S Moonesamy wrote: > Hi Dave, > At 09:08 AM 02-01-2018, Dave Burstein wrote: >> today. The principles are simple; the implementation is demanding. So >> I'm asking engineers, "What technical systems must must be built to >> ensure robust interconnection, assuming everyone wants to work in good >> faith?" > > The proceedings of SIGCOMM 1988, 106-114, discuss about survivability in > the face of failure. That might be similar to the "robust > interconnection" which is mentioned above. Part of the message [1] is > about DNS. There is a 2006 document about that (SSAC 009). it would be important to be careful about language. "Interconnection" refers to IP layer connectivity, but this is a discussion about alternative DNS roots. The technical work on this was done in two tranches: the first works in the 1990s were a result of the AlterNIC saga, when BIND 4.9 was hardened against dns pollution from alternative servers. Until then, DNS poisoning from misconfigured and malconfigured DNS server had been an ongoing problem, but this formed a new baseline standard for handling cache pollution. The second major improvement was dnssec, which requires a single root per resolver. If Russia or anyone else sets up an alternative root, then dnssec-enabled resolution will fail for dnssec domains on other roots. Incidentally, alternative DNS roots are nothing new. ICANN even has an info page on them: https://icannwiki.org/Alternative_Roots Nick