On Wed 2024-10-09 10:32:59+1000 Terry wrote:
On the topic of making or establishing "golden" addresses for the root server system, I am quite uncomfortable wth that idea.
David's reference to golden addresses was and idea he had in 2008, and has not been proposed in the Changing RSO addresses document. What has been proposed is that RSO service address should be 'special'. The idea being to prevent a Former Service Address (as defined in the document) that has been returned to a RIR from being reallocated to someone other than an RSO. While not (yet) written up in the document, I think the guidance for a Former Service Address should be something along the lines of this ordered list: - continue providing DNS root service on the address - maintain ownership/control of the address (whether it's 'dark' or reused for some other service) - transfer the prefix to another RSO - and as a last resort, return the address to the RIR There is also a proposal to recommend that RSOs requesting a new prefix for root service should request an allocation from the critical infrastructure pool, should the RIR have such a pool. The idea being that critical infrastructure addresses, when returned, are less likely to end up in nefarious hands. There is also a proposal to recommend that 'someone' should bring policy proposals to each of the RIRs to have returned prefixes that have been used for root service placed in a special pool and only re-assigned to another RSO for root service. Kind of like a subset of a critical infrastructure pool. This is currently a fairly contentious issue on the calls, which I why I'm trying to drum up discussion on the list. Regards, Robert USC Information Sciences Institute <http://www.isi.edu/> Networking and Cybersecurity Division