[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers
jabley at ca.afilias.info
Thu May 22 16:43:56 UTC 2008
On 22 May 2008, at 10:31, David Conrad wrote:
> On May 21, 2008, at 11:20 PM, Kurt Erik Lindqvist wrote:
>> Given how rare a renumbering event is, I doubt we have a problem to
>> solve in the first place.
> We have just had an experience proof that it is a problem. I'm not
> sure how anyone benefits from pretending that problem doesn't exist.
When taking about the situation that started this thread, I think it's
important to differentiate between operational problems which caused
failures for clients, potential operational problems which could have
caused problems for clients, and policy problems which might one day
lead to operational distress for someone.
As best as I can tell (not having consciously sent queries to old-L or
looked in a routing table for its address myself) there has been no
actual operational problem. There has been the potential operational
problems (e.g. potential for EP.Net or Community DNS to serve a
different zone from a server bound to old-L's address; operational
confusion in problem escalation; I'm sure there are many other
examples). It seems to me that there's a policy problem, but since
this is an operations list that seems off-topic, here.
So, in practical, operatioal, user-experience terms, "there is no
problem now" doesn't seem too far from the mark.
If what we're talking about is engineering solutions to potential
future problems, we should be clear about that, since the urgency of
the problem at hand has an influence on the engineering compromises
that are chosen in response to it.
More information about the dns-operations