Randy Bush <[EMAIL PROTECTED]> writes:
> > I'm not talking about intended beneficiaries. I agree with your statement
> > when applied to intended beneficiaries. I'm talking about the character
> > of the preponderance of actual beneficiaries, whether measured by number
> > of domain registrati
> I'm not talking about intended beneficiaries. I agree with your statement
> when applied to intended beneficiaries. I'm talking about the character
> of the preponderance of actual beneficiaries, whether measured by number
> of domain registration events per unit time, or number of dollars of
> > the primary beneficiaries of this new functionality are spammers and
> > other malfeasants
>
> ... The primary beneficiaries are all
^
intended
> current and future .com/.net domain holders:
I'm not talking about intended beneficiaries. I agree with your s
On 23.07 22:30, Simon Waters wrote:
>
> The abstract doesn't mention that the TTL on NS records is found to be
> important for scalability of the DNS.
Sic!
And it is the *child* TTL that counts for most implementations.
On Fri, 23 Jul 2004, Duane Wessels wrote:
> Maybe, but don't forget that when BIND9 and DJBDNS caches find
> expired nameserver address (A) records they don't trust any cached
> data and start them back at the roots. And in the case of BIND9,
> it sends both A and A6 queries for each nameserver
> If a zone owner lowers a TTL and causes an increase in load, most of
> the foot being shot off is his or her own: the zone's own name servers
> will bear the brunt of the increased query load.
Maybe, but don't forget that when BIND9 and DJBDNS caches find
expired nameserver address (A) records
On Thu, 22 Jul 2004, Paul Vixie wrote:
> the primary beneficiaries of this new functionality are spammers and
> other malfeasants
It appears your glass is half empty rather than half full. The
primary beneficiaries are all current and future .com/.net domain
holders: timely and predictable zone
Petri Helenius wrote:
> What would be your suggestion to achieve the desired
> effect that many seek by lower TTL's, which is changing
> A records to point to available, lower load servers at
> different times?
On a similar note (and not viewing the issue through
the usual spam-colored glasses
On Fri, 23 Jul 2004 22:30:46 BST, Simon Waters <[EMAIL PROTECTED]> said:
> I think relying on accurate DNS information to distinguish spammers from
> genuine senders is at best shakey currently, the only people I can think
> would suffer with making it easier and quicker to create new domains
> w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
| Date: Fri, 23 Jul 2004 17:01:54 +
| From: Paul Vixie <[EMAIL PROTECTED]>
| Subject: that MIT paper again (Re: VeriSign's rapid DNS updates in
.com/.net )
|
|>>wrt the mit paper on why small ttl's are harmless, i recommend
> so, let's increase dynamicism of domain addition, but let's please
> not also increase dynamicism of delegation change and domain deletion.
dear customer, you can have wheat bread today, but rye takes a
day. here is a url which explains the reasons in obscure technical
terms. right; bloody li
i'd said:
> > wrt the mit paper on why small ttl's are harmless, i recommend that
> > y'all actually read it, the whole thing, plus some of the references,
> > rather than assuming that the abstract is well supported by the body.
someone asked me:
> Would you happen to have the URL for the MIT
I don't want to digress into a spam-l or asrg standard thread, but I do want
to point out the similarity of what I think are ad networks that manage
sets of write-engines (aka "zombies") in the blog-spam (http) problem space
with the canonical abuse-desk/xdsl swamp meta-thread on nanog.
I'm obser
> >... so, let's increase dynamicism of domain addition, but let's please
> >not also increase dynamicism of delegation change and domain deletion.
>
> What would be your suggestion to achieve the desired effect that many seek
> by lower TTL's, which is changing A records to point to available, l
At 10:05 AM 7/23/2004, Christian Kuhtz wrote:
On 7/23/04 5:29 AM, "Richard Cox" <[EMAIL PROTECTED]> wrote:
>
> On Thu, 22 Jul 2004 15:27:37 -1000 Randy Bush <[EMAIL PROTECTED]> wrote:
>
> | all they need to do is register foo.bar with delegation to their
> | dns servers, and change a third level
On 7/23/04 5:29 AM, "Richard Cox" <[EMAIL PROTECTED]> wrote:
>
> On Thu, 22 Jul 2004 15:27:37 -1000 Randy Bush <[EMAIL PROTECTED]> wrote:
>
> | all they need to do is register foo.bar with delegation to their
> | dns servers, and change a third level domain name at will.
>
> Er, no. They h
Paul Vixie wrote:
so do i. but more importantly, i agree with daniel that the next thing
that's going to happen as a result is that there will be pressure toward
lower ttl's. and i further agree with daniel that lower ttl's would be
bad. so, let's increase dynamicism of domain addition, but let's
On Thu, 22 Jul 2004 15:27:37 -1000 Randy Bush <[EMAIL PROTECTED]> wrote:
| all they need to do is register foo.bar with delegation to their
| dns servers, and change a third level domain name at will.
