top | item 45878070

(no title)

JdeBP | 3 months ago

Ever since the Verisign coup in 2003, the world has had the idea of "delegation-only" and suchlike filtering on responses from superdomain servers. More recently, query minimization was invented. Both of these can militate against the root content DNS servers doing that.

Better still, one can run one's own private root content DNS server. I've been doing that (in several ways) for a couple of decades. If ICANN decided to blackhole (say) www.microsoft.com. tomorrow, my DNS lookups wouldn't be affected.

To affect them, the aforementioned "court action" would have to target Verisign.

discuss

dc396|3 months ago

I'm curious: how did you implement your "private root content" DNS server such that it keeps up with (valid -- and how would you know?) updates made by the TLD registries via IANA?