DNSO Archives: [ga-roots]

ICANN/DNSO DNSO Mailling lists archives

[ga-roots]

<<< Chronological Index >>> <<< Thread Index >>>

[ga-roots] Re: [icann-eu] Letter to Dr. Vint Cerf

To: "Thomas Roessler" <roessler@does-not-exist.org>
Subject: [ga-roots] Re: [icann-eu] Letter to Dr. Vint Cerf
From: "List Admin" <patrick@corliss.net>
Date: Thu, 10 May 2001 00:09:22 +1000
Cc: "[ga-roots]" <ga-roots@dnso.org>
Sender: owner-ga-roots@dnso.org

[Repost upon request from Patrick Corliss - this message had
originally been distributed on icann-europe.  Note that I'm not
subscribed to ga-roots.  Please CC me on any replies.

What a chaos. -tlr]

On 2001-05-08 13:24:23 -0700, Kent Crispin wrote:

> The misconfiguration is in creation of a .biz in an alternate
> root system, and connecting that to the global Internet -- an
> action which exposes one to all kinds of problems, not just the
> one you outline.

I disagree.

The interesting question about Jefsey's scenario is how the message
gets to a mail server which uses the wrong root system - from the
sender's point of view.  (The argument is entirely symmetric under
exchange of canonical and alternative roots.)

1. The sender himself may have delivered the message to a relay
(smart host) which uses the wrong set of root servers.  In this
case, the user has either acted in a pretty stupid way, or he erred
on which root server is used by his preferred smart host.  Thinking
about a typical ISP setup, an Internet service provider may indeed
turn out to be liable when he is using the alternative root and
customers expect (as usual) that the canonical set of root servers
is used.

2. A server using the wrong set of root servers is acting as an MX
for the target domain, as seen in the right DNS hierarchy.  That is,
things are setup very badly.  This would most likely count as a
severe configuration error, and is something which should be sorted
out between the owner of the target domain and the MX operator.  It
basically just doesn't make any sense.

Thus, I don't think that connecting name servers with an alternative
root zone to the Internet is the really bad thing - but actually
using them may quickly turn out to be a very bad thing.

-- 
Thomas Roessler                          http://log.does-not-exist.org/

--
This message was passed to you via the ga-roots@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-roots" in the body of the message).
Archives at http://www.dnso.org/archives.html

Follow-Ups:
- Re: [ga-roots] Re: [icann-eu] Letter to Dr. Vint Cerf
  - From: Kent Crispin <kent@songbird.com>
- Re: [ga-roots] Re: [icann-eu] Letter to Dr. Vint Cerf
  - From: "L Gallegos" <jandl@jandl.com>

<<< Chronological Index >>> <<< Thread Index >>>