nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Root Server Operators (Re: What *are* they smoking?)

From: Todd Vierling <tv () duh org>
Date: Wed, 17 Sep 2003 09:27:13 -0400 (EDT)

On Wed, 17 Sep 2003, Paul Vixie wrote:

: > Anyone have a magic named.conf incantation to counter the verisign
: > braindamage?
:
: zone "com" { type delegation-only; };
: zone "net" { type delegation-only; };

What's to stop VRS from countering with:

*.com.  IN A <ipaddr>
*.com.  IN NS <letter>.gtld-servers.net.

?  (Yup, then there's checking SOA, but there's always the chance that they
can synthesize that too, and move the A record inside it.)

Downward spiral, here we come...!  8-)

-- 
-- Todd Vierling <tv () duh org> <tv () pobox com>
Previous By Date Next
Previous By Thread Next

Current thread: