Duane, Thanks for this. In that document, I note the following: "Information presented here is a result of that analysis and has been aggregated across all RSOs with no attempt to convey the relative distribution of each technology." Given this, I’m unsure of the value of this report or how exactly it helps "assure the community that the RSOs take implementation diversity seriously” (from RSSAC-001v2). Without any knowledge of the distribution of the various components mentioned, how is the community to derive any assurance that (to take absurd scenarios) all RSOs but one isn’t running (say) NetBSD, the vast majority of DNS queries aren't handled by (say) Atlas, the majority of all root server traffic isn't routed through (say) CVE-2025-21590 vulnerable JunOS, etc. Thanks, -drc
On Apr 11, 2025, at 12:17 PM, Wessels, Duane via rssac-caucus <rssac-caucus@icann.org> wrote:
Expectation E.3.6-A of RSSAC001v2 says: The RSOs are expected to collectively publish aggregated implementation diversity reports from time-to-time.
I’m pleased to say that this has been done and you can read the report at https://root-servers.org/media/news/2025-External_Diversity_Report.pdf
DW
_______________________________________________ rssac-caucus mailing list -- rssac-caucus@icann.org To unsubscribe send an email to rssac-caucus-leave@icann.org
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.