Florian Weimer píše v Čt 22. 05. 2008 v 12:36 +0200: > * Thijs Kinkhorst: > > >> Should this _really_ rely on the goodwill of the people who at any moment > >> in time manages the IP address? > > > > It's very important to note here that the goodwill of people that manage > > the current IP addresses, connectivity or housing of any active root > > nameserver is equally relied upon. > > Indeed. As far as I know, there is no contractual framework whatsoever > covering performance, security, or privacy.
I guess that especially with older root servers it may not be the case, but I am pretty sure that there are contracts between ICANN and some root server operators (at least with RIPE, WIDE, Autonomica, ISC, Verisign). > If this turns out to be a problem, we need to ship a signed copy of the > root zone, together with an appropriate update mechanism, effectively > eliminating our reliance on the root servers. We should only do this if > there is indeed no other way to cope with the situation. And after root is signed (DNSSEC - testbed at IANA[1]) we will need mechanism how to update root zone keys. Ondrej 1. https://ns.iana.org/dnssec/status.html -- Ondřej Surý <[EMAIL PROTECTED]> *** http://blog.rfc1925.org/ Kulturní občasník *** http://www.obcasnik.cz/ Nehoupat, prosím *** http://nehoupat.blogspot.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
