On Nov 12, 2017, at 10:51, Kim Davies <kim.dav...@icann.org> wrote: We haven't studied what would be involved, but I feel confident in
predicting the whole exercise would be non-trivial. It seems to me that you could implement this using lawyers as easily as you could using developers; it is after all arguably a static change in procedure that doesn't need to be especially repeatable. If the root zone maintainer is contracted to include a record, surely the record will be included. However, I think the more general idea that queries for internal names should be leaked towards unknown AS112 operators is problematic. As an end-user I would prefer my leaked queries to be jealously hoarded by one of twelve root server operators than an inbound number of anonymous and potentially ephemeral AS112 operators. The potential for complete data collection at the root servers goes down as resolvers implement aggressive NSEC caching. In the case of a delegation or redirection, that potential is reduced since the non-existence of individual names under internal is then the thing that is cached, not the non-existence of the right-most label in the namespace. Joe
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop