After spending a significant number of years thinking about how to describe the diversity of the RSS, I find myself walking away quickly from the current approach. (Having an air gap has probably helped that!) It doesn't matter how many OS's or hardware types are used. Each and every unique item across the entire ecosystem is important from network card, to bios, to cpu, to OS version/release, to switch, router, management code (puppet, anisible, teraform etc), and nameserver software version (get the idea?) When you can count every unique component in the entire RSS ecosystem, yes, all RSO's should participate to the single dataset (perhaps on a census date - this can be automated surely!) and use a uniform methodology to establish a diversity index, I think that alone will be a more useful indicator for the 'diversity provides resiliency' narrative. (and provided the methodology is published, the per RSO details are then much less important) Maybe think about using the ecological diversity indices such as Shannon, Simpson's, or Margalef's. (all solid mathematical approaches used outside of tech) In fact, I would suggest that the diversity index is only part of the story, it's the longer baseline of an annually recorded index that could be then discussed in whatever governance framework eventuates. Great questions can then be asked about variations in the diversity index (up, down, same) set against observed resiliency of the RSS, performance, cost .. etc Cheers, Terry -- Mobile device, don't expect grammar.
On 22 Apr 2025, at 9:32 am, David Conrad via rssac-caucus <rssac-caucus@icann.org> wrote:
Hi John,
Thanks for the response.
On Apr 21, 2025, at 1:41 PM, John Heidemann <johnh@isi.edu> wrote: David, thanks for the feedback. I suspect it will prompt multiple RSOs to review and update their reporting. I've already seen some changes on https://root-servers.org/rssac001/
Yep. Good to see the additional participation.
There is a REAL TRADE-OFF between how many operational details RSOs provide to help the community understand its diversity and robustness, and how much those details help potential adversaries.
To be honest, I was a bit surprised at the level of info that was provided in the report. For example, for the purposes of evaluating diversity, while it is obviously important that it is noted that 3 different OSes are being used, what those specific OSes are would seem to me to be only of limited value and would provide hints to potential attackers. Of course, the counter argument is that in an Internet full of continuous background radiation of automated anonymous probes of pretty much every CVE ever published, not publishing OSes is just a form of attempted security by obscurity but that’s a separate issue.
Speaking personally, I’d think it’d be sufficient to say something like:
OS A: 15% of all root server instances OS B: 47% of all root server instances OS C: 33% of all root server instances Other: 15% of all root server instances
I.e., there’s no need to get into what OS A, B, C, and “other" are in a public report (although they could be mentioned without the mapping to A, B, C), just that those OSes are different (perhaps in the future, a report to the RSS Governance Structure could provide a higher level of detail if there’s interest?)
I hope the community will recognize the _RSS 2025 Technical Diversity Report_ as progress, even if it's not everything you hope for.
I agree it is a good start — apologies if my input was taken to suggest otherwise.
And, just speaking personally, for me, the statement that a diversity report is useless without a distribution feels a bit extreme. While knowing 48.4% of servers run bind-9.18.36 might answer some very specific questions, such a factoid would be out of date tomorrow. But to try and directly address your question: If one wanted a bounds on the distribution, it seems fair to assume that at least one RSO operators one of each of the configurations given in the report.
Personally, I’d think it would be of significant interest to most if 48.4% of root server instances one day stopped responding to queries due to (say) a packet of death.
The point I was trying to make is that without distribution information, it is difficult if not impossible for “interested members of the community” to gain assurance that they aren’t at risk of delay/loss of root resolution due to a PoD (or whatever), which is what I assume is the point of the diversity report. Saying “at least one RSO” is running X (which presumably isn’t vulnerable to the PoD) doesn’t provide that assurance since it _could_ mean exactly one RSO has a box running X in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard”.
But perhaps I have the wrong assumption about the intent of the diversity report.
Regards, -drc
_______________________________________________ rssac-caucus mailing list -- rssac-caucus@icann.org To unsubscribe send an email to rssac-caucus-leave@icann.org
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.