PAB Re: site security

• Next message: William Allen Simpson: "PAB Re: Federal Register Publication?"
• Previous message: Robert F. Connelly: "PAB I think I have a good idea! ;-}"
• Next in thread: William Allen Simpson: "PAB Re: site security"
• Maybe reply: William Allen Simpson: "PAB Re: site security"
• Reply: Kent Crispin: "Re: PAB Re: site security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sorry, that's a lot of CCs, but I don't know who is on which list.

I'm not sure that we should have the primary master at a "well
connected" site at all. Instead, all the root servers should be
secondaries, and we should have 2 or 3 redundant widely distributed
primaries behind firewalls, that only respond to zone transfer requests
from the other primaries and secondaries!

This is the usual practice at large businesses already.

I suggest that one primary be located in US (anywhere with good security
practices is fine), and the backup be located in Geneva (assuming they
have good security as well)....

> I would suggest that perhaps the CORE equipment should be located at
> the PAIX, which has excellent internet connectivity and top
> security. If this is desired, I could contact Paul Vixie on behalf of
> CORE.
>

WSimpson@UMich.edu
    Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32

• Next message: William Allen Simpson: "PAB Re: Federal Register Publication?"
• Previous message: Robert F. Connelly: "PAB I think I have a good idea! ;-}"
• Next in thread: William Allen Simpson: "PAB Re: site security"
• Maybe reply: William Allen Simpson: "PAB Re: site security"
• Reply: Kent Crispin: "Re: PAB Re: site security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jan 30 2000 - 03:22:24 PST