Er, no. They have of course tried that already!
By registering foo.bar with delegation to THE
because i have sometimes been accused of being unfair to markk, i checked.
[EMAIL PROTECTED] (Mark Kosters) writes:
> > > the primary beneficiaries of this new functionality are spammers and
> > > other malfeasants,
> >
> > I think this is a true statement.
>
> Has anyone done any studies to
> I welcome the change.
so do i. but more importantly, i agree with daniel that the next thing
that's going to happen as a result is that there will be pressure toward
lower ttl's. and i further agree with daniel that lower ttl's would be
bad. so, let's increase dynamicism of domain addition,
On 22.07 14:46, Randy Bush wrote:
>
> ... the TTL issue is almost entirely NS RRs, ...
> of course, almost all date in the gtlds are NS RRs, so the worry about
> TTL crank-down holds, though just for silly gtld servers. then again,
> they're paid to serve.
This assumes rational behavior of a lo
Richard wrote:
> ... the return path provides ...
This was where I ended up also. As Barry and others have discussed on the
asrg, the write-side is throw-away assets. The "return path" is where the
persistence of the names used is greater and the value to the scheme is
realized.
and Randy wrote:
On Fri, 23 Jul 2004, Richard Cox wrote:
> The key here is not registration but change. Currently, while spammers
> and other malfeasants have the ability to send out through compromised
> proxies and zombied PCs, there is little that can be done to identify
> them until they require a response,
> The key here is not registration but change. Currently, while spammers
> and other malfeasants have the ability to send out through compromised
> proxies and zombied PCs, there is little that can be done to identify
> them until they require a response, and then the return path provides
> some
On Thu, 22 Jul 2004 17:24:07 -0700
"Robert L Mathews" <[EMAIL PROTECTED]> wrote:
| At 7/22/04 10:08 AM, Paul Vixie wrote:
|
|> the primary beneficiaries of this new functionality are spammers
|> and other malfeasants
|
| I think you're suggesting that such people will register domain
| names and
> But the new policy does allow normal people to do something they couldn't
> otherwise do: have a working .com/.net Web site and e-mail in a few
> minutes. That's good for legitimate domain owner happiness.
>
> By far the number one question customers ask my (hosting) company when
> they sign
On Thu, 2004-07-22 at 20:24, Robert L Mathews wrote:
>
> At 7/22/04 10:08 AM, Paul Vixie wrote:
>
> >the primary beneficiaries of this
> >new functionality are spammers and other malfeasants
>
> I think you're suggesting that such people will register domain names and
> use them right away (whi
At 7/22/04 10:08 AM, Paul Vixie wrote:
>the primary beneficiaries of this
>new functionality are spammers and other malfeasants
I think you're suggesting that such people will register domain names and
use them right away (which may be true), and that the lack of a delay
enables them to do thi
On Thu, 22 Jul 2004, Daniel Karrenberg wrote:
> What I am concerned about is the pressure to lower TTLs across the board
> if the increase in zone update speed creates expectations that it alone
> cannot fulfill.
>
> I observe this being sold as "instantaneous updates" instead of
> "instantaneo
> In other words, Verisign is unhappy that spammers are now registering
> primarily .biz domains and Verisign is no longer getting getting share
> of their business?
Do you want me to answer that wearing my hired-by-NeuStar-to-write-.biz hat
or my fired-by-NeuStar-for-trying-to-policy-.biz hat?
Mark,
I've been looking at spam in blogs, that is paxil et al domain names that
are POSTed into blogs as comments.
An example (from http://wampum.wabanaki.net/archives/000794.html, a post
on this very subject) follows this reply to you.
Some number of URLs are presented to engines that index th
On Thu, 22 Jul 2004, Eric Brunner-Williams in Portland Maine wrote:
> > the primary beneficiaries of this
> > new functionality are spammers and other malfeasants,
>
> I think this is a true statement. I think it is important to keep in
> mind that registry operators "compete" for TLD franchise
On Thu, 22 Jul 2004 17:04:24 EDT, Mark Kosters said:
> Has anyone done any studies to prove this conjecture? If this was
> true, maybe those registries who do perform this particular service today
> ought to slow down their update frequency.
And lose share to the one who doesn't slow down?
I see
On Thu, Jul 22, 2004 at 08:27:45PM +, Eric Brunner-Williams in Portland Maine
wrote:
> > the primary beneficiaries of this
> > new functionality are spammers and other malfeasants,
>
> I think this is a true statement.
