Re: [ga] Kaminsky on dns bugs - Bernstein responds

[JFC Morfin <jefsey@xxxxxxxxxxxxxxxx>]

At 05:58 09/08/2008, Joe Baptista wrote:
> On Fri, Aug 8, 2008 at 11:11 PM, JFC Morfin 
> <<mailto:jefsey@xxxxxxxxxxxxxxxx>jefsey@xxxxxxxxxxxxxxxx> wrote:
> Joe,
> you do not want to answer my question?
> Is a local nameserver using a local root subject to that kind a 
> security problem?
> Sorry Jefsey - I don't have a problem with answering that 
> question.  I assume you asked it and I missed it.
> The answer is yes if the local root is a recursive server.
Sorry, I missed that. Obviously, only local querries allowed.

The reason why I ask is that at france@large we start working on 
"Internet Plus" as a user architecture transparent to the legacy 
Internet. The problem is obviously Windows. However, Unbound should 
be ported under Windows. So, I plan starting campaigning for an 
"Internet Plus" by way of usage, using Unbound as a local resolver, 
using a local root file, hence calling directly the TLD servers. At 
the same time, I want to see how to use an IPv6 /3 Block to establish 
a people's IPv6 numbering plan for application sub-numbering (using 
the IPv6 header this way will be labeled "TCP/IPP" (IP Plus"). The 
IPv6 TF supports this. Obviously this Internet Plus will be a 
competitive offer against the "Internet for the Rich" proposed by 
ICANN and will use a "Competitive Root" as required by the NTIA 
(ICANN is to better foster compeition)  which willl be an Internet 
plus "by the people for the people in support of the people centric 
Information Society", which is the WSIS consensus.
:-)
cheers.
jfc