[dns-operations] Can Root DNS server modify the response?
James Stevens
James.Stevens at jrcs.co.uk
Sun Mar 24 11:43:37 UTC 2019
On 23/03/2019 21:17, Paul Vixie wrote:
>
>
> Ray Bellis wrote on 2019-03-23 13:59:
>>
>>
>> On 23/03/2019 19:20, David Conrad wrote:
>>
>>> However, I believe all the root server operators have committed to
>>> abide by RSSAC01 which includes expectation E.3.2-B which states
>>> "Individual Root Servers will serve accurate and current revisions of
>>> the root zone.” I’m sure both NASA and ISC require the folks who
>>> operate their instances to abide by RSSAC01.
>>
>> That's correct - Cloudflare are required through our agreement with them
>> to serve the root zone data correctly and completely. There is no
>> "censorship" of root zone answers from them.
>
> that's great, but it doesn't matter, since CF doesn't have the signing
> key. any modifications that any operator makes, even RFC 7706 operators,
> try to make will fail loudly and embarrassingly.
>
> let's call this question absurd and move on.
>
+1
More information about the dns-operations
mailing list