Re: [ga] Re: ICANN & Stability

["M. Stuart Lynn" <lynn@icann.org>]

Thomas,

Thanks for your questions. See responses below.  References to FAQs 
are to "Frequently Asked Questions on Access to TLD Zone Files" at 
<http://www.iana.org/faqs/tld-zone-access-faq.htm>.

Stuart

Thomas Roessler wrote:
[snip]
>Two questions:
>
>1. What particular circumstances surrounding a change in secondary 
>name servers make these checks so necessary that the change must be 
>held up until the checks have been performed?
>

One of ICANN's significant efforts (prompted by requests by many 
ccTLD operators) has been to improve the IANA function to make its 
operations more consistent and timely.  Although resource limitations 
until 2001 resulted in the IANA making discretionary judgments on 
some occasions that the zone-file-accuracy check would be skipped, 
applying that kind of selectivity is not desirable since it can seem 
ad hoc and not policy-driven.  Accordingly, database accuracy checks 
are now performed in all cases at the time of nameserver changes. 
FAQs 5-7 summarize the checks that are done, which the IANA typically 
completes the same day the zone file is made available.

Your question hints at another important issue, which perhaps should 
give rise to a policy-development process in this area.  The IANA 
performs the zone file checks at the time of nameserver changes 
because that was the time at which the checks were done in the ISI 
era.  FAQ 14 discusses the reasons for this.  It seems reasonable, 
however, that going to a system of periodic checks of TLD zone files, 
rather than checking at the time of nameserver changes, might be a 
better way to address the problems of DNS database accuracy and 
consistency.  As pointed out in FAQs 19 and 20, we should all be 
receptive to improving coordination methods, and an examination of 
whether there are better ways to accomplish the goal of a sound, 
properly configured DNS would be an appropriate topic of a 
policy-development process.

>2. Were there any actual threats to stability due to the fact that 
>IANA did not exercise its access to zone files from 1999-2001?

First, let me clarify that the IANA did perform *some* TLD zone-file 
checks in 1999-2001.  For the reasons noted in FAQ 16, it did not do 
this routinely.  This situation has now been corrected.

As to problems from the less-than-uniform checking in the period up 
to 2001, it is of course difficult to say what errors weren't caught 
because some checks were not done.  During that period, however, 
errors were caught in cases where checks were done, and the IANA's 
more recent checks of previously unchecked TLDs have revealed some 
errors (that might or not have been present when earlier checks were 
skipped).  Of course, the DNS is very resilient and inevitably has 
many errors at any given time.  What is useful is a constructive, 
problem-solving approach to minimize the number and severity of 
errors.
>


-- 

__________________
Stuart Lynn
President and CEO
ICANN
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292
Tel: 310-823-9358
Fax: 310-823-8649
Email: lynn@icann.org
--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html