root-servers.net replaced?

Jim Reid jim at rfc1035.com
Mon Apr 1 18:52:27 UTC 2002


>>>>> "bert" == bert hubert <ahu at ds9a.nl> writes:

    bert> The majority of the root-servers is under direct or indirect
    bert> control of the US government.

Nope. Though this might change if/when the root server operators sign
contracts with ICANN. It depends on your definition of control I suppose. 
The US government runs 3 root servers. It could probably twist the arms
of Verisign/NSI and ICANN to get control of another 3. As for the
remaining 7....

    bert> In the end it boils down to
    bert> whose BGP announcements you chose to believe.

Indeed, but it's always been like that. [Which is pretty much what
that lengthy excerpt from some Verisign document you posted said.]
There's nothing stopping you or my evil twin setting up fake root
servers and persuading others to use them instead of the real one(s).
Today some companies even have this as their business model. Sigh.

    bert> I would like to go on record here in predicting that we will
    bert> have 'root wars' within 5 years.

Root wars have been going on since the DNS was first set up. IIRC
someone went to jail a few years ago because they mounted a successful
spoof attack against the root servers and then did Evil Things. These
holy wars will go on for at least as long as the DNS exists. No doubt
long after the DNS is dead and buried some bozos will still be whining
that their country/ISP/Internet Exchange really should have had a root
server.


More information about the bind-users mailing list