KINDNS best practices and implementation guidelines cover the following five categories of Authoritative Server and Recursive Server operators:
Authoritative Server Operators
For KINDNS purposes, the following are considered critical zones:
- Zones managed by Top-level Domain (TLD) operators/registries, including TLD zones themselves (e.g., .com, .info, .be) and their subdomains (e.g., co.uk, co.za), and any auxiliary zones necessary to the operation of a ccTLD (e.g., nic.uk, nic.fr, nic.dk)
- Other delegation-centric zones of national importance for TLDs
- SLDs tied to critical services such as healthcare and e-governance/citizen and ID services (e.g., mitid.dk)
- Finance/banking sites
This includes all SLD zones except those specifically called out as critical zones.
MoreRecursive Server Operators
Private resolvers are not publicly accessible and cannot be reached over the open internet. They are typically found in corporate networks or other restricted-access networks. Private resolvers in some cases are part of a trusted computing domain (e.g., Active Directory).
MoreShared private resolver operators are typically ISPs or similar hosting service providers. They offer DNS resolution services to their customers (mobile, cable/DSL/fiber residential and commercial users, as well as hosted servers and applications). The client or host is using the ISP to access the rest of the Internet.
MoreThis category includes both open and closed public resolvers. Closed public resolvers are typically commercial DNS filtering/scrubbing services. These service providers are typically not Internet Service Providers, and the clients sending queries to them are located on remote networks. Note that some operators of closed public resolvers may also offer a free tier service, which also makes them open public resolvers.