Has anyone done any studies to prove this conjecture? If this was
true,
> the primary beneficiaries of this
> new functionality are spammers and other malfeasants,
I think this is a true statement. I think it is important to keep in
mind that registry operators "compete" for TLD franchises, and where
those "competitions" occur, this statement is not belived to be tru
- Original Message -
From: "Daniel Karrenberg" <[EMAIL PROTECTED]>
To: "Paul Vixie" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, July 22, 2004 3:05 PM
Subject: Re: VeriSign's rapid DNS updates in .com/.net
>
> On 22.07 17
On 22.07 21:05, an alter ego of Daniel Karrenberg wrote:
>
> I am worried about all the other root servers that have to deal with
> much lesser query loads and might feel the impact of lowered TTLs
> much more.
Of course I meant "all the other DNS servers".
Daniel
On 22.07 17:08, Paul Vixie wrote:
>
> therefore if there were a drop in TTL for root-zone data, it would
> only be a multiplier against 2.1% of f-root's present volume.
I am not worried so much about the root servers here because of the
reasons you cite. The root server system is engineer
>
> > > > Good point! You can reduce TTLs to such a point
> > > that the servers will
> > > > become preoccupied with doing something other than
> > > providing answers.
> > > >
> > > > Ray
> > > >
> > > > &
duane wessels' presentation at the last eugene nanog meeting distinguished
between two kinds of traffic received at f-root during his sampling work:
crap: 97.9%; non-crap: 2.1%. the "crap" category includes requestors who
do not seem to cache the responses they hear, thus rendering the actual TTL
lzak wrote:
> >
> > >
> > > Good point! You can reduce TTLs to such a point
> > that the servers will
> > > become preoccupied with doing something other than
> > providing answers.
> > >
> > > Ray
> > >
> > > > ----
he servers will
> > become preoccupied with doing something other than
> providing answers.
> >
> > Ray
> >
> > > -Original Message-
> > > From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> > > Daniel Karren
On 22.07 12:26, Stephen J. Wilcox wrote:
>
> I dont see any reference to adjusting the TTL in the verisign announcement.
Correct.
> They say they will update the zones every 5 minutes from the registry data.
>
> These are not the same things (or did I miss that bit?)
Correct.
> Also, isnt a
[EMAIL PROTECTED] On Behalf Of
> > > Daniel Karrenberg
> > > Sent: Thursday, July 22, 2004 3:12 AM
> > > To: Matt Larson
> > > Cc: [EMAIL PROTECTED]
> > > Subject: Re: VeriSign's rapid DNS updates in .com/.net
> > >
> > >
>
riginal Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> > Daniel Karrenberg
> > Sent: Thursday, July 22, 2004 3:12 AM
> > To: Matt Larson
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: VeriSign's rapid DNS updates in .com/.net
> &
2, 2004 3:12 AM
> To: Matt Larson
> Cc: [EMAIL PROTECTED]
> Subject: Re: VeriSign's rapid DNS updates in .com/.net
>
>
> Matt, others,
>
> I am a quite concerned about these zone update speed improvements
> because they are likely to result in considerable pressure
Matt, others,
I am a quite concerned about these zone update speed improvements
because they are likely to result in considerable pressure to reduce
TTLs **throughout the DNS** for little to no good reason.
It will not be long before the marketeers will discover that they do not
deliver what the
William,
On Wed, 14 Jul 2004, william(at)elan.net wrote:
> I reforward this email in hopes that it was by simple omission that nobody
> from Verisign is yet to respond to it.
Replying to your original message has been on my to-do list.
> 1. Currently SLD deligation info for .com/.net TLDs seem
PROTECTED]>
Cc:
Subject: Re: VeriSign's rapid DNS updates in .com/.net
On Fri, 9 Jul 2004, Matt Larson wrote:
> VeriSign Naming and Directory Services (VNDS) currently generates new
> versions of the .com/.net zones files twice per day. VNDS is
> scheduled to deploy on September 8,
On Fri, 9 Jul 2004, Matt Larson wrote:
> VeriSign Naming and Directory Services (VNDS) currently generates new
> versions of the .com/.net zones files twice per day. VNDS is
> scheduled to deploy on September 8, 2004 a new feature that will
> enable VNDS to update the .com/.net zones more frequ
Interest Registry
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mike Lewinski
Sent: Saturday, July 10, 2004 10:36 PM
To: [EMAIL PROTECTED]
Subject: Re: VeriSign's rapid DNS updates in .com/.net
David A.Ulevitch wrote:
> I'm appreciative o
On Jul 10, 2004, at 7:35 PM, Mike Lewinski wrote:
David A.Ulevitch wrote:
I'm appreciative of this change -- but fyi, they aren't the only TLD
operators doing this, there are quite a few doing near-instant
changes to their respective zones.
