> Andrew Sullivan <mailto:a...@anvilwalrusden.com> > Sunday, November 09, 2014 3:58 PM > Hi, > > > I didn't understand that, either; I thought what John said was what > you intended. > > Doesn't this suffer in terms of robustness?
yes. parts of the 'net can be made root-serverless by accident this way, more easily than in the current system, because very few people currently try to intercept traffic destined for the 13 root name servers. that risk is part of the cost in any cost-benefit analysis of the proposal. i expect to mitigate the risk slightly by telling any given unowned-anycast provider that they should only intercept one of the two unowned anycast server address blocks, so that if they have an outage, it will only affect one of the designated servers, leaving open the likelihood that the other will still be reachable. > > And isn't there some danger that this "parallel" root becomes an > attractive target for those who want things to be different than > what's in the "official" root? That is, in effect, isn't this a plain > old alternative root? no. any RDNS operator who receives advice on how to change their root hints to use the unowned-anycast root server addresses will also be told not to turn this on unless they have also turned on DNSSEC validation and root key rollover. so, no. -- Paul Vixie
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
