[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers

Matthew Pounsett matt.pounsett at cira.ca
Fri May 23 14:38:27 UTC 2008

On 23-May-2008, at 05:14 , Stephane Bortzmeyer wrote:

> On Thu, May 22, 2008 at 02:33:05PM -0400,
> Matthew Pounsett <matt.pounsett at cira.ca> wrote
> a message of 56 lines which said:
>> The argument against golden addresses that comes to mind for me is
>> an aesthetic dislike
> No, not only, see RFC 4085

4085 deals with hard-coding regular addresses, not blessing particular  
addresses for a particular part of the infrastructure.   The problems  
it lists are, roughly:
1) use of services without permission
2) crowding of workload, overwhelming a service
3) use of IP addresses rather than hostnames
4) "tainting" address blocks, interfering with reassignment

None of these would be issues for address blocks reserved in RFC for  
root DNS service.  In fact, #4 is an issue now, when there's a  
renumbering event, and would become a non-issue if the root DNS server  
addresses were fixed, and reserved in RFC.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080523/6857e96e/attachment.sig>

More information about the dns-operations mailing list