Re: [policy] When Tech Meets Policy...
David Schwartz wrote: That doesn't make anything criminal or fraud any more than free samples. If a registrar wants to give a refund, I don't see anything wrong with that. It is certainly fraud to take an entire pile of free samples. can you cite how that law reads? Oddly enough I am in possession of 20+ fee samples that were the left overs from a hand out, and I was cleaning up the place. pretty sure I did not break any laws. I know that isn't what you meant, but it is what you said. One of the tricky parts about law is defining it. If you can't define it, it is really hard to make it illegal. > Domain tasting is more like buying a plasma TV to watch the big game and then returning it to the store on Monday. Which is also like buying a TV and not being satisfied with it and making use of the sores generous return policy. pretty sure not fraud. However, when it's as blatant and obvious as it is now (more tasted domains than legitimate registrations), and no policies are made to stop it despite it being so easy to do so I don't think it is "so easy." (simply limit the number of refunded domains to 10% of registrations I don't know what you mean. > or charge a 20 cent fee for refunded domains), Didn't someone already shoot this down? something about consumer protection. you can argue that it's now an understood and accepted practice. don't have to. It's not fraud if both parties know it's going to happen, can easily act to stop it, and neither one chooses to. um, not fraud?
RE: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, David Schwartz wrote: > > > > That doesn't make anything criminal or fraud any more than free > > samples. If a > > registrar wants to give a refund, I don't see anything wrong with that. > > It is certainly fraud to take an entire pile of free samples. Domain tasting > is more like buying a plasma TV to watch the big game and then returning it > to the store on Monday. and there's a way stores that care fix this problem: restock fee. Also, this is a store-by-store policy, not 'all stores world wide, despite their laws in-country' policy. The difference is more than subtle. > > However, when it's as blatant and obvious as it is now (more tasted domains > than legitimate registrations), and no policies are made to stop it despite > it being so easy to do so (simply limit the number of refunded domains to > 10% of registrations or charge a 20 cent fee for refunded domains), you can > argue that it's now an understood and accepted practice. > I think that this won't get fixed unless ICANN changes the policy...Registries don't have any incentive to fix things until then, and registrars aren't going to get to changing something that's making them money are they? -Chris
Re: [policy] When Tech Meets Policy...
On Aug 14, 2007, at 12:19 AM, Paul Ferguson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was just struck by a couple of statistics: [snip] In January 2007, according to PIR five registrars deleted 1,773,910 domain names during the grace period and retained 10,862. That same month, VeriSign reported that among top ten registrars, 95% of all deleted .COM and .Net domain names were the result of domain tasting. So, if they charged a $ 1 "return fee," they would either - produce revenues of several million USD per month (unlikely) or - cut domain tasting by about 2 orders of magnitude. This seems like one problem with a simple solution. I am sure that someone will rapidly tell me why it won't work, but in an era when an airline will charge you $ 40 to $ 200 USD to correct a typo, I don't see why this is excessive. Regard Marshall [snip] http://www.informationweek.com/management/showArticle.jhtml? articleID=20150 0223 Having said that, Jay Westerdal mentioned on Sunday that: [snip] Today was the largest Domain Tasting day ever. We recorded over 8 Million Transactions today. This is a new high. We have never seen 8 Million transactions on one day before. That would be either an add or delete. Over 99 percent of these transactions are completely free and use the 5 day grace period to test domain names for traffic before they are purchase for a long term buy. [snip] http://blog.domaintools.com/2007/08/biggest-domain-tasting-day-ever/ Although I'm not sure all of that 8M+ were actual "tasted", it does represent an astronomical number of registrations. Just a couple of data points. - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.2 (Build 2014) wj8DBQFGwPUBq1pz9mNUZTMRAlumAKD6t0AQS050YRaaxCqYomMWPDP6NgCgmSFO Frvz42ZtnHXYaRQ8hgXK4LA= =bvP6 -END PGP SIGNATURE- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, Douglas Otis wrote: > > > On Aug 13, 2007, at 2:01 PM, Carl Karsten wrote: > > > I am not sure tasting is criminal or fraud. > > Tracking domain related crime is hindered by the millions of domains > registered daily for "domain tasting." Unregistered domains likely > to attract errant lookups will not vary greatly from unregistered > domains useful for phishing. The large flux in domain names > significantly inhibits anti-phishing efforts. maybe I'm just thick, but how exactly does tastinng inhibit anti-phishing efforts? There are several studies that show no matter the content of the URL or displayed URL people still click on the links in email... So, whether its 'bankofamerica.com' or 'banksofamericas.com' isn't really relevant to the clickers :( Phishing seems like the current 'bad thing' that people want to use as a hammer against all perceived badness, even where it doesn't seem to fit. > > Although some may see delays in publishing as problematic, often > domain facilitated crime depends upon the milli-second publishing > rapidity used to evade protective strategies. A publishing process > that offers notification will allow protection services a means to > stay ahead of criminals. Exceptions could be granted on an exigent > or emergency basis, where of course additional fees might be required. > I agree that some sort of 'expedite' fee would be fine, I'm not sure I like the 'notification service' though... what if I have a new product launch I need to protect PR-wise? why would I want to release that anytime before the launch date/time? -Chris
Re: [policy] When Tech Meets Policy...
Douglas Otis wrote: On Aug 13, 2007, at 2:01 PM, Carl Karsten wrote: I am not sure tasting is criminal or fraud. Tracking domain related crime is hindered by the millions of domains registered daily for "domain tasting." Unregistered domains likely to attract errant lookups will not vary greatly from unregistered domains useful for phishing. The large flux in domain names significantly inhibits anti-phishing efforts. doesn't make it criminal or fraud, unless you can prove the intent was to hinder law enforcement. good luck with that. Although some may see delays in publishing as problematic, often domain facilitated crime depends upon the milli-second publishing rapidity used to evade protective strategies. A publishing process that offers notification will allow protection services a means to stay ahead of criminals. Exceptions could be granted on an exigent or emergency basis, where of course additional fees might be required. "exigent or emergency" sounds like someone would have to approve/deny the request. One of 2 things will have to happen: 1) spikes in number of requests per day will overwhelm the staff, and "emergency" requests will go unanswered for days. 2) a huge staff will have to be paid to be standing by and normally not doing anything, just to cover the spikes. and the chance of only having just enough to cover the spikes is slim to none, so either #1 will happen anyway, (just not as often) or the staff will be extra huge such that it is always underulitized, even during the highest spikes. Just as background checks are normally part of the hand gun trade, a background check should be normally part of the domain trade. see my other post (doesn't scale) Many are deceived by "cousin" domains frequently used in crimes netting billions in losses. Money garnered by capturing errant domain entries can not justify criminal losses that are likely to have been otherwise prevented. Domain tasting is worse than a disgrace. you lost me on this one. This is sounding like "People Vs Larry Flint" where he says "you don't have to like my magazine, but you do have to let me publish it." I am not saying tasting is a free speech thing, but I do see it as something currently legal, and don't see a way to make it a crime without adversely effecting the rest of the system. For domains to play any role in securing email, a published MX record should become a necessary acceptance requirement. Using MX records also consolidates policy locales which mitigates some DDoS concerns. I think it is too late to try to reform e-mail. but I am curious how you think this would be implemented in the existing system. Carl K
RE: [policy] When Tech Meets Policy...
