Re: draft-hollenbeck-grrp-reqs-06 [Was Re: Interim Meeting]

[Urs Eppenberger <urs.eppenberger@switch.ch>]

--On Montag, 5. Februar 2001 20:38 Uhr +0100 Patrick <patrick@gandi.net>
wrote:

> Right... because you do not use ns1.foobar.com and ns2.foobar.com as
> nameserver. In your case, someone just polluted the database.
> As soon as your domain use ns{1,2}.foobar.com, you are hijacked...
> 
> That is inconvenient, since when the true owner will want to register
> them for its true use, the Registry might not allow him, since they
> already exist (with bogus data). How do you control who can change
> the IP ?

You can get easy around this hijack problem. Just use the host name as the
object handle (or database key). Reverselookup must work. In such a case
you as holder of foobar.com has authority over *.foobar.com, generally you
can walk over to that guy and knock him. So, if a 'wrong' owner registered
a bogus hijack-nameserver, that wrong owner sits close. You most probably
have administrative control in your company over such a situation and there
is no need for the registry or for the protocol to ensure a correct
behaviour inside third party organisations.

Urs.