Re: [DNSOP] the root is not special, everybody please stop obsessing over it

Bob Harold <> Fri, 15 February 2019 14:29 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 13B9A130FC1 for <>; Fri, 15 Feb 2019 06:29:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id d_eT-uttXA9c for <>; Fri, 15 Feb 2019 06:29:43 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4864:20::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 08741124D68 for <>; Fri, 15 Feb 2019 06:29:42 -0800 (PST)
Received: by with SMTP id j19so7749183ljg.5 for <>; Fri, 15 Feb 2019 06:29:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google-2016-06-03; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=OUTaj7tNNm1QqlFzqcTbCyuPfMlpA3OPK/xBhmU0T0k=; b=fZI63oN1YrGJxjGlSSoG3ke1S6b/klLh2NuwsgfA8y8FThEi5MguyOZ+ewyMROv7wL jUnbbXsaPJsSsAXVF4M/1dVKsKMom1mXucmVUSRyUBqlMqqgSMHP8WFAqbQ+lD7/NpUV D9gd76BGU66PLMFN7iJVVt06dAxMKYrsVUGfoqoTd7J+x17QspsYu0Breg533S24sJBa aPFFbsJlMzszlnshUkmoMvXCDBJzIpiRsNS5AKK7CvmeHn/urldc0W26oJ6qDyebBh2p Pdod3ZNaAoamv2qqsrF40d078/H0spkh0zy25j0K2M31xGtS+14yEwIJCgg+vCawrlAZ 7eGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=OUTaj7tNNm1QqlFzqcTbCyuPfMlpA3OPK/xBhmU0T0k=; b=WfX3ieSaMV/+9oNS71HvHCubX9ZojGInAGRhuUymktjKWX6bgVWYCI9Tzytj6fVqW0 GCX6z0LDIybR0/7MiqW/LznYtDvMdcv1kqJW9qP+wF4Eq8EZpMDg4xLdoRGjZoeSujhr 0JrSmyc1FRDu37QgNDqs+IY7bC+oT4bmHn+hEuLaOf49ngUqvvTb7a7YuSXYydD88eh6 MXYOhN2V4OiRE62Q6hphNuIhWNfWfvUvBwRbjmPbwcC0uG8NV0CkZwu38sLvvryYwyXC UyTF2Jk9mxZ5U04LRxT81VDxIHzvIU0/MFvBudqQVcXJNVz6UCdsGSW36EYIBMbgVXQy fdRg==
X-Gm-Message-State: AHQUAubI3V7vKdcwuKAxF8y6HIzldkoQmOXdlJ6P1L+aYQGBBEVhKoxM GtVXCOabQyD8px+R1NWVp89Y2yzbpT9cmYC24qiVBA==
X-Google-Smtp-Source: AHgI3IZczLXHkjGix7PTaiDAsk0EnmOv84tTVlDlFtBsi8GAGXp5IGW3STqNWbscgM6vJXds79nhn083pZfJStUbihM=
X-Received: by 2002:a2e:8795:: with SMTP id n21-v6mr6400380lji.109.1550240980751; Fri, 15 Feb 2019 06:29:40 -0800 (PST)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Bob Harold <>
Date: Fri, 15 Feb 2019 09:29:29 -0500
Message-ID: <>
To: Stephane Bortzmeyer <>
Cc: Paul Vixie <>, IETF DNSOP WG <>
Content-Type: multipart/alternative; boundary="000000000000f97c680581ef9a21"
Archived-At: <>
Subject: Re: [DNSOP] the root is not special, everybody please stop obsessing over it
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 15 Feb 2019 14:29:46 -0000

On Fri, Feb 15, 2019 at 4:59 AM Stephane Bortzmeyer <>

> On Thu, Feb 14, 2019 at 01:57:14PM -0800,
>  Paul Vixie <> wrote
>  a message of 42 lines which said:
> > the fact that i have to hotwire my RDNS cache with local zone glue
> > in order to reach my own servers when my comcast circuit is down or
> > i can't currently reach the .SU authorities to learn where VIX.SU
> > is, should not only concern, but also embarrass, all of us.
> I agree that this is an issue (as you said, the simple case of "my own
> zone" is easily solved by stub and/or forward zones in BIND) but any
> solution must take care of phantom domains. If I register
> and it's taken down, the solution
> should not make this domain to work after. (Except of course for
> resolvers who decided to configure a stub zone for this domain.)

I think in most solutions, if the name servers for "" and "com" are both unreachable, the
domain should continue to resolve.  But if "com" is reachable, and says "" no longer exists, it should go away.

Bob Harold