> That doesn't make anything criminal or fraud any more than free > samples. If a > registrar wants to give a refund, I don't see anything wrong with that. It is certainly fraud to take an entire pile of free samples. Domain tasting is more like buying a plasma TV to watch the big game and then returning it to the store on Monday. However, when it's as blatant and obvious as it is now (more tasted domains than legitimate registrations), and no policies are made to stop it despite it being so easy to do so (simply limit the number of refunded domains to 10% of registrations or charge a 20 cent fee for refunded domains), you can argue that it's now an understood and accepted practice. It's not fraud if both parties know it's going to happen, can easily act to stop it, and neither one chooses to. DS
Re: [policy] When Tech Meets Policy...
On 8/14/07, Carl Karsten <[EMAIL PROTECTED]> wrote: > > That doesn't make anything criminal or fraud any more than free samples. If a > registrar wants to give a refund, I don't see anything wrong with that. > As John Levine once said - its like running a wholesale ketchup business by picking up all the tiny plastic packets of ketchup at fast food stores .. -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: [policy] When Tech Meets Policy...
On Aug 13, 2007, at 2:01 PM, Carl Karsten wrote: I am not sure tasting is criminal or fraud. Tracking domain related crime is hindered by the millions of domains registered daily for "domain tasting." Unregistered domains likely to attract errant lookups will not vary greatly from unregistered domains useful for phishing. The large flux in domain names significantly inhibits anti-phishing efforts. Although some may see delays in publishing as problematic, often domain facilitated crime depends upon the milli-second publishing rapidity used to evade protective strategies. A publishing process that offers notification will allow protection services a means to stay ahead of criminals. Exceptions could be granted on an exigent or emergency basis, where of course additional fees might be required. Just as background checks are normally part of the hand gun trade, a background check should be normally part of the domain trade. Many are deceived by "cousin" domains frequently used in crimes netting billions in losses. Money garnered by capturing errant domain entries can not justify criminal losses that are likely to have been otherwise prevented. Domain tasting is worse than a disgrace. For domains to play any role in securing email, a published MX record should become a necessary acceptance requirement. Using MX records also consolidates policy locales which mitigates some DDoS concerns. -Doug
Re: [policy] When Tech Meets Policy...
J Bacher wrote: Carl Karsten wrote: That is, if you extend domains on credit w/o any useful accountability of the buyer and this results in a pattern of criminality then the liability for that fraud should be shared by the seller. I am not sure tasting is criminal or fraud. You got what you ordered. You used it. You pay for it. It's that simple. That doesn't make anything criminal or fraud any more than free samples. If a registrar wants to give a refund, I don't see anything wrong with that. It is not even close to that simple, Carl K
Re: [policy] When Tech Meets Policy...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was just struck by a couple of statistics: [snip] In January 2007, according to PIR five registrars deleted 1,773,910 domain names during the grace period and retained 10,862. That same month, VeriSign reported that among top ten registrars, 95% of all deleted .COM and .Net domain names were the result of domain tasting. [snip] http://www.informationweek.com/management/showArticle.jhtml?articleID=20150 0223 Having said that, Jay Westerdal mentioned on Sunday that: [snip] Today was the largest Domain Tasting day ever. We recorded over 8 Million Transactions today. This is a new high. We have never seen 8 Million transactions on one day before. That would be either an add or delete. Over 99 percent of these transactions are completely free and use the 5 day grace period to test domain names for traffic before they are purchase for a long term buy. [snip] http://blog.domaintools.com/2007/08/biggest-domain-tasting-day-ever/ Although I'm not sure all of that 8M+ were actual "tasted", it does represent an astronomical number of registrations. Just a couple of data points. - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.2 (Build 2014) wj8DBQFGwPUBq1pz9mNUZTMRAlumAKD6t0AQS050YRaaxCqYomMWPDP6NgCgmSFO Frvz42ZtnHXYaRQ8hgXK4LA= =bvP6 -END PGP SIGNATURE- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
RE: US transit providers with slightly better than average International connectivity?
