nanog mailing list archives

Re: Anonymous planning a root-servers party

From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Thu, 16 Feb 2012 09:13:34 +0900

Mark Andrews wrote:

Or just slave the root zone.  1 million root servers is more robust
than the hundred or so we have today


Good, I was serious to have said "not thousands but millions of"
servers when I proposed anycast root servers.

and given the root is signed
you can verify the answers returned.


With anycast, you can reach only a single server among servers
sharing an address even if you find some server compromised,
though you can try others with different addresses.

But, as most attacks will be DOS, DNSSEC capable servers are
weaker.

                                                Masataka Ohta

Current thread:

Anonymous planning a root-servers party George Bakos (Feb 15)
- Re: Anonymous planning a root-servers party Grant Ridder (Feb 15)
  - Re: Anonymous planning a root-servers party Dave CROCKER (Feb 15)
  - Re: Anonymous planning a root-servers party Stephane Bortzmeyer (Feb 17)
    - Re: Anonymous planning a root-servers party Sven Olaf Kamphuis (Feb 17)
    - Re: Anonymous planning a root-servers party Jay Ashworth (Feb 17)
- Re: Anonymous planning a root-servers party Jared Mauch (Feb 15)
  - Re: Anonymous planning a root-servers party Eric Parsonage (Feb 15)
  - Re: Anonymous planning a root-servers party Mark Andrews (Feb 15)
    - Re: Anonymous planning a root-servers party Masataka Ohta (Feb 15)
- Re: Anonymous planning a root-servers party Stephane Bortzmeyer (Feb 17)