[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers

Kurt Erik Lindqvist kurtis at kurtis.pp.se
Thu May 22 14:50:55 UTC 2008

On 22 maj 2008, at 16.29, David Conrad wrote:

>  I'm suggesting that since it is so hard to change root server  
> addresses, we remove the need to.

What you are suggesting is that we do a global renumbering event  
instead of the current trickle that is converging on a stable set from  
what I understand. And your arguments with all the problems associated  
with renumbering would probably be even worse in the aftermath of a  
global renumbering.

> Unfortunately, some root server operators see the idea of making it  
> easier to disassociate the address with the organization providing  
> root service and re-associate it with a different organization as a  
> threat.  Perhaps this is understandable since it is much nicer to  
> not have to be formally accountable to anyone, less of a burden to  
> operate in non-transparent and non-open ways, more fun to have  
> secret meetings, etc.

I feel pretty targeted by the above remarks, but I am 'somewhat'  
surprised. I explicitly said that a change in accountability model  
might or might not be desirable, but it is a question that is a lot  
more complex than I feel to discuss here. But I think it's important  
to point out that there are parts of the world who would believe that  
the current distributed model is better than a model where a US  
corporation operating under a DoC contract could make unilateral  
decisions of who is to serve the root-zone, less desirable as well.

- kurtis -

More information about the dns-operations mailing list