January 09, 2004, 9:09 AM — VeriSign Inc. is planning changes to a DNS (Domain Name System) component responsible for coordinating updates to the .com and .net domains throughout the DNS system, according to a company spokesman.
The changes are intended to prepare .com and .net for more frequent daily updates of information such as new subdomains, address changes and the culling out of obsolete subdomains. Internet users and organizations managing Web sites on .com and .net will not notice the change, VeriSign said.
However, some networking experts worry that the change, which is scheduled for Feb. 9, may have unanticipated consequences that could interrupt traffic to some .com and .net Web sites and other online services.
The modifications will change the way part of a DNS component called the SOA (Start of Authority) Record is generated for .com and .net domains, according to information posted to the Nanog networking discussion group by Matt Larson, of VeriSign Naming and Directory Services and confirmed by Pat Burns, a VeriSign spokesman.
SOAs are used to manage DNS zones, areas of an Internet domain that are managed by a single DNS server. The records contain identifying information about the zone, such as the name of the primary DNS server for the zone, the e-mail address of the person responsible for the zone and a unique serial number that can be used to compare whether the zone information in one DNS server is newer or older than that managed by other, secondary servers.
VeriSign Naming and Directory Services will change the serial number format in the .com and .net zones' SOA records. Currently, the serial number format is YYYYMMDD, plus an additional two-digit number (00 to 99) that is updated whenever the zone data is updated.
Under the new system, VeriSign will change the serial number to a unique value equal to the number of seconds since 00:00:00 Greenwich Mean Time on Jan. 1, 1970, Larson said.
That will allow VeriSign to make better use of its ATLAS (Advanced Transaction Lookup and Signalling system) technology to make more frequent and efficient updates to .com and .net, from the current system of two daily updates, Burns said.
VeriSign does not anticipate disruptions stemming from the change, Larson said. But the company did allow that "processes that rely on the semantics of the .com/.net serial number" could be affected.
For example, companies that have created scripts to monitor domain change on .com and .net will almost certainly need to make changes to account for the serial number change, said Thor Larholm, senior security researcher at Pivx Solutions LLC of Newport Beach, California.