On 5 Mar 2026, at 00:24, George Michaelson <[email protected]> wrote:
> I have run local root. I don't see any problems with my service, running > local root. I am not doubting your operational diligence George, but for many people I can imagine persistent and enduring failures that will go unnoticed and the result will be new TLDs that are not universal or retired TLDs that persist. If you don't use something and you don't measure it, how would you expect to see failures? I appreciate that DNSSEC is there to save us from such problems, but software has bugs and humans make mistakes and our goal ought to be to protect the namespace expecting that those things are true, not trying to legislate that they must be false. We have certainly seen fixes to DNSSEC validation failures of the form "turn off validation". Hope is not a strategy. > I don't see the relevance of fetch mechanisms to success or failure here, or > the rate of churn in the root as a significant issue for a local root copy > mechanism. Me neither. The data transfers are minuscule with or without incremental transfers and I do not understand some of the strong opinions about data distribution mechanisms unless they are anchored in not-invented-here. However, to avoid the risk of sounding too much like I am in favour of all of this, let us continue... > I do accept that there are a cohort of people who have downside consequences > of reduced traffic to the roots. We have a root server system that is already quite hard to measure, an easy example of which was the extensive fear and loathing around the first KSK rollover, but we manage to come up with plausible numbers for availability and system health that are sufficient to convince us that the system is stable and secure. I don't know how we convince ourselves of such things if local-root becomes prevalent. Some are saying that this is a rare and niche local optimisation and prevalence is not expected, but I also hear that this is all fine because we can trust the major implementations to do this safely and well. But if all the major implementations are doing this then it no longer seems rare and niche; it seems like one default setting away from mainstream. This all sounds like a solution looking for a problem to me. Unless the problem is actually "let's make the root server system unnecessary" I don't really know what this is all for; I don't see arguments for increased security, observability or stability. I am not arguing against this work. I have concerns but I don't think it's actively harmful. Just because I think it smells funny doesn't mean others shouldn't enjoy its delicious and heady flavours. Joe _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
