Peter Mott writes:
Why create a policy and therefore an administrative structure to police it when nobody has identified either a technical or privacy problem with the present policy or having ns99.waikato.ac.nz allow zone transfers to any host on the Internet.
On the contrary, RFC 2010, as a fairly clear statement of best practice for top level nameservers (ccTLD issues differing from root nameservers only in the numbers), does raise a technical issue -- it states that their is a *potential* problem with load from zone transfers, just like it states that there are potential security problems with certain other configurations. Why does one need to wait for trouble to strike before taking action to avert it?
It also gives weight to the possibility that the real purpose behind the policy is something not yet disclosed.
Only that the full policies for DNS secondary servers have not yet been fully developed -- they'll be based around RFC 2010 and any subsequent, relevant issues that have been raised by operators of top level servers. Are you saying .nz shouldn't be operating to industry best practices? -- don --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog