-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
Joe Abley, then Peter Koch say:
I also don't know of any formal undertaking by any of the current
real root nameserver operators to leave un-authenticated [AI]XFR
access to their servers for the root zone open, so
On Sat, Feb 10, 2007 at 09:50:43PM +0100, Paul Wouters wrote:
On Sat, 10 Feb 2007, Pekka Savola wrote:
As Bert mentioned in the next message, the risk of outdated (and therefor
out-of-sync) roots is real.
I just compared the root zone as RedHat shipped it on Fri 07 Sep 2001,
with the
On Sat, Feb 10, 2007 at 09:50:43PM +0100, Paul Wouters wrote:
On Sat, 10 Feb 2007, Pekka Savola wrote:
As Bert mentioned in the next message, the risk of outdated (and therefor
out-of-sync) roots is real.
I just compared the root zone as RedHat shipped it on Fri 07 Sep 2001,
with the
I just compared the root zone as RedHat shipped it on Fri 07 Sep 2001,
with the root zone as published on root-servers.org, and only B and J
are different. So even using a 6 year old root zone will work fine in
That is the 'hints' file - the discussion is about the full root zone as
On Fri, 9 Feb 2007, Stephane Bortzmeyer wrote:
There is a thread on the CircleID information site:
http://www.circleid.com/posts/attack_internet_root_servers/
which, in the light of this week's attack on root name servers,
suggest to keep a local copy of the root zone.
I was surprised that