[dns-operations] renesys blog: Identity Theft Hits the Root Name Servers
Matthew Pounsett
matt.pounsett at cira.ca
Fri May 23 14:38:27 UTC 2008
On 23-May-2008, at 05:14 , Stephane Bortzmeyer wrote:
> On Thu, May 22, 2008 at 02:33:05PM -0400,
> Matthew Pounsett <matt.pounsett at cira.ca> wrote
> a message of 56 lines which said:
>
>> The argument against golden addresses that comes to mind for me is
>> an aesthetic dislike
>
> No, not only, see RFC 4085
>
4085 deals with hard-coding regular addresses, not blessing particular
addresses for a particular part of the infrastructure. The problems
it lists are, roughly:
1) use of services without permission
2) crowding of workload, overwhelming a service
3) use of IP addresses rather than hostnames
4) "tainting" address blocks, interfering with reassignment
None of these would be issues for address blocks reserved in RFC for
root DNS service. In fact, #4 is an issue now, when there's a
renumbering event, and would become a non-issue if the root DNS server
addresses were fixed, and reserved in RFC.
Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20080523/6857e96e/attachment.sig>
More information about the dns-operations
mailing list