How about Telia or T Systems or PCCW? All of those carriers are worthy of scrutiny. Roderick S. Beck Director of EMEA Sales Hibernia Atlantic 1, Passage du Chantier, 75012 Paris http://www.hiberniaatlantic.com Wireless: 1-212-444-8829. Landline: 33-1-4346-3209 AOL Messenger: GlobalBandwidth [EMAIL PROTECTED] [EMAIL PROTECTED] ``Unthinking respect for authority is the greatest enemy of truth.'' Albert Einstein. -Original Message- From: [EMAIL PROTECTED] on behalf of Sargun Dhillon Sent: Mon 8/13/2007 8:01 PM To: Drew Weaver; 'nanog@merit.edu' Subject: Re: US transit providers with slightly better than average International connectivity? Drew Weaver wrote: > How about to this IP? > > 62.150.200.10 > > > > -Original Message- > From: Sargun Dhillon [mailto:[EMAIL PROTECTED] > Sent: Monday, August 13, 2007 1:58 PM > To: Drew Weaver > Cc: 'nanog@merit.edu' > Subject: Re: US transit providers with slightly better than average > International connectivity? > > Drew Weaver wrote: > >> Howdy, I know with the trans-atlantic and trans-pacific connectivity >> being what it is these days that getting reliable (i.e. low latency < >> 200, low packet loss < 5% total round-trip) to countries such as AE >> and others is kind of a "shot in the dark". However, I wanted to ping >> the list and see if anyone has had 'better luck/worse luck' with >> particular transit providers. We're currently utilizing Time Warner >> Telecom, Level3, and Global Crossing as our transit partners and we're >> shopping for a fourth at this time, we would really like to find a >> transit provider with 'better' international presence. >> >> Any suggestions based on experience? >> >> Thanks, >> >> -Drew >> >> > As a test point let's try: 212.58.224.131 > That's the BBC. Posting traceroutes would be the best. Here is mine from > internap: > core1.t6-1-bbnet1.sje.pnap.net 0.0% 2895 2.1 21.3 1.9 1671. 101.6 > xe-1-3.r02.snjsca04.us.bb.gin.ntt.net 1.7% 2895 2.1 25.7 2.0 1301. 92.6 > xe-1-2.r03.snjsca04.us.bb.gin.ntt.net 0.8% 2895 2.2 25.5 2.0 1764. 108.7 > sjo-bb1-link.telia.net 0.0% 2895 2.3 15.3 2.1 1680. 109.5 > nyk-bb1-link.telia.net 0.2% 2895 73.8 86.1 73.7 1596. 101.4 > ldn-bb1-pos7-1-0.telia.net 0.0% 2895 143.1 155.5 141.8 1551. 100.4 > ldn-bb1-link.telia.net > ldn-bb1-link.telia.net > 9. ldn-b1-pos3-0.telia.net 0.0% 2895 144.9 163.2 141.8 1470. 99.8 > ldn-b1-link.telia.net > 10. siemens-118436-ldn-b1.c.telia.net 0.0% 2895 144.8 165.2 141.9 1470. > 106.4 > 11. 212.58.238.153 0.1% 2895 143.3 157.7 141.9 1386. 97.5 > 12. rdirwww-vip.thdo.bbc.co.uk 0.1% 2895 146.3 156.0 141.8 1636. 99.4 > > > -- > > Sargun Dhillon > deCarta > [EMAIL PROTECTED] > www.decarta.com > > > ATT: Success rate is 100 percent (5/5), round-trip min/avg/max = 200/203/208 ms Global Crossing: 283 msec SAVVIS: 245.461 msec QWEST: min/avg/max = 312/313/317 UUNET: 379 msec Level3: min/avg/median/max/mdev/stddev = 244/252.8/252/280/2.332/9.432 ms I just used the looking glasses to check latency -- Sargun Dhillon deCarta [EMAIL PROTECTED] www.decarta.com This e-mail and any attachments thereto is intended only for use by the addressee(s) named herein and may be proprietary and/or legally privileged. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this email, and any attachments thereto, without the prior written permission of the sender is strictly prohibited. If you receive this e-mail in error, please immediately telephone or e-mail the sender and permanently delete the original copy and any copy of this e-mail, and any printout thereof. All documents, contracts or agreements referred or attached to this e-mail are SUBJECT TO CONTRACT. The contents of an attachment to this e-mail may contain software viruses that could damage your own computer system. While Hibernia Atlantic has taken every reasonable precaution to minimize this risk, we cannot accept liability for any damage that you sustain as a result of software viruses. You should carry out your own virus checks before opening any attachment
Re: [policy] When Tech Meets Policy...
Ken Eddings wrote: At 4:32 PM -0400 8/13/07, Justin Scott wrote: Do people really not plan that far ahead, that they need brand new domain names to be active (not just reserved) within seconds? I can say from my experience working in a web development environment, yes. I can recall several cases where we needed to get a domain online quickly for one reason or another. Usually it revolves around the marketing department not being in-touch with the rest of the company and the wrong/misspelled domain name ends up in a print/radio/tv ad that is about to go to thousands of people and cannot be changed. We end up having to go get the name that is in the ad and get it active as quickly as possible. Been there. But it's rare enough in real life that I'd happily waive the right for full refund return for immediate domain publishing. Maybe marketing would learn to spell after a few costly mistakes. Any other domain registrations getting a 3 day wait before publishing can have a more lenient return policy, maybe with a small processing fee. That's not unreasonable, and has something for the registrars. And grandma would be able to correct her typo, and the regstrars would have time to check grandma's credit card, since she's so typo-prone. I am not sure if this is what you are saying, but here is what just came to mind: 2 choices, same price: 1. instant, no refund. 2. 3 day hold, not active, but refundable till the point it goes live. I also just noticed something that doesn't seem to have been brought up: by registering, wait, refund, repeat - you can sit on a name for free. (under both current and my proposed.) To prevent this we need a small processing fee. Carl K
Re: [policy] When Tech Meets Policy...
Carl Karsten wrote: That is, if you extend domains on credit w/o any useful accountability of the buyer and this results in a pattern of criminality then the liability for that fraud should be shared by the seller. I am not sure tasting is criminal or fraud. You got what you ordered. You used it. You pay for it. It's that simple. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: [policy] When Tech Meets Policy...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Roland Dobbins <[EMAIL PROTECTED]> wrote: >There's a case to be made that a policy which results in organizations registering and owning domain names which are close to the intended domain anme but represent a common typographical transition is desirable from a security standpoint . . . > I don't think anyone could reasonably question the legitimacy for someone like, say, Google, registering "gogle.com" or "goggle.com". It should raise eyebrows, however, if "goggle.com" was registered to RBusiness Network. Or "allitalia.org", etc. You get the idea. - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.6.2 (Build 2014) wj8DBQFGwOB3q1pz9mNUZTMRAtaCAKCKJPbiGqAAYeaUHnWL5aFxzKjrhgCgkY4W ruSoXSTqVYbpLarBVmSXgbE= =kB6m -END PGP SIGNATURE- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: [policy] When Tech Meets Policy...
On Aug 13, 2007, at 4:58 PM, [EMAIL PROTECTED] wrote: On Mon, 13 Aug 2007 19:52:37 -, "Chris L. Morrow" said: I'm really not sure, but I can imagine a slew of issues where 'marketting' doesn't plan properly and corp-ID/corp-branding end up trying to register and make-live a domain at the 11th hour... "Failure to plan ahead on your part doesn't mean a crisis on my part". What happened to suits who failed to plan ahead *before* we had the Internet? I suspect that most of the suits from the late 1960's have retired or worse by this point, regardless of their foresight-fulness. Regards Marshall
Re: [policy] When Tech Meets Policy...
