[Yeti DNS Discuss] 转发: [dns-operations] Domain Name System without Root Servers

'Stephane Bortzmeyer' bortzmeyer at nic.fr
Wed Oct 11 11:39:10 UTC 2017

On Wed, Oct 11, 2017 at 06:37:59PM +0800,
 Davey Song <ljsong at biigroup.cn> wrote 
 a message of 61 lines which said:

> As much as I understand:

The way I understand it:

> 1) The resolver can work with at least two trust anchors, right? One
> TLD's KSK and IANA's KSK. If yes, it needs to change heavily the DNS
> specification on resolver and the implementation.

Why? All resolvers can do that (typically, the most specific TA is
used). For instance, today, a resolver in China may use the ICANN TA
and the .cn TA, in its configuration, to be sure that .cn can be
validated whatever ICANN does. It does not change the DNS protocol.

> 3) Is it necessary for TLD server to host root zone?


> If there is no root zone hosted by TLD serve, how .com TLD server
> resolve the request for .cn queries.

It does not. The resolver queries the .cn servers for example.cn and
the .com servers for example.com. In a way, there is a root zone file
in every resolver.

More information about the discuss mailing list