Re: [dns-wg] Delegation checking policy/procedure at ARIN

[Edward Lewis <]

Speaking strictly as an engineer and not as font of policy

At 12:00 +0200 5/13/03, Patrik Fältström wrote:
>   - What is a proper set of requirements a registry set on operations
>     of a child zone? (One can argue the registry should not care, BUT,
>     in reality they do. The answer can be "do not care", but then it
>     should be said very loud.)
I've started to answer this three ways already.  I'm a bit reticent
to speak freely as a member of ARIN staff - any policy statements
should come through official channels if we want to get into
specifics.

That being said, the answer to this is quite policy specific.  There
is an element of technical data to the answer though, perhaps
significant but not substantial.

The DNS protocol is defined to be quite robust in the face of
misconfiguations (lameness is an exception).  With that in mind,
there's little technical justification to place a lot of overhead in
'policing' configurations.  I'll repeat this - this does not limit
what a registry may choose to do, but it limits our ability to point
to a section of a standard and say "see, this is why we enforce a
certain behavior."

>   - Is the requirements different between in-addr.arpa delegations from
>     the normal {cc,g}TLD delegations? If so, why?
The answer to this is buried in the debate over whether the reverse
map "MUST" be supported.  This debate is happening (dormantly for
now) in the IETF DNSOP WG.  I think the answer is yes - based on the
observation that no one is debating whether the forward map is
needed. ;)  I can't offer a pat answer to "why?" (but where there's
smoke there's either a fire or a troll). ;/
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                            +1-703-227-9854
ARIN Research Engineer

Your office is *not* a reality-based sit-com TV show.