I just registered a new .org and it had visibility from
On Sat, 10 Jul 2004, David A.Ulevitch wrote:
> It also means that changes can be made to host records quickly which is
> important for people who don't plan well or have unexpected changes
> that they want propagated.
>
> I'm appreciative of this change -- but fyi, they aren't the only TLD
>
David A.Ulevitch wrote:
I'm appreciative of this change -- but fyi, they aren't the only TLD
operators doing this, there are quite a few doing near-instant changes
to their respective zones.
I just registered a new .org and it had visibility from external NS not
more than 15 minutes later (I wou
Hmm... May be, you are correct - if you sell service to the 'consumers'
(inexperienced customers), they do not expect any delays between 'payment
completed' and 'I can see my brand new domain WWW.HOW-COOL-I-AM.COM. And
TTL's/caches do not prevent you from this, because you did not requested
this d
On Jul 10, 2004, at 1:19 PM, Alexei Roudnev wrote:
It is cool, but where is any value in this (I mean - 5 minutes) rapid
updates for .com and other base domains? I wish rapid DNS when running
enterprise zone (with dynamic updates) or when running dynamic-dns
service
(for those who use dynalic IP
ng it for a few years).
- Original Message -
From: "Matt Larson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 09, 2004 12:20 PM
Subject: VeriSign's rapid DNS updates in .com/.net
VeriSign Naming and Directory Services (VNDS) currently generat
On Fri, 09 Jul 2004, Robert Boyle wrote:
> Does this also apply to domains with other registrars?
I'm not sure what you mean by "other registrars". VeriSign sold the
Network Solutions registrar in November 2003 (although it retains a
15% ownership).
The rapid updates apply to all changes from a
> Verisign doesn't get a refund from ICANN ...
Deepak,
First, the fee to ICANN is on the order of $0.20/per, as opposed to the
fee we registrars pay to VGRS, which is on the order of $6.00. Second,
the fees paid by both the registries and registrars is subject to some
negociations, which is pres
The window to be notified and respond probably just shrunk by an
enormous factor. Everything is hijackable.
I wasn't aware you got a notification upon hijack...
You may... you may not. If you don't its definitely a hijack. If you did
and you were able to prevent it, its not a hijack. It really
On Fri, 09 Jul 2004 20:37:18 -, "Christopher L. Morrow" said:
> all still dependent on the 'its hijackable' to begin with, right? So what
> changed really?
"Hmm... that phone call 2 hours ago sounded fishy.. I better re-double-check"
Working scam for 1 hour 50 minutes with 5 minute updates, g
On Fri, 9 Jul 2004, Deepak Jain wrote:
> >
> > all still dependent on the 'its hijackable' to begin with, right? So what
> > changed really?
> >
>
> The window to be notified and respond probably just shrunk by an
> enormous factor. Everything is hijackable.
I wasn't aware you got a notificatio
all still dependent on the 'its hijackable' to begin with, right? So what
changed really?
The window to be notified and respond probably just shrunk by an
enormous factor. Everything is hijackable.
DJ
On Fri, 9 Jul 2004 [EMAIL PROTECTED] wrote:
> On Fri, 09 Jul 2004 16:00:30 EDT, Deepak Jain said:
>
> > And you can fix hijacked domains in seconds!!
>
>
>
> Or social-engineer somebody to "fix" a "hijacked" domain in seconds.. :)
>
>
>
all still dependent on the 'its hijackable' to begin wit
On Fri, 09 Jul 2004 16:00:30 EDT, Deepak Jain said:
> And you can fix hijacked domains in seconds!!
Or social-engineer somebody to "fix" a "hijacked" domain in seconds.. :)
pgpfKYj8Ab6Wu.pgp
Description: PGP signature
Very cool! Kudos! This is good news from Verisign on NANOG for a change.
:) Does this also apply to domains with other registrars? From your
message wording above, it appears that is the case which is great news.
Does this apply to authoritative name server changes as well? Also, does
this app
At 03:20 PM 7/9/2004, you wrote:
time. After the rapid DNS update is implemented, the elapsed time
from registrars' add or change operations to the visibility of those
adds or changes in all 13 .com/.net authoritative name servers is
expected to average less than five minutes.
Very cool! Kudos! Th
VeriSign Naming and Directory Services (VNDS) currently generates new
versions of the .com/.net zones files twice per day. VNDS is
scheduled to deploy on September 8, 2004 a new feature that will
enable VNDS to update the .com/.net zones more frequently to reflect
the registration activity of the
68 matches
Mail list logo