On Aug 13, 2007, at 2:06 PM, Chris L. Morrow wrote: why don't the equivalent 'domain tasters' on the phone side exploit the ability to sign up 1-8XX numbers like mad and send the calls to their ad-music call centers? 1. Maybe they do. ;> 2. People tend to be much more careful about punching numbers into a telephone than typing words on a keyboard, I think. There's also not a conceptual conflation of common typo mistakes with common telephone number transpositions, I don't think (i.e., I'm unsure there's any such thing as a common number transposition, while there certainly is with linguistic constructs such as letters). --- Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice Culture eats strategy for breakfast. -- Ford Motor Company
RE: [policy] When Tech Meets Policy...
At 4:32 PM -0400 8/13/07, Justin Scott wrote: > > Do people really not plan that far ahead, that they >> need brand new domain names to be active (not just >> reserved) within seconds? > >I can say from my experience working in a web development environment, >yes. I can recall several cases where we needed to get a domain online >quickly for one reason or another. Usually it revolves around the >marketing department not being in-touch with the rest of the company and >the wrong/misspelled domain name ends up in a print/radio/tv ad that is >about to go to thousands of people and cannot be changed. We end up >having to go get the name that is in the ad and get it active as quickly >as possible. Been there. But it's rare enough in real life that I'd happily waive the right for full refund return for immediate domain publishing. Maybe marketing would learn to spell after a few costly mistakes. Any other domain registrations getting a 3 day wait before publishing can have a more lenient return policy, maybe with a small processing fee. That's not unreasonable, and has something for the registrars. And grandma would be able to correct her typo, and the regstrars would have time to check grandma's credit card, since she's so typo-prone. >Personally I'm all for things working as quickly as possible, and I'm >all for being able to "return" a domain within a reasonable time if >needed. Perhaps it would be better to allow for domain returns, but >shorten the time limit to 24 hours. That should be long enough to catch >a typo, but too short to be much use for traffic tasting. > > >-Justin Scott | GravityFree > Network Administrator > >1960 Stickney Point Road, Suite 210 >Sarasota | FL | 34231 | 800.207.4431 >941.927.7674 x115 | f 941.923.5429 >www.GravityFree.com -- Ken Eddings, Hostmaster, IS&T, [EMAIL PROTECTED], [EMAIL PROTECTED] Work:+1 408 974-4286, Cell: +1 408 425-3639, Fax: +1 408 974-3103 Apple Computer, Inc., 1 Infinite Loop, M/S 60-MS Cupertino, CA 95014 The Prudent Mariner never relies solely on any single aid to navigation.
Re: [policy] When Tech Meets Policy...
Or perhaps domains can be on-line instantly for a $100 non-refundable "rush" fee, or be cheaper and more refundable if you don't mind waiting longer (long enough to fix the tasting issues) And yes, I suppose ICANN or similar would have to collect or mandate the costs for it to affect all areas of the problem? On 8/13/07, Dorn Hetzel <[EMAIL PROTECTED]> wrote: > > Yes, if grandma ordered a sign printed one way, and proofread it, and > agreed to pay for it, and the printer printed it, then the printer is > normally going to want money to make another different sign. If grandma, or > anyone else, orders a domain, and confirms that's the domain they want, and > get's it activated, then they should pay at least the first years fee, no > matter what... > > On 8/13/07, Carl Karsten <[EMAIL PROTECTED]> wrote: > > > > > > > > > > The real way to get rid of tasting would be to persuade Google and > > > Yahoo/Overture to stop paying for clicks on pages with no content > > > other than ads, but that would be far too reasonable. > > > > I don't see a practical way to enforce it. > > > > I believe the Net is an unstable system that will eventually be rendered > > useless > > by spam/etc. It is a cheap unlimited resource - you pay for your > > connection, > > and you get access to things you are in no way paying for. I don't see > > a way to > > fix it. > > > > Carl K > > > >
Re: [policy] When Tech Meets Policy...
Yes, if grandma ordered a sign printed one way, and proofread it, and agreed to pay for it, and the printer printed it, then the printer is normally going to want money to make another different sign. If grandma, or anyone else, orders a domain, and confirms that's the domain they want, and get's it activated, then they should pay at least the first years fee, no matter what... On 8/13/07, Carl Karsten <[EMAIL PROTECTED]> wrote: > > > > > > The real way to get rid of tasting would be to persuade Google and > > Yahoo/Overture to stop paying for clicks on pages with no content > > other than ads, but that would be far too reasonable. > > I don't see a practical way to enforce it. > > I believe the Net is an unstable system that will eventually be rendered > useless > by spam/etc. It is a cheap unlimited resource - you pay for your > connection, > and you get access to things you are in no way paying for. I don't see a > way to > fix it. > > Carl K >
Re: [policy] When Tech Meets Policy...
On Aug 13, 2007, at 1:32 PM, Justin Scott wrote: Usually it revolves around the marketing department not being in-touch with the rest of the company and the wrong/misspelled domain name ends up in a print/radio/tv ad that is about to go to thousands of people and cannot be changed. There's a case to be made that a policy which results in organizations registering and owning domain names which are close to the intended domain anme but represent a common typographical transition is desirable from a security standpoint . . . --- Roland Dobbins <[EMAIL PROTECTED]> // 408.527.6376 voice Culture eats strategy for breakfast. -- Ford Motor Company
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, Carl Karsten wrote: > Assuming a change takes place (which I doubt, but will ignore) I bet a > small non refundable fee (like $1) would drastically reduce the problem. A agree that somehow you have to increase the cost to the 'tasters' without hurting joe-six-pack. I think I've said that from the beginning. So, there have been several options discussed do we add that to the ICANN discussion as options for them to pursue? -Chris
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007 [EMAIL PROTECTED] wrote: > On Mon, 13 Aug 2007 19:52:37 -, "Chris L. Morrow" said: > > I'm really not sure, but I can imagine a slew of issues where 'marketting' > > doesn't plan properly and corp-ID/corp-branding end up trying to register > > and make-live a domain at the 11th hour... > > "Failure to plan ahead on your part doesn't mean a crisis on my part". that's fine in theory, in practice it just doesn't work so well :( > > What happened to suits who failed to plan ahead *before* we had the Internet? less spectacular failure? :) I really don't know, I imagine this sort of thing happened with 1-800 numbers for customer support type things. Say, speaking of 1-800 things, how does that system work? why don't the equivalent 'domain tasters' on the phone side exploit the ability to sign up 1-8XX numbers like mad and send the calls to their ad-music call centers?
