[dns-operations] Can Root DNS server modify the response?

David Conrad drc at virtualized.org
Tue Mar 26 16:45:36 UTC 2019


I’m no longer sure what you’re arguing for/against — I was simply pointing out that your assertion that “one will never know” whether responses were being censored was too pessimistic in the case of queries to the root servers given DNSSEC. This seems to have morphed to a rant against a particular implementation of DoH and the purpose of the Internet, which is fine, but unrelated to the subject of this message and not something I’m personally interested in arguing about.

One question related to your TLDR though:

On Mar 26, 2019, at 9:26 AM, Jeroen Massar <jeroen at massar.ch> wrote:
> - No transparency of (root) DNS server (auth/recursive) operations
>   - would be cool if operators would provide that transparency

My impression is that the root server operators are increasingly transparent in their operations.  What is still opaque in your view?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190326/f97c2fc3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190326/f97c2fc3/attachment.sig>

More information about the dns-operations mailing list