> Not if connections are throttled/rate-limited.. If each connection can > only make X connections per second, where X is chosen so that the X = > physical capacity of Verisign register divided by the total number of > connections, the problem is solved completely. The throttling can occur > in 2 ways: >
This will solve the load on the server, but it does not reduce the effectively infinate demand. > 1) enforced at the server level (by Verisign) <snip> > 2) enforced at the client level. This can be done in two ways: > > b) Good neighbour method: "ask" that registrars don't submit requests > faster than X per second per connection. Any registrar found to be > breaking the rules is sent to the penalty box, with a high enough > penalty to avoid cheating. > > Preferably, it would be implemented at the server level, thus taking > away any incentive to play games at the registrars. I prefer the good neighbor method, but with an automated server based penalty incurred by infractions (Which turned into #1). If a registrar is using more then their share of the pie in terms of number of connections, for every connection they try to make beyond what they are allowed, deduct one from the number of connections they are allowed to have. If they are hammering one name over and over, introduce a timeout penalty (Starting at one second, getting incrementally longer) each time you receive another query for that name. During this timeout, ALL registration attempts from the registrar would be delayed. Let their entire business grind to a halt for 30 or 60 seconds in the middle of the daily drop and I bet they'll be a more friendly neighbour next time, without giving Verisign some huge cash payoff, which is about the only other penalty you can use. -- The nice thing about standards, there is enough for everyone to have their own.