Re: [policy] When Tech Meets Policy...
Barry Shein wrote: On August 13, 2007 at 10:11 [EMAIL PROTECTED] (Douglas Otis) wrote: > > > On Aug 12, 2007, at 6:41 AM, John Levine wrote: > > > The problems with domain tasting more affect web users, with vast > > number of typosquat parking pages flickering in and out of existence. > > Domain tasting clearly affects assessments based upon domains. With > millions added and removed daily as part of "no cost" domain tasting > programs, the number of transitioning domains has been increased by > an order of magnitude. Many of these new domains often appear as > possible phishing domains. The high number of tasting domains > obscures which are involved in criminal activities. This high number > also makes timely notification of possible threats far less practical. This sort of chain of reasoning, one behavior for one purpose might sometimes be a more insidious behavior for other purposes, makes me nervous. I just think it's a treacherous way to make policy, except in extreme cases. Then again I'm not particularly bugged by people who run these ad-only sites. Seems to me that's between them and the advertisers who pay them so long as it's not inherently criminal. And where it is criminal that should be dealt with, take any advertising medium in existence and you'll find a percentage of fraud. The real sin here is indicated by the terminology, "domain tasting". Domains should be paid for in advance, not necessarily "by law", but by liability. That is, if you extend domains on credit w/o any useful accountability of the buyer and this results in a pattern of criminality then the liability for that fraud should be shared by the seller. I am not sure tasting is criminal or fraud. > This would not be unique, there are lots of real world examples (e.g., if you rented cars for cash and asked for no id's and they were often used in crimes...) The car rental example falls apart: no ID = no way to track you down if you don't return the car. I don't believe there are any real world examples, where "real world" deals with anything physical. I think this problem only exists in the electronic world, where what is being bought and sold is just a few bytes in a database. Carl K
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007 19:52:37 -, "Chris L. Morrow" said: > I'm really not sure, but I can imagine a slew of issues where 'marketting' > doesn't plan properly and corp-ID/corp-branding end up trying to register > and make-live a domain at the 11th hour... "Failure to plan ahead on your part doesn't mean a crisis on my part". What happened to suits who failed to plan ahead *before* we had the Internet? pgpFQ278HeNX7.pgp Description: PGP signature
Anyone from Senderbase, or ironport around?
Please tag me off-list, also if anyone knows of any way to reach anyone there please let me know. Thanks, -Drew
RE: [policy] When Tech Meets Policy...
> Do people really not plan that far ahead, that they > need brand new domain names to be active (not just > reserved) within seconds? I can say from my experience working in a web development environment, yes. I can recall several cases where we needed to get a domain online quickly for one reason or another. Usually it revolves around the marketing department not being in-touch with the rest of the company and the wrong/misspelled domain name ends up in a print/radio/tv ad that is about to go to thousands of people and cannot be changed. We end up having to go get the name that is in the ad and get it active as quickly as possible. Personally I'm all for things working as quickly as possible, and I'm all for being able to "return" a domain within a reasonable time if needed. Perhaps it would be better to allow for domain returns, but shorten the time limit to 24 hours. That should be long enough to catch a typo, but too short to be much use for traffic tasting. -Justin Scott | GravityFree Network Administrator 1960 Stickney Point Road, Suite 210 Sarasota | FL | 34231 | 800.207.4431 941.927.7674 x115 | f 941.923.5429 www.GravityFree.com
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, William Herrin wrote: > Chris, > > Suggestion B in ICANN's information request was: > > "making the ICANN annual transaction fee (currently 0.20 USD per year) > apply to names deleted during the [5-day Add Grace Period]," > > Wouldn't this essentially end the bad-behavior domain tasting without > hurting grandma-jones with her typo? This would incur a 20 cent/domain fee for return of the domain inside the grace period, yes? that would add a slow drain to the taster's pocketbooks, is that slow-drain enough to make tasting less profitable? or 'not profitable'? If so, then yes probably it'd slow tasting or end it. I don't think that a 'processing fee' is abnormal on returned items so that might even sit well enough with grandma-jones (in my example). > And if it was still profitable to taste domain names, wouldn't it pump > so much money into ICANN that they could lower the annual fees for the > rest of us? hey lookie, a nice side effect :)
Re: [policy] When Tech Meets Policy...
Chris L. Morrow wrote: On Mon, 13 Aug 2007, Steve Atkins wrote: On Aug 13, 2007, at 11:03 AM, Chris L. Morrow wrote: So, to be clear folks want to make it much more difficult for grandma-jones to return the typo'd: mygramdkids.com for mygrandkids.com right? If grandma-jones orders custom stationery and doesn't manage to spell her name correctly, she'll end up with misspelled stationery. The main difference is that a misspelled domain name is likely to be a much cheaper mistake than misspelled stationery. I picked on example, there have been plenty of examples in the past of folks just barely able to come up with 7$/yr for domain registration and using donated hosting for their non-profit thing. I think the root isue is: there is consumer protection today in the purchase system, do we want to remove that in the future. Or do we want to find another method to crack down on this problem without hurting consumers? Assuming a change takes place (which I doubt, but will ignore) I bet a small non refundable fee (like $1) would drastically reduce the problem. Carl K
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, Sean Donelan wrote: > Do people really not plan that far ahead, that they need brand new domain > names to be active (not just reserved) within seconds? I'm really not sure, but I can imagine a slew of issues where 'marketting' doesn't plan properly and corp-ID/corp-branding end up trying to register and make-live a domain at the 11th hour... This also seems like the quick/easy fix. I'm not against any particular fix, but people need to understand (and Sean you probably do, as does Doug I suspect) what the implications of these design changes are and who'd be affected. -Chris
Re: [policy] When Tech Meets Policy...
