About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [dns-wg] .ORG DNSSEC Survey

  • To: bmanning@localhost
  • From: David Conrad drc@localhost
  • Date: Thu, 26 Jun 2008 10:34:37 -0700
On Jun 26, 2008, at 8:01 AM, bmanning@localhost wrote:


On Wed, Jun 25, 2008 at 03:28:09PM -0400, Edward Lewis wrote:

At 19:53 -0700 6/24/08, David Conrad wrote:
...polled -some- root server operators..

	Emphasis mine


Actually, the sentence you attribute to me was also yours.


If indeed the (ICANN) root server operators have misgiving about the
experiment, could someone operating a root server express the reasons? 

	two things here.  DRC didn't not poll -all- the
	operators, only some subset that he selected.
Indeed (ignoring the presumably spurious 'not' in the above sentence). I also spoke to folks who weren't root server operators (gasp) to provide the secondary service for the demo/test DNSSEC- signed root zone. The goal wasn't to replicate the root server "system" (what would be the point of that?), rather it was to obtain secondaries for a production-quality demo/test service that would go away once the real root zone was signed. I was specifically looking for professionally-operated widely distributed anycast services that had a track record of knowing how to provide root-level DNS and who could spell DNSSEC. As you yourself are aware, there are folks other than the existing root server operators who can do that sort of thing... 


	re misgivings about sanctioned alternate roots that
	remain persistant...
Hence the requirement for an agreement, the exact thing into which some of the root server operators I spoke to refused to enter (the non- root server operator folks I spoke to understood the rationale and had no such qualms). 


	in this case, (one) of the concerns is the defacto
	hijacking of the root zone editorial function - which
	is still done under contract/MOU wiht DoC and VSGN.


Riiight.
Funny: the data served by ns.iana.org for the DEMO/TEST (hint: not the root name service the data for which is published by VeriSign) service was derived from ftp://ftp.internic.net/domains/root.zone. Of course, discussions with the root server operators didn't get very far once the term "agreement" came up and I quickly lost interest trying to pursue it. My patience for purely non-technical politics isn't what it used to be (and it wasn't that good to begin with). 

Regards,
-drc
Post To The List:

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | Copyright Statement
RIPE.NET Homepage LIR Portal RIPE Community