On Saturday, 4 April 2020 06:59:30 UTC Ralf Weber wrote: > ... > > I actually agree with you that most domains are bad and especially that > most > new domains are bad. But from my experience takedown on authorities > takes so > long (weeks and months) that the additional NS TTL doesn’t really > matter.
that analysis compresses and loses information about outcomes. where takedown is effective, and some registrars and some registries are good at it, we need to ensure that their goodness isn't shaded out by NS TTL. in a world where NS TTL doesn't matter, there is less incentive for a registrar or a registry to invest in become a good actor. we must not equate babies with bathwater in our aspirations. > If you want to react to bad domains it has to be at the resolver level, > as > you there can react fast and have full control. I’ve been doing this > now for > over a dozen years, even before RPZ was a thing. see above. (i won't get into who did what first.) -- Paul _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
