Hi. The revised draft of the WHOIS and Zone Transfer policies are now available at: http://www.isocnz.org.nz/whoisdraft231099.html http://www.isocnz.org.nz/zfdraft231099.html Any comment or feedback are welcome. The earlier drafts are still available at: http://www.isocnz.org.nz/zfdraft1099.html http://www.isocnz.org.nz/whoisdraft1099.html Regards John Vorstermans Technical Committee ISOCNZ -- John Vorstermans || We are what we repeatedly do. Technical Manager || - Aristotle Actrix Networks --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Hey John, On Wed, Oct 27, 1999 at 04:28:14PM +1300, John Vorstermans wrote:
The revised draft of the WHOIS and Zone Transfer policies are now available at:
It's CRSNIC, not CRSNIX (minor point, I know :)
The WHOIS server will limit wild card searches and requests from any one source to a maximum of 50 responses.
I think this needs a little more explaining. I can see that registrars would have ample reason to make more than 50 requests from a single source in quite a short period of time.
That looks great! One thing isn't mentioned, though -- is the policy to allow zone transfers from _all_ authoritative servers, or just the master? Will this policy be implemented by denying zone transfer requests from addresses that haven't explicitly been allowed? If so, who will administer the list of devices permitted to perform zone transfers? Joe --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Joe writes: [Whois]
I think this needs a little more explaining. I can see that registrars would have ample reason to make more than 50 requests from a single source in quite a short period of time.
50 responses per query -- it's just to stop people going 'whois *' and getting swamped by the entire database, whether or not that was their intent... [Zone transfers]
One thing isn't mentioned, though -- is the policy to allow zone transfers from _all_ authoritative servers, or just the master?
There's still some discussion to be had about how secondaries are to be implemented. I think that the secondary implementation would be much cleaner if the secondary operators don't have to worry about who is allowed to perform zone transfers this week.
Will this policy be implemented by denying zone transfer requests from addresses that haven't explicitly been allowed? If so, who
That's the usual way of restricting zone transfers. 8-)
will administer the list of devices permitted to perform zone transfers?
I imagine, for purely practical reasons, the *administration* would be through Domainz. The *responsibility* would remain with ISOCNZ. -- don --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Wed, Oct 27, 1999 at 06:08:55PM +1300, Don Stokes wrote:
Joe writes: [Whois]
I think this needs a little more explaining. I can see that registrars would have ample reason to make more than 50 requests from a single source in quite a short period of time.
50 responses per query -- it's just to stop people going 'whois *' and getting swamped by the entire database, whether or not that was their intent...
So, it might make sense to re-word the policy to say that no more than 50 records will result from a single query? I think the way it's worded right now is confusing. Maybe it's just me :)
[Zone transfers]
One thing isn't mentioned, though -- is the policy to allow zone transfers from _all_ authoritative servers, or just the master?
There's still some discussion to be had about how secondaries are to be implemented. I think that the secondary implementation would be much cleaner if the secondary operators don't have to worry about who is allowed to perform zone transfers this week.
That sounds like a good way to start out -- deny transfers from all slave servers, and permit them to reasonable requestors from the master.
Will this policy be implemented by denying zone transfer requests from addresses that haven't explicitly been allowed? If so, who
That's the usual way of restricting zone transfers. 8-)
Pah :) The policy doesn't actually mention restricting zone transfers at all. It only talks about allowing them :)
will administer the list of devices permitted to perform zone transfers?
I imagine, for purely practical reasons, the *administration* would be through Domainz. The *responsibility* would remain with ISOCNZ.
And, pending Domainz' revised infrastructure and operational arrangements, right now this would actually be done by UoW rather than Domainz? Joe --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
participants (3)
-
Don Stokes -
Joe Abley -
John Vorstermans