Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Seized poker domains

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Seized poker domains

Chronological Thread 
  • From: Psilo <dns AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] Seized poker domains
  • Date: Fri, 22 Apr 2011 12:14:13 +0200
  • Domainkey-signature: a=rsa-sha1; c=nofws;; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=XQxGTfaakvEAxQxGH2HM4R31P97kvE9O2gByLCqNtzxcI0mRnamd/NcRYI2b7FOj1x fcBPUcGQ74FQY4e7zt4BkdJi8IglSh72IN+reu6dmoSIY1NkfRYvn6FloGMzmZxRgbSG Apsx58YngxpPsQKmMk84M7jzESMSqUB2zqsk8=
  • List-archive: <>
  • List-id: <>

I prefer option 2, but I am not sure to create a custom build of bind9 would be a good idea.

2011/4/21 Jeff Taylor <shdwdrgn AT>
OK there are two ways to handle 'protecting' a domain name.  I will use "" as an example.  Please submit your opinions for each method, along with any additional pros and cons.  Once a choice has been made on the methodology, I believe we will be ready to put the idea to a vote.

(1) Redirect queries to a temp page.  When browsing the web, a user would see a page warning that the destination page has come under government control, and they are given the option to visit the original page, or the new (government-controlled) page.  If choosing to visit the original page, the user would be redirected to something like "" which we create to contain NS and/or A records pointing to the original site.

- Users instantly know when a redirect is occurring

- Limits usage to web-only -- all other forms of queries would return the dns for the warning page.
- Requires maintaining additional zone files for each .glue domain created.
- Poorly-designed website will not functional correctly except from their original domains

(2) Create our own entries in the root record to point all queries back to the original domain.  Create a custom build of bind9 which, when queried for "", will strip off the .icann portion and perform the lookup via an icann-based dns server.

- Seamless.  To a user, it will be like the original site still exists.
- No additional zones will need to be created or maintained, although we will have to create the .icann TLD.
- The .icann queries can be distributed between any T1 or T2 servers willing to run the modified bind9.

- Users will not be made aware of the redirects.  A wiki page will need to be created to list all 'protected' domains.
- Someone will have to create the modified bind9 code.
- The servers handling the .icann queries will need to be aware of the potential for abuse.
discuss mailing list
discuss AT

Archive powered by MHonArc 2.6.19.

Top of Page