> but today that provision is: If you buy a domain you have 5 days to > 'return' it. The reason behind the return could be: "oops, I typo'd" Fine, I don't recall that being the case previously so somone thought to introduce it > "hurray, please refund me for the 1M domains I bought 4.99 days ago!". The > 'protect the consumer' problem is what's enabling tasting. but it's not rocket science to see this simple abuse nor to stop it "one mistake, fine. N mistakes? better take more care, sorry" Sounds like poor management, they can easily redeem the situation by changing the rules again. Why haven't they? This is now sounding like willful negligence brandon
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, Chris L. Morrow wrote: but today that provision is: If you buy a domain you have 5 days to 'return' it. The reason behind the return could be: "oops, I typo'd" or "hurray, please refund me for the 1M domains I bought 4.99 days ago!". The 'protect the consumer' problem is what's enabling tasting. So combine these ideas with the possibility that someone will claim various consumer protection laws apply to these transactions and want to cancel the contract within three days. Instead, why don't we have a three day waiting period when the domain is "reserved" but not active. Grandma could notice her typo, credit card processor's could notice fake card numbers, and so on and rescind the registration. After three days the sale is "final." Only then the name is made active in the zone files. Do people really not plan that far ahead, that they need brand new domain names to be active (not just reserved) within seconds?
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, Steve Atkins wrote: > On Aug 13, 2007, at 11:03 AM, Chris L. Morrow wrote: > > So, to be clear folks want to make it much more difficult for > > grandma-jones to return the typo'd: mygramdkids.com for > > mygrandkids.com > > right? > > If grandma-jones orders custom stationery and doesn't > manage to spell her name correctly, she'll end up with > misspelled stationery. The main difference is that > a misspelled domain name is likely to be a much cheaper > mistake than misspelled stationery. I picked on example, there have been plenty of examples in the past of folks just barely able to come up with 7$/yr for domain registration and using donated hosting for their non-profit thing. I think the root isue is: there is consumer protection today in the purchase system, do we want to remove that in the future. Or do we want to find another method to crack down on this problem without hurting consumers? > > A question to the registrars here: What fraction of legitimate > domain registrations are reversed because the customer > didn't know how to spell, and noticed that within the five > day "dictionary time"? I know that I've made one reversal... but maybe I was being picky :)
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, Carl Karsten wrote: > > So, to be clear folks want to make it much more difficult for > > grandma-jones to return the typo'd: mygramdkids.com for mygrandkids.com > > right? > > Not just that, they want registrars to take a revenue cut. > > I am assuming that > A. a registrar would get less business being "less forgiving" than others. > B. a registrar gets revenue from tasted domains that taste good. I think the policy change would most likely be at the ICANN level or perhaps at the registry level. I got the impression that the current policy 'loophole' was at the registry or ICANN level already. So, this would probably > > I see no finical incentive for a registrar to change their policy. > because they are often part of the tasting ... so they don't want to cut off their revenue stream, which in no way touches grandma-jones and her typo'd domain purchase, fyi.
Re: US transit providers with slightly better than average International connectivity?
Drew Weaver wrote: How about to this IP? 62.150.200.10 -Original Message- From: Sargun Dhillon [mailto:[EMAIL PROTECTED] Sent: Monday, August 13, 2007 1:58 PM To: Drew Weaver Cc: 'nanog@merit.edu' Subject: Re: US transit providers with slightly better than average International connectivity? Drew Weaver wrote: Howdy, I know with the trans-atlantic and trans-pacific connectivity being what it is these days that getting reliable (i.e. low latency < 200, low packet loss < 5% total round-trip) to countries such as AE and others is kind of a "shot in the dark". However, I wanted to ping the list and see if anyone has had 'better luck/worse luck' with particular transit providers. We're currently utilizing Time Warner Telecom, Level3, and Global Crossing as our transit partners and we're shopping for a fourth at this time, we would really like to find a transit provider with 'better' international presence. Any suggestions based on experience? Thanks, -Drew As a test point let's try: 212.58.224.131 That's the BBC. Posting traceroutes would be the best. Here is mine from internap: core1.t6-1-bbnet1.sje.pnap.net 0.0% 2895 2.1 21.3 1.9 1671. 101.6 xe-1-3.r02.snjsca04.us.bb.gin.ntt.net 1.7% 2895 2.1 25.7 2.0 1301. 92.6 xe-1-2.r03.snjsca04.us.bb.gin.ntt.net 0.8% 2895 2.2 25.5 2.0 1764. 108.7 sjo-bb1-link.telia.net 0.0% 2895 2.3 15.3 2.1 1680. 109.5 nyk-bb1-link.telia.net 0.2% 2895 73.8 86.1 73.7 1596. 101.4 ldn-bb1-pos7-1-0.telia.net 0.0% 2895 143.1 155.5 141.8 1551. 100.4 ldn-bb1-link.telia.net ldn-bb1-link.telia.net 9. ldn-b1-pos3-0.telia.net 0.0% 2895 144.9 163.2 141.8 1470. 99.8 ldn-b1-link.telia.net 10. siemens-118436-ldn-b1.c.telia.net 0.0% 2895 144.8 165.2 141.9 1470. 106.4 11. 212.58.238.153 0.1% 2895 143.3 157.7 141.9 1386. 97.5 12. rdirwww-vip.thdo.bbc.co.uk 0.1% 2895 146.3 156.0 141.8 1636. 99.4 -- Sargun Dhillon deCarta [EMAIL PROTECTED] www.decarta.com ATT: Success rate is 100 percent (5/5), round-trip min/avg/max = 200/203/208 ms Global Crossing: 283 msec SAVVIS: 245.461 msec QWEST: min/avg/max = 312/313/317 UUNET: 379 msec Level3: min/avg/median/max/mdev/stddev = 244/252.8/252/280/2.332/9.432 ms I just used the looking glasses to check latency -- Sargun Dhillon deCarta [EMAIL PROTECTED] www.decarta.com
Re: US transit providers with slightly better than average International connectivity?
