100 likes | 193 Views
Zone Transfers Summary of CENTR Position. Kim Davies ICANN Shanghai 27 October 2002. The Issue. ICANN requires ccTLD Managers to provide access to the zone files via AXFR before they will allow any change to their nameserver delegations. History. Issue arose in April/May
E N D
Zone TransfersSummary of CENTR Position Kim Davies ICANN Shanghai 27 October 2002
The Issue • ICANN requires ccTLD Managers to provide access to the zone files via AXFR before they will allow any change to their nameserver delegations.
History • Issue arose in April/May • CENTR asks ICANN to explain policy on 21 June • CENTR issues initial paper at ICANN Bucharest on 25 June • ICANN responds in the form of an FAQ on 4 September • CENTR issues position paper on 26 September.
CENTR Response • No technical justification • Causes undesirable consequences • Legally questionable
Technical Justification • Check for 2 NS requirement for second levels • Outside ICANN scope • Possibly outdated requirement • Not a large impact on global stability, certainly not more important than having a correct delegation of a ccTLD • Check that zone file complies with STD13 format • Latest versions of BIND break this format • Zone file received via AXFR can differ to that on the server • Real errors (syntactic, semantic) errors are already detected by name servers before loaded. • Many name servers have no “zone file”. • Dynamic DNS means data served can (and usualy does) differ from the zone file.
Legal Issues • ICANN is performing data escrow. • We consider this a local issue, subject to local laws. • Data protection laws • Prohibits release of some data. • Empowers ccTLDs not to release some data. • The parts give you less than the whole • Ranking ISPs • New products?
Problems for ICANN • If they want to do data escrow… • Places huge burden on them when they actually take over a ccTLD • Doesn’t sound like a technical co-ordination role. • If they want to monitor the DNS… • The simple (important) stuff is not being done. • Checking the second level is beyond their scope • Do they plan on checking the whole DNS? • Their operations should stem from: • The IANA contract with the US Government, which mentions nothing about enforcing unrelated requirements before allowing NS redelegation. • The MoU which says nothing about a requirement to perform technical monitoring of ccTLDs.
Conclusion • We disagree
Future • ICANN has been speaking to those who have an issue. • Most redelegations have gone through. • Many ccTLDs have committed to working on policy development on this topic and/or performing technical tests on their own zones and reporting only the results back to ICANN. • Another proposal has been circulating on using an independent trusted third party to perform any agreed tests. • But: No change in stated ICANN policy.
kim@centr.org The End.