[dns-operations] DNSSEC undoing independence of root-zone operators

David Conrad drc at virtualized.org
Thu Feb 17 16:15:20 UTC 2011

On Feb 16, 2011, at 7:10 PM, david at from525.com wrote:
> If they approached ICANN with this type of request what would happen?

Sort of a dodge, but I suspect ICANN would say "sorry, we neither edit nor publish the root zone" and refer them to VeriSign.  If they then went to VeriSign, they'd undoubtedly abide by their contract and legal requirements.  When the inappropriately modified root zone gets published, chaos would ensue and resolver operators would have to decide which namespace they want to use.  I imagine the end result would be two namespaces with two sets of root servers with all that implies.

> DNS seems to be something that legislators are really interested in these days trying to pass such bills as the Combating Online Infringement And Counterfeits Act.

Yes.  Governments like handles to control stuff and when all you have is a hammer, lots of things look like nails.

> DNSSEC aside for a moment; How do we all feel about this type of news as DNS Operators?

It would suck?


More information about the dns-operations mailing list