliminate the
> activity is to stop dropping names all together.
Who do Snapnames use? You imply they use one... DomainGuides whoever
says a network of registrars. How do either of you know?
> I don't agree with them that it is the only way to stop it, nor the
> best way to stop it, but that's another discussion altogether.
>
> I does put a dent in Snapnames' business model, something I don't
> consider to be a "bad thing" really :)
Neither do I... *if* it has. Verisign are *still* sending people
to snapnames for domains that have *already* expired, and don't appear
in any whois except networksolutions.com.
> > Where were the *technical* enforcements of that rule? Building a system
> > to limit connections based on what I hope is a combination of IP and
> > other authentication mechanisms is *not* rocket science. Registrar
> > starts opening lots and lots of connections? They should start getting
> > dropped or refused... and if the abuse continues... "oops, there goes
> > your access for the rest of the day". Its called common sense.
>
> The problem isn't quite so simple. First of all the registrar
> agreements don't permit the kind of drastic action you propose at the
> end.
If the agreements don't include a clause for modifying the technicalities
of the agreement, then it hasn't been through Verisign's legal team.
> Secondly, even if the connections are not getting a response, they can
> still flood the connections with just the repetitive attempts that
> will occur rapidly until they DO get accepted. And the traffic alone
> will slow down the ability of other registrars to open connections.
Nope... its not difficult to push the rejection out to a border router
or firewall. I'm *not* talking about rejecting the connections on the
registry servers themselves.
> It's really not as simple as you want to make it out.
Yes, it is.
> > There is only one party to hold blame for any registery performance or
> > scale issues. I won't bother mentioning their name again, as I get
> > tired of typing Verisign. Oooops
>
> I agree, this was a result of poor planning. Do you have any
> practical solutions to suggest?
Yes, lets get rid of Verisign who have proved time and time again that
they're not up to the task of running the registry.
--
John Payne http://sackheads.org/jpayne/ [EMAIL PROTECTED]
http://sackheads.org/uce/ Fax: +44 870 0547954
To send me mail, use the address in the From: header