Before we flame Sargun for posting useless non sense, I figured I would throw my opinions in. I have seen great international results with some of the carriers you currently have, but if you are adding a fourth which areas are you looking to benefit most? Transatlantic/transpacific? I would suggest VZ Biz for both, but if you are focusing on transpacific routes PCCW, NTT, and ANC offer great pacific routes. Transatlantic: Telia, Interoute, or KPN Qwest (which may just be KPN now). Good luck, Josh On 8/13/07, Sargun Dhillon <[EMAIL PROTECTED]> wrote: > > Drew Weaver wrote: > > > > Howdy, I know with the trans-atlantic and trans-pacific connectivity > > being what it is these days that getting reliable (i.e. low latency < > > 200, low packet loss < 5% total round-trip) to countries such as AE > > and others is kind of a "shot in the dark". However, I wanted to ping > > the list and see if anyone has had 'better luck/worse luck' with > > particular transit providers. We're currently utilizing Time Warner > > Telecom, Level3, and Global Crossing as our transit partners and we're > > shopping for a fourth at this time, we would really like to find a > > transit provider with 'better' international presence. > > > > Any suggestions based on experience? > > > > Thanks, > > > > -Drew > > > As a test point let's try: 212.58.224.131 > That's the BBC. Posting traceroutes would be the best. Here is mine from > internap: > core1.t6-1-bbnet1.sje.pnap.net 0.0% 2895 2.1 21.3 1.9 1671. 101.6 > xe-1-3.r02.snjsca04.us.bb.gin.ntt.net 1.7% 2895 2.1 25.7 2.0 1301. 92.6 > xe-1-2.r03.snjsca04.us.bb.gin.ntt.net 0.8% 2895 2.2 25.5 2.0 1764. 108.7 > sjo-bb1-link.telia.net 0.0% 2895 2.3 15.3 2.1 1680. 109.5 > nyk-bb1-link.telia.net 0.2% 2895 73.8 86.1 73.7 1596. 101.4 > ldn-bb1-pos7-1-0.telia.net 0.0% 2895 143.1 155.5 141.8 1551. 100.4 > ldn-bb1-link.telia.net > ldn-bb1-link.telia.net > 9. ldn-b1-pos3-0.telia.net 0.0% 2895 144.9 163.2 141.8 1470. 99.8 > ldn-b1-link.telia.net > 10. siemens-118436-ldn-b1.c.telia.net 0.0% 2895 144.8 165.2 141.9 1470. > 106.4 > 11. 212.58.238.153 0.1% 2895 143.3 157.7 141.9 1386. 97.5 > 12. rdirwww-vip.thdo.bbc.co.uk 0.1% 2895 146.3 156.0 141.8 1636. 99.4 > > > -- > > Sargun Dhillon > deCarta > [EMAIL PROTECTED] > www.decarta.com > > > >
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, Douglas Otis wrote: > > On Aug 13, 2007, at 11:03 AM, Chris L. Morrow wrote: > > > So, to be clear folks want to make it much more difficult for > > grandma-jones to return the typo'd: mygramdkids.com for > > mygrandkids.com right? > > Grandma will still need to make a payment for the domain. Grandma is > also unlikely to find a clause in her contract which removes a > payment obligation after a few days. Provisions that enable domain > tasting are unlikely to benefit individuals. but today that provision is: If you buy a domain you have 5 days to 'return' it. The reason behind the return could be: "oops, I typo'd" or "hurray, please refund me for the 1M domains I bought 4.99 days ago!". The 'protect the consumer' problem is what's enabling tasting.
Re: [policy] When Tech Meets Policy...
On Aug 13, 2007, at 11:03 AM, Chris L. Morrow wrote: On Mon, 13 Aug 2007, John C. A. Bambenek wrote: That's exactly the problem "the goal of tasting is to collect pay per click ad revenue"... Ten years ago the internet was for porn, now it's for MLM/Affiliate/PPC scams. As long as we put up with companies abusing the Internet as long as they are making a buck, they'll keep doing it. to be very clear, this 'domain tasting' (no matter if you like it or not) is just using a 'loophole' in the policy/purchase that's there for the safe guarding of normal folks. It just happens that you can decide within 5 days that you don't want a domain or 1 million domains... So, to be clear folks want to make it much more difficult for grandma-jones to return the typo'd: mygramdkids.com for mygrandkids.com right? If grandma-jones orders custom stationery and doesn't manage to spell her name correctly, she'll end up with misspelled stationery. The main difference is that a misspelled domain name is likely to be a much cheaper mistake than misspelled stationery. A question to the registrars here: What fraction of legitimate domain registrations are reversed because the customer didn't know how to spell, and noticed that within the five day "dictionary time"? Cheers, Steve
Re: [policy] When Tech Meets Policy...
Chris L. Morrow wrote: On Mon, 13 Aug 2007, John C. A. Bambenek wrote: That's exactly the problem "the goal of tasting is to collect pay per click ad revenue"... Ten years ago the internet was for porn, now it's for MLM/Affiliate/PPC scams. As long as we put up with companies abusing the Internet as long as they are making a buck, they'll keep doing it. to be very clear, this 'domain tasting' (no matter if you like it or not) is just using a 'loophole' in the policy/purchase that's there for the safe guarding of normal folks. It just happens that you can decide within 5 days that you don't want a domain or 1 million domains... So, to be clear folks want to make it much more difficult for grandma-jones to return the typo'd: mygramdkids.com for mygrandkids.com right? Not just that, they want registrars to take a revenue cut. I am assuming that A. a registrar would get less business being "less forgiving" than others. B. a registrar gets revenue from tasted domains that taste good. I see no finical incentive for a registrar to change their policy. Carl K
Re: [policy] When Tech Meets Policy...
On Aug 13, 2007, at 11:03 AM, Chris L. Morrow wrote: So, to be clear folks want to make it much more difficult for grandma-jones to return the typo'd: mygramdkids.com for mygrandkids.com right? Grandma will still need to make a payment for the domain. Grandma is also unlikely to find a clause in her contract which removes a payment obligation after a few days. Provisions that enable domain tasting are unlikely to benefit individuals. -Doug
Re: [policy] When Tech Meets Policy...
The real way to get rid of tasting would be to persuade Google and Yahoo/Overture to stop paying for clicks on pages with no content other than ads, but that would be far too reasonable. I don't see a practical way to enforce it. I believe the Net is an unstable system that will eventually be rendered useless by spam/etc. It is a cheap unlimited resource - you pay for your connection, and you get access to things you are in no way paying for. I don't see a way to fix it. Carl K
Re: [policy] When Tech Meets Policy...
On Mon, 13 Aug 2007, John C. A. Bambenek wrote: > > That's exactly the problem "the goal of tasting is to collect pay > per click ad revenue"... > > Ten years ago the internet was for porn, now it's for > MLM/Affiliate/PPC scams. As long as we put up with companies abusing > the Internet as long as they are making a buck, they'll keep doing it. to be very clear, this 'domain tasting' (no matter if you like it or not) is just using a 'loophole' in the policy/purchase that's there for the safe guarding of normal folks. It just happens that you can decide within 5 days that you don't want a domain or 1 million domains... So, to be clear folks want to make it much more difficult for grandma-jones to return the typo'd: mygramdkids.com for mygrandkids.com right? -Chris (yes, domain tasting is unlikeable)
Re: US transit providers with slightly better than average International connectivity?
