On Wed, May 26, 1999 at 12:02:25PM +1200, 2Day Chief Enthusiast wrote:
I am only in favour of restricting zone transfers from all authorative .nz name servers if one can obtain an FTP account from the registry to get the zone files.
For the record, it's only ns99 and rata that currently permit zone transfers; none of the others do. A good compromise might be to restrict zone transfers from ns99 to "all authoritative servers plus authorised hosts" to allow people like Peter to continue to pull the data, without having to mess about with ftp. Domainz could authorise hosts as they saw fit (I would expect the authorisation policy to be fairly non-restrictive). The driver for doing this, remember, is to prevent the unscrupulous walking the DNS, enumerating domain names for the purposes of evil spam; it's not to stop record harvesting for the purposes of generating statistics. This is just for ns99 -- I would expect other authoritative servers to deny transfers from _anybody_. Maintaining a current transfer access list on every secondary is unnecessary. Being overly restrictive on this issue could be problematic anyway; for example CLEAR and Xtra have access to the zone files since they operate authoritative nameservers for the benefit of the community. It would be bizarre if other providers were denied access to the same information simply because they're small (or focused on niche services). Joe --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog