[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers
Kurt Erik Lindqvist
kurtis at kurtis.pp.se
Wed May 21 18:53:12 UTC 2008
On 21 maj 2008, at 20.41, David Conrad wrote:
> On May 21, 2008, at 10:33 AM, Kurt Erik Lindqvist wrote:
>>>> Especially for boot-strapping. It just becomes even harder to
>>>> change the model if we ever have to...
>>> If you change the model, you have to muck with code.
>> My point is that we risk running into all kind of wired behavior in
>> the future. Take adding AAAA glue. Not all operators are ready for
>> deploying it at production quality right now.
> The BCP would specify the addresses and they would be assigned to
> root server operators as they are prepared to start using them.
> Again, the point is the addresses would be associated with the
> SERVICE not the OPERATOR. If a root server operator decided they
> had better things to do with their lives than answer DNS root
> queries, we wouldn't have to deal with changing every caching server
> on the entire planet. All that would change would be the
> organization originating the route to the address.
Hmm. I *think* that what you are proposing is more than just an "IANA
action" or a model that fits into an RFC. I believe this would
constitute far more reaching change than that. The change described
above would also mean that IANA could declare a user of said IP
address no longer the right user. That is quite a change from the
model of today. That change might or might not be desirable but IMHO
it's a different topic and will go into a large rathole that I think
we will do best to avoid.
>> Imagine we come up with something in the future, we then need again
>> wait for updates of software to propagate. Take the addition of new
>> RRs or example. TXT seems popular...
> You're suggesting that we're going to start putting new RRs, e.g.,
> TXT in the root hints file? And this isn't going to require
> software updates to propagate?
No, I tried to make a bad analogy.
- kurtis -
More information about the dns-operations