On Aug 22, 2008, at 11:53 AM, David Conrad wrote:
Specifically, one of the concerns has been that a separate infrastructure would in some way promote alternate root name spaces.
It seems to me that the way to avoid this problem is for the incumbents to step up to the plate.
Another concern has been that unless the existing root server operators are chosen to provide the infrastructure (and some of those operators have indicated little interest in eating the cost of building yet another root DNS infrastructure), it would lessen the role of the root server operators.
It seems to me that it would not be a terribly large challenge to run both roots on the same physical hardware, particularly for the root zone, where query volume is the only major technical issue. Running two authoritative name server instances for root, one signed and one not, each answering on a different IP address, would not be all that hard.
I know that ANS will do this (in fact, you can just run different views for each IP address, rather than running two instances), and BIND will do this. So it seems to me that the technology exists to solve this problem. And perhaps now the will exists as well, or could be more easily cajoled into existence.
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
