Update: Ben Hyde suggested I should use the (undocumented) “concentrate” option to dot, which certainly tidies up the graphs. So I did.
A remark on the IETF DNS Working Group’s mailing list got me thinking.
Suppose I were the owner of nordu.net
(to pick an example at random), then I could take control of sunet.se
, for about 25% of Internet users, since one of their four nameservers is server.nordu.net
. Similarly, I could then take control of ripe.net
for 25% of those 25% (via sunic.sunet.se
). One in seven of those guys could fall victim to my ownership of nic.fr
via ns-sec.ripe.net
, and from there I have complete control of fr
(that is, France) – ok, by now, for only a bit under 1% of the Internet, but even so, that’s kinda worrying, don’t you think? And obviously if I own sunet.se
then it would be more like 3.5%…
On the other hand, uk
does not suffer from this problem: it depends only on nic.uk
. Which seems like a much better idea. Anyway, I got to wondering just how bad this problem actually is, which led to me having more fun with dot
. So, for a taster, here’s France’s dependencies…

And here’s the UK’s

And here’s Fiji (I include this for Jasvir, who is getting married there soon, and ought to know the terrible risk he’s taking)

And all the top level domains put together

So that one is pretty but a bit hard to digest. Obviously the main news is that there are a lot of domains which could interfere with one or more TLDs!
Another way to think about this is to wonder who could pwn the most TLDs? Well, the answer (after the root, of course) is that nstld.com
, gtld-servers.net
, com
and net
come in equal first with 228 TLDs pwnable. Next up is Affilias, through a variety of domains, including org
and info
, able to control 187 TLDs. After that comes se
(Sweden) with 158 and nordu.net
, sunet.se
, chalmers.se
, kth.se
, uninett.no
, uu.se
, edu
, no
, norid.no
, lth.se
and uit.no
, all able to have a go at 157 TLDs.
Food for thought. Especially if you’re thinking about DNSSEC.