On 7/8/19 10:13 AM, Ted Lemon wrote: > Notice: This email is from an external sender. > > > > On Jul 8, 2019, at 1:04 PM, Michael J. Sheldon <mshel...@godaddy.com > <mailto:mshel...@godaddy.com>> wrote: >> Neither solution >> is good, and the second one, while probably justifiable, does not feel >> "legit" to me, and results in longer-term data maintenance issues. > > So this is a former customer who stopped paying but still has a valid > registration? This seems like it would be straightforward to automate. > I think it’s legit to configure your server to answer authoritatively > for the zone as long as the delegation exists. >
I agree it's somewhat legit to answer for it, but it's a literal maintenance nightmare when you're dealing with a very large number of zones. Things like that tend to get put in place, then never removed. And it still leaves the issue that recursives should not just keep hammering the lame delegations when they've gotten a REFUSED response. That is a definitive legitimate response, and should be honored for a reasonable period of time. -- Michael Sheldon Dev-DNS Services GoDaddy.com _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
