October 21st, 2003

On DNS Innovation … (again) …

»

Keith has responded to my entry again. Like him, I think it would be useful to air our differences in public. Whichever side you on, your own choice :-)

“I say that his dns-search piece describes an outcome that is in every way similar to SiteFinder.”

Yes. The goal is the same. The approach isn’t. And the whole argument we have is about the approach, not the goal. And I know the approach matters a lot to John as a technical decision (not political one).

“Also please distinguish between the wildcard and SiteFinder. They are two entirely different things. The wildcard is part of the DNS, and a standard part, albeit previously unimplemented. Let me repeat what the IAB said:”

I realized I shouldn’t lump the wildcard and SiteFinder as a single entity.

Yes, you are right. I should have make it clear that SiteFinder is purely an above DNS service. But Verisign utilizes the control over the .COM infrastructure to get traffic to their SiteFinder by wildcard. I am not against the former (which I think is a useful service as I said in my previous entry) but I am against the latter.

“James, this is explicitly about the use of a wildcard in a TLD. And RFC is about the DNS in general, not excluding TLDs. So I really believe you are wrong on the issue of standards.”

I already explained this part in my last entry. The fact that wildcard is part of the standard does not mean you can break existing practices. There are certain behavior expected from .COM DNS servers, documented or not. This is why I say Verisign is not been a good neighbour in the larger scheme of things.

I also noted your quote on IAB recommendation “We hesitate to recommend a flat prohibition against wildcards in “registry”-class zones, but strongly suggest that the burden of proof in such cases should be on the registry to demonstrate that their intended use of wildcards will not pose a threat to stable operation of the DNS or predictable behavior for applications and users.”

This is not an endorsement from IAB that it is okay to do wildcard in TLD. Instead, what IAB is saying is that there may be certain value in providing wildcard in certain TLDs (which I agreed in my first entry) but before any TLD operate do so, they must proof that such uses will not pose a thread to stable operation of the DNS which Verisign, as far as I can see, have not done.

Yes, they have shown how much benefit SiteFinder will bring to the end-users but have not show they have not done any damage.

“Given all of this I really believe your rebuttal is simply avoiding my key points rather than addressing them.

SiteFinder on the other hand is what happens once the DNS has released a query, having detected no valid domain name for the query in question. It is in that sense outside of and “above” the DNS.”

No, the wildcard decide that any entry not in the DNS goes to Sitefinder. This means you removed “NXDOMAIN” (no domain) as a possible answer in the DNS. You hurt people who depends on NXDOMAIN.

“I do not see any point in VeriSign engaging with the IETF on the wildcard. The IETF alrady has an RFC covering the wildcard and VeriSign has stuck to the RFC. So in a way there is nothing to discuss.”

Yes there is. Wildcard on the TLD is not a documented feature and the implications has not been explored.

“Clearly VeriSign’s opinion will count for a lot as it runs the .com and .net TLDs and so can redirect wildcard traffic to its own “above the DNS” solution. It is not very likely to abandon its own solution. That is just a commercial reality. We should all calm down and just get used to it. Running .com and .net carries a lot of power. Lets acknowledge it and get over it!”

If that is the case, we need another operator who is willing to play by the rules of harmony on the Internet.

Honestly, I believe we need something like SiteFinder…Google helps but Sitefinder solve another set of navigation problem (very much like Realname solve another space). But this does not mean I agreed with the DNS wildcard. I am sure we can find an appropriate solution to deploy this.

ps: This is the first time I carried out a discussion (I don’t want to call it an argument because it is okay to have different views) over blogs and it is pretty interesting. But this shall be my last entry on this topic…

ps: Thomas Roessler have an entry on DNS Innovation too…

Comments are closed.