Maintained by: NLnet Labs

[Unbound-users] How to use Alternative Other Root DNS server with DNSSEC validation

Leen Besselink
Fri Aug 24 23:59:56 CEST 2012


On Fri, Aug 24, 2012 at 11:46:16PM +0200, O. Surý wrote:
> This is really not the right list to discuss this.
> 

Yeah, sorry.

> On Fri, Aug 24, 2012 at 2:13 PM, Leen Besselink <leen at consolejunkie.net> wrote:
> > So all we really need is some way of keeping the root in check, some safety net.
> 
> It's called root server operators.
> 
> > Why not create 5 roots that all serve the same data, the same data the original root serves. Just like a lot of the alternative roots we had in the past.
> 
> We already have (something like) that. (Almost) each root server has
> different operator and at least some of them doesn't blindly accept
> anything which comes from Verisign/IANA.
> 

While I personally agree, maybe the problem is they are not very visible to most people.

I'll shutup about the subject now.