[dns-operations] New addresses for b.root-servers.net

[Matthew Richardson]

Dave Knight wrote:-

>> all you can validate is the NS set. The host records cannot be validated because root-servers.net is not signed.
>
>Good point!
>
>They're still used to replace what was provided in the root.hints after the priming response is received though.

Without wishing to ask a really stupid question, is there any reason why
root-servers.net is not DNSSEC signed?

Would signing it provide additional any additional security?

--
Best wishes,
Matthew