[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers
bmanning at vacation.karoshi.com
bmanning at vacation.karoshi.com
Thu May 22 04:41:44 UTC 2008
On Wed, May 21, 2008 at 02:45:44PM -0700, David Conrad wrote:
> There is no assumption that the "golden" addresses would not be
>
...
>
> I'm suggesting we fix the problem of renumbering root servers. We can
> either fix it by removing the problem (that is, not renumber) or we
> can come up with a protocol and implement the protocol (and ignore the
> fact that old root server address still get O(100) queries per second
> after 10 years).
>
> Regards,
> -drc
>
"golden" addresses are frowned on offically by the IAB.
fixing the "problem", can be :
- not renumbering ever again (ISC seems to like this approch,
they can hard-code more prefixes into BIND)
- come up w/ a new method/protocol
or
- rethink how the DNS implementation varies from the protocol
and change implementation attributes.
backwards compatability is a fine goal but at the expense of
progress, this might be problematic.
--bill
More information about the dns-operations
mailing list