Below. — John Bambenek
On July 1st, 2019, my DGA feeds are converting to a CC-BY-NC-SA 4.0 license which means commercial use will require a license. Contact sa...@bambenekconsulting.com for details On Jul 9, 2019, at 19:13, Paul Vixie <p...@redbarn.org> wrote: >> On Tuesday, 9 July 2019 21:56:49 UTC John Bambenek wrote: >> How would having an SRV record and an entirely different (currently >> undeveloped) service help the situation? > > whois and rdap servers are a dime a dozen. i can run one for all of my > domains, and put it behind a rate limiter to make life harder for scrapers. > The reason scraping and rate-limiting make sense with registry operates servers is because scrapers want to query the whole portfolio. In this scenario, the attacker only queries your record once and has what he needs to move on to next domain. Any rate limit beyond 0 doesn’t protect you. And if you run DNS Auth, don’t have the ability to rate limit today? >> If its a question of query logs, the consequence of putting any service >> (smtp, web, slack) in the hands of a third-party is they need to provide >> that (if you pay them) or you don’t get it. Why should this service be >> special in that regard? > > it contains my PII. 1) So can smtp, web, and most certainly slack. 2) If you use role-based contacts, it is not PII by definition. > > -- > Paul > > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop