[RSSAC Caucus] FOR REVIEW: RSSAC026v2: RSSAC Lexicon

Paul Hoffman paul.hoffman at icann.org
Tue Jan 28 00:20:34 UTC 2020 

On Jan 27, 2020, at 2:42 AM, Andrew McConachie <andrew.mcconachie at icann.org> wrote:

> I’m having a hard time understanding the difference between a ‘root server’ and a ‘root server identity’. In the draft RSSAC026v2 it says a ‘root server’ is an entry point to the RSS, and a ‘root server identity' is the DNS name of a 'root server’.
> 
> Yet on page 13 of the Draft RSS Metrics doc it says:
> "The requirement of k=8 for reliable operation (of the current system) reflects the number of root server identities reachable by the vantage points, which is different than the number of anycast instances that may be operating.”
> 
> Then on page 14 it says:
> "Furthermore, note that a single [root server] identity refers to the IPv4 and IPv6 addresses for the corresponding service."
> 
> The definitions in RSSAC026v2 do not match the usage in the draft RSS Metrics doc.
> 
> One way to resolve this would be to deprecate the usage of ‘root server’ and completely replace it with ‘root server identity’. However, this would require edits to both documents since the draft RSS Metrics doc also uses ‘root servers’ in a few places. 
> 
> Ideas?

We already agreed that we would update the definition from the v1 document. The v1 definition is:

   A root server is the name of an entry point (instance) to the root server system cloud.
   Within the DNS technical community, a root server is a particular anycast instance, i.e.
   an authoritative name server that answers queries for the contents of the root zone.

In the v2 document, we have created a new term, "root server identity":

   Root server identity refers to the DNS name assigned to a root server.
   This term is often abbreviated as “RSI”.

From a technical perspective, root server identities are the entry points for resolvers to the root server system. This is because most (but not all) resolvers use configuration that looks like a set of RRsets based on the IANA root hints file. For example, from the current root hints file:

   .                        3600000      NS    H.ROOT-SERVERS.NET.
   H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
   H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53

Note that there is no "official" format for IANA's root hints file: RFC 1034 is silent on that. However, it is easy to imagine that most resolver software that uses that file expects something like a master file with "." as the origin. (Others might just use a list of IP addresses, for example.)

One way to think of a "root server" is the server a resolver would get if it asked its cache for the authoritative server for "."; the resolver gets that address by priming (RFC 8109) from its configuration.

If folks like that derived definition, then we could revise the definition in the doc to be:

   A root server is a DNS server that is authoritative for the root zone, based on information
   in the root zone itself. Although a “server” traditionally means a single computer, a root
   server can be a collection of instances as defined above.

This definition is technically accurate but not terribly helpful when used in real life. Thus, it should probably not be used in the metrics document by itself, and all text in that document should refer to RSOs, RSIs, and instances.

--Paul Hoffman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3935 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/rssac-caucus/attachments/20200128/31890a04/smime.p7s>

More information about the rssac-caucus mailing list