Posted by Yves Poppe, our guest blogger
At the recent ISOC Asia (1) conference in Kuala Lumpur a rather innocuous coffee break question was raised: could any one around the table name some of the major TLD’s still delinquent in their IPv6 support ? Nobody could answer on the spot but the question intrigued me.
A logical place to start looking for an answer was ICANN (2). Their Kim Davies provided a rather revealing perspective in a presentation (3) at ICANN 34 in april. 41% of the 280 existing TLD’s did not provide any IPv6 connectivity and more than 68% did without any diversity. Even for IPv4 it was surprising to see that 7.2% of TLD’s do not provide diversity, contrary to IANA rules. Two name servers separated by geography and topology are required and the same applies for IPv6 (gTLD applicant guidebook) (4).
IANA provides a list (5) of all legitimate TLD’s. including the recent fancy additions like .museum and the like.
Hurricane’s Mike Leber’s IPv6 deployment progress report (6), which is updated daily, provided another piece of the puzzle. When correlated to the IANA list, bingo, the culprits became visible, many obscure but a number of them rather out of place in this set. To refine the model, the title of Top Level Delinquent could be bestowed on the TLD with the largest number of domain names allocated under its ‘top’.
As ICANN and IANA can only do so much to enforce rules and regulations, an independent, up to date shame list, pillory of the cyber age, might help delinquents recognize themselves and also expose potential weak points in the internet. To give recognition to top performers on the other hand, why not create a TTLD honour roll for TLD’s who have 3 or more IPv6 authorities?
Oh yes, 9.6% of TLD’s still had open recursive name servers. Safe bet that some failed the grade in both the IPv6 and open recursivity categories oblivious of another Kaminsky type attack.
Progress is being made but to accelerate on the road of IP convergence and instill more confidence in the ‘public internet’, some additional discipline in the Domain Name area, starting with the top and working its way down, would certainly not hurt.