[dns-operations] root? we don't need no stinkin' root!

Wessels, Duane dwessels at verisign.com
Wed Nov 27 18:25:21 UTC 2019

> On Nov 25, 2019, at 2:19 PM, Florian Weimer <fw at deneb.enyo.de> wrote:
> * Jim Reid:
>>> On 25 Nov 2019, at 20:54, Florian Weimer <fw at deneb.enyo.de> wrote:
>>> Is it because of the incoming data is interesting?
>> Define interesting.
> The data could have monetary value.  Passwords that are otherwise
> difficult to come by might be leaking.

Hi Florian,

I can assure you that Verisign does not monetize the root server data.  If
any other operators do, I'm not aware of it.

We do utilize root server data for research purposes from time-to-time.
Recent examples include the KSK rollover and name collisions.  Less recent
examples include understanding TTL/caching behavior and preparing for the
root ZSK size increase.  When DDoS attacks happen, we often analyze the
data to see if we can understand how and why it happened, and to be better
prepared for the next one.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4675 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20191127/ae334ea1/attachment.bin>

More information about the dns-operations mailing list