Brad;
> > I obviously cannot speak for other major ISPs, and am speaking here as an
> > individual, not as a representative of AS2548, but I do not see anything
> > obviously stopping various national carriers from anycasting the root, other
> > than a) lack of obvious contacts at the roots, and b) lack of perceived
> > authority. [0] [1]
>
> I don't trust them to do the job right.
That's why every ISP should run anycast root servers by itself
not relying on ones run by adjacent ISPs.
> I know a guy at AOL that I'd trust to do the
> nameservice side correctly, but I'm not sure I'd trust the networking
> guys to avoid screwing things up.
You are saying that, even if you securely retreive some address
from DNS, you do not trust the networking guys connect you to
a host of the address.
Then, there is no point of secure DNS.
> Then there's the issue of current DNS UDP truncation at the
> roots. There's no way this would fit into ~500 bytes:
Sounds like you never took a look at "anycast".
With UDP without truncation, we can run millions of root servers.
Masataka Ohta
#----------------------------------------------------------------------
# To unsubscribe, send a message to <[EMAIL PROTECTED]>.
