[Yeti DNS Discuss] Yeti Root Server Glue

Paul Vixie paul at redbarn.org
Tue May 26 22:16:04 UTC 2015

Stephane Bortzmeyer wrote:
> On Sun, May 24, 2015 at 12:16:03PM -0700,
>  Paul Vixie <paul at redbarn.org> wrote 
>  a message of 63 lines which said:
>> we would have to create a top level name (which is a policy
>> violation, so, would require study) called "yeti-root" or similar. 
> Will it help with the policy violation if we used an "illegal" name
> such as "yeti_root", which would be free for any future collisions?

my preference would be to do only something i could imagine IANA doing. that is, to make any change we experiment with, as relevant as possible to future DNS policy discussions. so, while i know that i've suggested A.ROOT, B.ROOT, etc (in-zone; no delegation at ROOT), i think that the creation of "top level names" requires a huge circle of consensus. adding an _ to it i think makes that consensus less likely.

since NSD does the right thing here, we're currently planning to report this as a BIND9 bug. so, if names like "YETI-NS.TISF.NET" are appended to our version of the root zone before signing, they should be retained but not signed (being under the .NET delegation point in this case) and they should be returned when referenced (for example, by a root hint probe.)

what's exciting about this is that if ISC agrees, then this will be yeti's first "finding". 

Paul Vixie

More information about the discuss mailing list