Following Internet Standards and to improve performance for all Internet
users, what if Verisign decided to start including other A records
directly in the .COM/.NET zones?
For example, the A records for the servers for the .COM/.NET zones?
funnily enough, that would work fine, since it would be in-zone glue, and
would arrive in referrals, rather than arriving in answers. the zone would
still be "delegation-only" according to the functionality we're releasing.
Or "interesting" sites that Verisign has a relationship with?
that would not work very well for a recursive server who had declared com
or net to be delegation-only.
I wouldn't be surprised if tomorrow, Verisign is the playing the victim
and calling ISC the out-of-control hooligans.
that's doubtful. i've seen people here today advocate "wet teams", null
routing, patches that hard coded A RR values, cutting off uncooperative
root name server operators from internet connectivity, and even writing
letters to congress. isc's actions are at best a minor sideshow here.
the question you should be asking yourselves is, what will aol and uSoft
do? will microsoft add "delegation-only" features to its recursive dns
implemenation? will aol or msn enable this in the recursive servers that
face their customers? i guess what i'm trying to say is, the folks who
are complaining about this wildcard on nanog, are not the ones verisign
was probably hoping would buy stuff. "these aren't the eyeballs you're
looking for." the real action is occuring somewhere else entirely.