I could be wrong because I don't fully understand BIND internals here, but if anyone wanted to copy the root domain and add new toplevel domains like .bork or .die on their own networks, they could just do it. Any references to .bork or .die would be correctly resolved and any other references would be delegated to the same .com and .org and .net servers that are currently in use. If other networks felt there was value in accessing the .bork and .die domains they would do similarily referencing your nameserver to resolve such references.
Is there any technical reason this wouldn't work?
Sure. Someone physically DENY'ing you the ability to transfer zone info or domain lookups. Of course, this is localized protection, so you could still hijack till your heart's content on all upper level servers. - paul _______________________________________________________________________________ Paul Ferguson US Sprint tel: 703.689.6828 Managed Network Engineering internet: paul@hawk.sprintmrn.com Reston, Virginia USA http://www.sprintmrn.com