[dns-operations] Can Root DNS server modify the response?
Paul Vixie
paul at redbarn.org
Sat Mar 23 21:17:58 UTC 2019
Ray Bellis wrote on 2019-03-23 13:59:
>
>
> On 23/03/2019 19:20, David Conrad wrote:
>
>> However, I believe all the root server operators have committed to
>> abide by RSSAC01 which includes expectation E.3.2-B which states
>> "Individual Root Servers will serve accurate and current revisions of
>> the root zone.” I’m sure both NASA and ISC require the folks who
>> operate their instances to abide by RSSAC01.
>
> That's correct - Cloudflare are required through our agreement with them
> to serve the root zone data correctly and completely. There is no
> "censorship" of root zone answers from them.
that's great, but it doesn't matter, since CF doesn't have the signing
key. any modifications that any operator makes, even RFC 7706 operators,
try to make will fail loudly and embarrassingly.
let's call this question absurd and move on.
--
P Vixie
More information about the dns-operations
mailing list