On Sat, Feb 10, 2007 at 09:50:43PM +0100, Paul Wouters wrote:
> On Sat, 10 Feb 2007, Pekka Savola wrote:
>
> > As Bert mentioned in the next message, the risk of outdated (and therefor
> > out-of-sync) roots is real.
>
> I just compared the root zone as RedHat shipped it on Fri 07 Sep 2001,
> with the root zone as published on root-servers.org, and only B and J
> are different. So even using a 6 year old root zone will work fine in
> the case of a flat out successfull attack against all root servers. I
> will buy a beer for everyone on this list who doesn't have 6 year old
> or newer root zone lying around within two hops of their desktop.
>
> Paul
really? there have been several new TLDs added in the past few years
and dozens of glue changes. I'd posit that the root zone of six years
ago is quite a bit different than the root zone of today.
and if B & J are different that A,C-I,K-M, then this should only be
due to "rounding" error" of a few hours.
--bill
_______________________________________________
DNSOP mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dnsop
