I have poached this from the massive, sprawling Wikileaks thread on Rigorous Intuition. I am hugely indebted to Jack Riddler and Plutonia—whoever they are, right? Regardless, what follows is 100% their digging work, so I am a grateful thief.
I’ve always believed the hacker apocrypha claiming that 13 net root servers control the entire internet. First of all, it’s ubiquitous to accept without knowing I’d accepted it, and second of all, it’s dumb enough to be completely true. However, apparently it’s not. Here’s a blog post from ICANN explaining that the 13 Illuminati bloodli....I mean, 13 root servers legend is merely mythology:
What there are is there are many hundreds of root servers at over 130 physical locations in many different countries. There are twelve organisations responsible for the overall coordination of the management of these servers.
There is a technical design limitation that means thirteen is a practical maximum to the number of named authorities in the delegation data for the root zone. These named authorities are listed alphabetically, from a.root-servers.net through m.root-servers.net. Each has associated with it an IP address (and shortly some will have more than one as IPv6 is further rolled out).
Another thing you may hear is that some of these root servers are just copies, whilst others are the “real” name servers. The reality is that every single root server is a copy, and none of them are more special than the others. In fact, the true master server from which the copies are made is not one of the public root servers.
Uh.....well, that’s an unexpected twist. So the entire internet being covertly controlled by just 13 servers is a ridiculous rumor...because in fact, it’s all controlled by...just one? Damn.
The comment thread lays out some more valuable details, thanks to a question getting answered. (Which, despite the information superhighway hype, is exceedingly rare on Teh Interents.)
Joseph Friedman 11.19.07 at 6:29 pm
David mentioned above that these “hidden master” servers are still administered by VeriSign (who administers the “A” root as well.)
So other than this change of distribution from the “A” root to the hidden master servers being of a technical nature, VeriSign still physically “controls” (for lack of a better word) the distribution of this master data, although in theory I assume IANA determines its contents.
Is this a fair analysis?
Joseph Friedman 11.19.07 at 7:21 pm
One other point worth understanding is why is VeriSign administering (as per David above) these hidden master servers as opposed to them being administered by IANA directly?
Is this service included in VeriSign’s .com/.net registry contract with ICANN? And if so, why.
Kim Davies 11.20.07 at 9:56 am
VeriSign’s role in the root publication process is dictated by a cooperative agreement between VeriSign and the US Department of Commerce. It is documented at http://www.ntia.doc.gov/ntiahome/domainname/nsi.htm