[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers
Kurt Erik Lindqvist
kurtis at kurtis.pp.se
Thu May 22 14:50:55 UTC 2008
On 22 maj 2008, at 16.29, David Conrad wrote:
> I'm suggesting that since it is so hard to change root server
> addresses, we remove the need to.
What you are suggesting is that we do a global renumbering event
instead of the current trickle that is converging on a stable set from
what I understand. And your arguments with all the problems associated
with renumbering would probably be even worse in the aftermath of a
> Unfortunately, some root server operators see the idea of making it
> easier to disassociate the address with the organization providing
> root service and re-associate it with a different organization as a
> threat. Perhaps this is understandable since it is much nicer to
> not have to be formally accountable to anyone, less of a burden to
> operate in non-transparent and non-open ways, more fun to have
> secret meetings, etc.
I feel pretty targeted by the above remarks, but I am 'somewhat'
surprised. I explicitly said that a change in accountability model
might or might not be desirable, but it is a question that is a lot
more complex than I feel to discuss here. But I think it's important
to point out that there are parts of the world who would believe that
the current distributed model is better than a model where a US
corporation operating under a DoC contract could make unilateral
decisions of who is to serve the root-zone, less desirable as well.
- kurtis -
More information about the dns-operations