Drew Weaver wrote: Howdy, I know with the trans-atlantic and trans-pacific connectivity being what it is these days that getting reliable (i.e. low latency < 200, low packet loss < 5% total round-trip) to countries such as AE and others is kind of a “shot in the dark”. However, I wanted to ping the list and see if anyone has had ‘better luck/worse luck’ with particular transit providers. We’re currently utilizing Time Warner Telecom, Level3, and Global Crossing as our transit partners and we’re shopping for a fourth at this time, we would really like to find a transit provider with ‘better’ international presence. Any suggestions based on experience? Thanks, -Drew As a test point let's try: 212.58.224.131 That's the BBC. Posting traceroutes would be the best. Here is mine from internap: core1.t6-1-bbnet1.sje.pnap.net 0.0% 2895 2.1 21.3 1.9 1671. 101.6 xe-1-3.r02.snjsca04.us.bb.gin.ntt.net 1.7% 2895 2.1 25.7 2.0 1301. 92.6 xe-1-2.r03.snjsca04.us.bb.gin.ntt.net 0.8% 2895 2.2 25.5 2.0 1764. 108.7 sjo-bb1-link.telia.net 0.0% 2895 2.3 15.3 2.1 1680. 109.5 nyk-bb1-link.telia.net 0.2% 2895 73.8 86.1 73.7 1596. 101.4 ldn-bb1-pos7-1-0.telia.net 0.0% 2895 143.1 155.5 141.8 1551. 100.4 ldn-bb1-link.telia.net ldn-bb1-link.telia.net 9. ldn-b1-pos3-0.telia.net 0.0% 2895 144.9 163.2 141.8 1470. 99.8 ldn-b1-link.telia.net 10. siemens-118436-ldn-b1.c.telia.net 0.0% 2895 144.8 165.2 141.9 1470. 106.4 11. 212.58.238.153 0.1% 2895 143.3 157.7 141.9 1386. 97.5 12. rdirwww-vip.thdo.bbc.co.uk 0.1% 2895 146.3 156.0 141.8 1636. 99.4 -- Sargun Dhillon deCarta [EMAIL PROTECTED] www.decarta.com
Re: [policy] When Tech Meets Policy...
That's exactly the problem "the goal of tasting is to collect pay per click ad revenue"... Ten years ago the internet was for porn, now it's for MLM/Affiliate/PPC scams. As long as we put up with companies abusing the Internet as long as they are making a buck, they'll keep doing it. The scams will change, but they'll still be scaming. On 12 Aug 2007 13:41:17 -, John Levine <[EMAIL PROTECTED]> wrote: > > > I'd like to but I don't know of a practical way to measure the > > impact of domain tasting on my services: how can I do 6 million > > whois lookups to analyse a day's logs to find what proportion of our > > email comes "from" tasty domains? > > Probably not much. Domain tasting requires a registrar who is willing > to handle millions of AGP refunds without charging the registrant, > which effectively rules out anyone who isn't a registrar himself. The > goal of tasting is to collect pay per click ad revenue, which requires > that one have a stable enough identity to have Adsense et al pay you. > Spam these days all comes from zombies with real but irrelevant return > addresses, and the target URLs are more likely to be bought with > stolen credit cards. > > The problems with domain tasting more affect web users, with vast > number of typosquat parking pages flickering in and out of existence. > > The real way to get rid of tasting would be to persuade Google and > Yahoo/Overture to stop paying for clicks on pages with no content > other than ads, but that would be far too reasonable. > > R's, > John > >
Re: Content Delivery Networks
On Mon, 13 Aug 2007, Rodney Joffe wrote: > > > On Aug 13, 2007, at 2:25 AM, Florian Weimer wrote: > > > > > * Rodney Joffe: > > > >> Do you have any real examples of significant recursive servers doing > >> this? > > > > nscd in GNU libc has issues related to cache expiry. I'm not sure if > > it is general brokenness, or some TTL-related issue. It's use is not > > terribly widespread, and it's a host-specific cache only, but there's > > a certain installation base. > > Thanks Florian. So this looks like a code "feature", not stupid > behavior by deployers. I'll keep a note when we fingerprint > misbehaving systems in the future. nscd does this on many platforms (solaris for instance) there's a config bit in nscd.conf: positive-time-to-live hosts 3600 that sets a lower-bar on TTL in the nscd cache - (from the manpage for nscd.con) positive-time-to-live cachename value Sets the time-to-live for positive entries (successful queries) in the specified cache. value is in integer seconds. Larger values increase cache hit rates and reduce mean response times, but increase problems with cache coherence. Note that sites that push (update) NIS maps nightly can set the value to be the equivalent of 12 hours or more with very good perfor- mance implications. This is still a client issue as, hopefully, the cache-resolvers don't funnel their business through nscd save when applications on them need lookups... (things like ping/telnet/traceroute/blah) -Chris
Re: Content Delivery Networks
On Aug 13, 2007, at 2:25 AM, Florian Weimer wrote: * Rodney Joffe: Do you have any real examples of significant recursive servers doing this? nscd in GNU libc has issues related to cache expiry. I'm not sure if it is general brokenness, or some TTL-related issue. It's use is not terribly widespread, and it's a host-specific cache only, but there's a certain installation base. Thanks Florian. So this looks like a code "feature", not stupid behavior by deployers. I'll keep a note when we fingerprint misbehaving systems in the future. /rlj -- Florian Weimer<[EMAIL PROTECTED]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
US transit providers with slightly better than average International connectivity?
Howdy, I know with the trans-atlantic and trans-pacific connectivity being what it is these days that getting reliable (i.e. low latency < 200, low packet loss < 5% total round-trip) to countries such as AE and others is kind of a "shot in the dark". However, I wanted to ping the list and see if anyone has had 'better luck/worse luck' with particular transit providers. We're currently utilizing Time Warner Telecom, Level3, and Global Crossing as our transit partners and we're shopping for a fourth at this time, we would really like to find a transit provider with 'better' international presence. Any suggestions based on experience? Thanks, -Drew
Re: Content Delivery Networks
* Rodney Joffe: > Do you have any real examples of significant recursive servers doing > this? nscd in GNU libc has issues related to cache expiry. I'm not sure if it is general brokenness, or some TTL-related issue. It's use is not terribly widespread, and it's a host-specific cache only, but there's a certain installation base. -- Florian Weimer<[EMAIL PROTECTED]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99