26 October 2002
ICANN had recently issued an FAQ at http://www.iana.org/faqs/tld-zone-access-faq.htm regarding the policy to access to TLD Zone Files that was posted in September 2002 ("IANA's FAQ"). After perusing IANA's FAQ, we find that the explanations provided to justify the zone access policy unsatisfactory and we present our arguments in this document.
2.1 IANA stipulates that access to TLD zone files facilitates diagnosis of DNS problems and helps in analysing DNS performance. We are of the opinion that DNS performance analysis does not require zone file access. There are tools available (such as DNS Expert) that can assist in checking a particular TLD zone.
2.2 A DNS query, such as dig or nslookup, can check on delegation accuracy and proper configuration. This query can be done quickly. Further, the design of the DNS is in such a way that ensures optimum stability such that parent TLD domains are not affected by the misconfiguration of its delegated sub-domains.
2.3 We do not agree with the assertion that the basis of IANA's zone access policy is found in RFC1591. RFC1591 does not address zone access at all and instead states the following:-
2.4 "There must be a primary and a secondary name server that have IP connectivity to the Internet and can be easily checked for operational status and database accuracy by the IR and the IANA."
2.5 The ground of requiring copies of zone files in order to provide a last-resort backup to help ensure DNS stability in the event of local catastrophic failures is also questionable. The requirement of two name servers addresses the issues of zone data redundancy and network redundancy. This redundancy issue is addressed by, ideally, having geographic and network diverse secondary name servers.
2.6 Nonetheless, we find IANA's offer of providing last-resort back-up service of interest and would like to seek clarification on whether this is a service that IANA intends to offer, particularly to ccTLDs who face difficulties finding overseas secondary name servers?
2.7 We completely agree with the importance of ensuring DNS operational stability and performance. It is hoped that clear guidelines on such practices will be formulated in due course based on bottom up and transparent processes.
2.8 Any decision on methods of name servers checking should be made in consensus with the ccTLD community.