At 2:45 PM -0700 2005-04-09, bruce wrote:

> if i am, then in theory, it appears to me that one could essentially build a
> reasonably accurate list of valid IP Addresses for a given URL... in order
> to maintain the accuracy, one would have to continually 'build/maintain' the
> list, but it seems that it could be done.. am i missing something?

No, it couldn't be done, because you can't generate the same
queries from all possible different locations in the Internet. Since
the answers you get could be different for any given query source,
you have to query from all possible sources. Of course, then you'd
have to start all over again, because the load-balancing answers for
a given query source might have changed.

> also, if i get an IP Address for a given URL, how do you determine if it's
> really valid?

Depends on what you mean by "really valid". Without DNSSEC and
strong cryptographic signatures on DNS data, the best possible answer
you can get will still be pretty weak.

> would you have to go back to the authoritative DNS to see if
> the IP is valid.

That's assuming that there isn't someone sitting between you and
them, watching all your queries and generating whatever answers they
want you to see. That's assuming that your own cache isn't
poisoned/polluted with respect to the IP addresses of the
authoritative nameservers. That's assuming that the authoritative
nameservers are correctly configured and handing out correct data.

That's assuming a lot of things.

> is there a list somewhere for a URL of the valid IP
> Addesses for that URL?

In the context of DNS, URLs don't exist. There are domain names,
and host names, and various different types of records associated
with host and domain names, but there are no "URLs".

URLs are something that is constructed based on a host or domain
name, with some additional information added (such as what protocol
or port would be used to connect to the service, etc...).

Brad Knowles,

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755

SAGE member since 1995. See for more info.