[nsp-sec] ccTLD Security - What are your top 5 "security" recommendations?

[sthaug at nethelp.no]

> One thing that's always bothered me about cctlds is the number of third 
> party people with root access on cctld servers, and therefore with write 
> access to the domain within specific communities.  Over the past couple of 
> years, this has improved massively, and many cctlds have taken steps to 
> ensure that they have sole access to the machines hosting their 
> secondaries, but I would argue that it is still a significant problem which 
> affects a large number of domains.

(Bias warning: I'm the operator for one of the .no name servers, and I
am not directly employed by the .no authority, Norid.)

I look at this from a slightly different point of view: You *want* the
name service for your ccTLD to be distributed, both geographically and
across different ASes. To do this, you obviously need name servers that
are distributed correspondingly.

Unless your ccTLD organization is big, you're highly unlikely to own all
the physical facilities yourself. So most likely *somebody* outside the
ccTLD organization has physical access to some of the servers, and can
therefore break into them.

I don't see the big difference between such physical access and having
third party people with root access running the name servers, given a
reasonable (legally binding) *contract* between the ccTLD organization
and the organizations of the third party people with root access. Such
contracts certainly exist, for instance in the case of the .no ccTLD.

Steinar Haug, AS 2116 / AS 3307