Hi, On 10/23/02 8:44 PM, "Christopher L. Morrow" <chris@UU.NET> wrote:
"This showcases a specific vulnerability that requires the government to get involved," Julian said. "If you run a DNS server what is your monetary incentive to secure it? There is none. This is the number one area of focus that the government should have." This last quote is complete non-sense. The major reason an operator would want to keep a root server secure and available is, in my mind atleast, the stigma associated with running a poor service.
Unfortunately, this has not been the case historically. Stigma has taken a back seat to fiscal and/or bureaucratic realities (and the requests of the people on the front lines trying to fix the situation).
Something that EVERYONE on the Internet could notice as a problem is a very large burden to bear.
Actually, not really, since the most popular caching server homes into the name server that responds the fastest. Poorly performing name servers don't get asked questions, so no one really notices they suck unless they look.
Gov't requirements or management of this system is a non-starter, its not going to increase the security or availability of the systems in the least.
That's very true. However, it seems to me politicians must be seen doing "something", regardless of whether the something makes a whole lot of sense technically. Rgds, -drc