[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers
Kurt Erik Lindqvist
kurtis at kurtis.pp.se
Wed May 21 06:46:04 UTC 2008
On 20 maj 2008, at 21.29, David Conrad wrote:
> On May 20, 2008, at 12:21 PM, Randy Bush wrote:
>>> So why not memorialize a set of "golden" /32s and /128s in a BCP and
>>> be done with it? No more root hints file. Yay!
>> moving the root hints file to pdf will help exactly how? :)/2
>
> It would be fixed in code. Think of it like the fixing in code of the
> port number for the DNS protocol. The root server addresses, because
> of their unique requirements due to bootstrapping, would become
> (should have been defined as) part of the protocol.
If we are fixing something in code, then one /32 anycasted would be
enough, no?
I have my doubts about fixing things in code. Especially for boot-
strapping. It just becomes even harder to change the model if we ever
have to...
- kurtis -
More information about the dns-operations
mailing list