[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers

Daniel Karrenberg daniel.karrenberg at ripe.net
Fri May 23 08:15:32 UTC 2008


On 22.05 07:29, David Conrad wrote:
> 
> Unfortunately, some root server operators see the idea of making it  
> easier to disassociate the address with the organization providing  
> root service and re-associate it with a different organization as a  
> threat.  Perhaps this is understandable since it is much nicer to not  
> have to be formally accountable to anyone, less of a burden to operate  
> in non-transparent and non-open ways, more fun to have secret  
> meetings, etc.

[note this is not operations but policy, but since you went there ... ]

Some root name server operators, the RIPE NCC included, are very careful
to maintain full authority over the operation of the service under their
responsibility.  We have independent, clearly defined, open and
transparent governance processes for this.  Besides keeping critical
eggs in separate baskets this is necessary for a clear and transparent
division of responsibility, accountability and transparency, the very
things that your argument demands. 

The original source of this thread clearly demonstrates that it is a Bad
Idea(Tm) to operate DNS root name servers in address space assigned to
an entitiy that is different from the root name server operator.  In
addition to this blatant example it is important to realise, that any
DNS name server operator is rightfully held accountable for the quality
of service at the network layer address of its service.  Hence the
operator must be able to autonomously and expeditiously take any action
necessary to defend against address space hijacking.  The only way this
can work well is when the name server operator is the registered user of
the address space concerned. 

Consequently the RIPE NCC is not likely to change its position on this
principle. 
So if you have any concerns about our operation or governance please
bring it up with us.  If we cannot address your concern, do not hesitate
to bring it up at a RIPE meeting or raise it with the RIPE NCC board. 

If you have concerns with the operation or gvernance of other DNS root
name server operators, bring it up within their governance processes.  I
realise that this may be more difficult with some than with others and
my erception of your line of reasining is that centralised control by
ICANN may look more convenient to you and that you support the efforts
of ICANN to implement such control through contracts or through ICANN
having authority over the IP addresses of the root name servers.  This
is dangerous.  Distribution and clear demarcation of governance and
operational authority is a Good Thing(TM) for those few functions in 
the Internet that cannot be truly distributed. 

Let us not take things our of proportion.  DNS (root) name service has
been reliable and highly available for decades.  Both operation and
governance have evolved successfully.  Re-nubering root name servers is
in fact supported well by both the protocol and operational practises. 
The renumbering issue affects only the tiny minority iof users that
neglects to operate their DNS service according to long estalished best
practises.  This issue cannot be a justification to endanger a system
that is stable and works for the vast majority that does follow best
practises. 

Daniel



More information about the dns-operations mailing list