[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers

Matthew Pounsett matt.pounsett at cira.ca
Thu May 22 17:41:49 UTC 2008


On 22-May-2008, at 12:43 , Joe Abley wrote:

>
> So, in practical, operatioal, user-experience terms, "there is no
> problem now" doesn't seem too far from the mark.

I think it's a matter of perspective.

Someone did something many people feel they shouldn't have done.  This  
time it didn't result in breakage, but that doesn't mean there isn't a  
problem to be solved.

The lines between operations and policy are, I think, a bit blurry on  
this one.  On the one hand, this is operational in that the  
opportunity for problems was created by a renumbering event, but on  
the other hand there's a policy issue surrounding what can/should be  
done with the addresses of decommissioned root servers.

David has a good idea for an operational change that removes the  
opportunity for the policy problem.  Because of the relative rarity of  
renumbering events, perhaps we're not in a huge rush to fix that  
problem right this minute.. but it seems to me that's it's reasonable  
to start work on it.

Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080522/02927524/attachment.sig>


More information about the dns-operations mailing list