[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers

Kurt Erik Lindqvist kurtis at kurtis.pp.se
Wed May 21 06:46:04 UTC 2008

On 20 maj 2008, at 21.29, David Conrad wrote:
> On May 20, 2008, at 12:21 PM, Randy Bush wrote:
>>> So why not memorialize a set of "golden" /32s and /128s in a BCP and
>>> be done with it?  No more root hints file.  Yay!
>> moving the root hints file to pdf will help exactly how?  :)/2
> It would be fixed in code.  Think of it like the fixing in code of the
> port number for the DNS protocol.  The root server addresses, because
> of their unique requirements due to bootstrapping, would become
> (should have been defined as) part of the protocol.

If we are fixing something in code, then one /32 anycasted would be  
enough, no?

I have my doubts about fixing things in code. Especially for boot- 
strapping. It just becomes even harder to change the model if we ever  
have to...

- kurtis -

More information about the dns-operations mailing list