<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: [gnso-ff-pdp-may08] Section 5.8
- To: "'James M. Bladel'" <jbladel@xxxxxxxxxxx>, <joe@xxxxxxxxxxxxxxxxxx>
- Subject: RE: [gnso-ff-pdp-may08] Section 5.8
- From: "Greg Aaron" <gaaron@xxxxxxxxxxxx>
- Date: Tue, 19 May 2009 12:02:22 -0400
I agree. Governing TTL values is not technically viable or justified
solution. And mandating charges for TTL changes or nameserver changes is
neither justified nor practical.
All best,
--Greg
-----Original Message-----
From: James M. Bladel [mailto:jbladel@xxxxxxxxxxx]
Sent: Tuesday, May 19, 2009 11:49 AM
To: joe@xxxxxxxxxxxxxxxxxx
Cc: gnso-ff-pdp-may08@xxxxxxxxx; dave.piscitello@xxxxxxxxx
Subject: RE: [gnso-ff-pdp-may08] Section 5.8
Joe and Group:
I agree with Joe's first point (below), that governing TTL values is
probably a dead end.
Like many registrars, we offer basic DNS services with default values
for TTL. This is sufficient for the majority of customers. Registrants
can override these defaults (within reason) by accessing an "advanced
DNS" control panel. But it is fair to assume that anyone bent on
mischief would see this tool as a hindrance / exposure vulnerability,
and simply set up their own nameserver.
J.
-------- Original Message --------
Subject: Re: [gnso-ff-pdp-may08] Section 5.8
From: Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>
Date: Thu, May 14, 2009 10:47 am
To: dave.piscitello@xxxxxxxxx
Cc: gnso-ff-pdp-May08@xxxxxxxxx
Dave mentioned:
#Do we want to tackle the question of whether registrars should limit
how
#frequently registrants may change TTLs?
Would registrars have the ability to control TTL changes? While many
registrars offer an integrated package that includes name registration
and
DNS service, in other cases the two activities are completely
decoupled.
If the registrar doesn't provide DNS service for their customer's name,
they wouldn't have control over, or even necessarily knowledge of,
their
customer's TTL values.
I don't think this would be a productive line of action to pursue.
#What about fees for TTL changes? Looking at old threads, I see we
talked
#about the fact that fees would not generally deter criminal activity
#(they are using someone else's money).
You're thinking about cases where someone is engaged in credit card
fraud,
etc., right? While that is certinly common for some registrations,
effort
such as the "Day Old Bread" list reduce miscreants' ability to nail up
a
domain, use it immediately until it is discovered that it was
fraudulently
ordered, iterating after that domain is disabled.
If you can induce what amounts to a community-imposed month long
waiting
period before a domain is trusted, the ability of a miscreant to make
fraudulent orders is undercut, and then fees once again become a viable
tool for shaping behaviors (albeit *not* fees for "TTL changes")
Regards,
Joe
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|