[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers

Edward Lewis Ed.Lewis at neustar.biz
Tue May 20 12:58:02 UTC 2008


What I question is "how is this identity theft?"

If there was an infraction, my guess is that it's in the 
illegal/inappropriate redistribution of the ICANN (copyrighted?) root 
zone.  I just don't see the need to pull in a "media darling" term to 
describe the situation.

 From my memory, I went to rs.internic.net and got a copy of the root 
zone.  On the way in, I don't see any access restrictions until I see 
this inside the root.zone file:

;File start: 99133
; The use of the Data contained in Verisign Inc.'s aggregated
; .com, and .net top-level domain zone files (including the checksum
; files) is subject to the restrictions described in the access Agreement
; with Verisign Inc.

But that seems to not cover the root zone - the root is not a "TLD" 
at least in some interpretations.  And, the notice doesn't give a 
clear indication where the access agreement can be found.  (I went to 
"internic.net" and not a domain with "Verisign" in the name.)

If the root zone is not copyrighted, what was the malfeasance?

The reason I am bringing this up is, while I don't agree with the 
maintaining of a DNS server purporting to be a root server (was the 
AA bit set?) outside of recognized and public agreement, if the rules 
for who is and who is not allowed to answer with root zone data is 
not clear, the system is vulnerable to abuse.

Edward Lewis                                                +1-571-434-5468

Never confuse activity with progress.  Activity pays more.

More information about the dns-operations mailing list