I don't like "automatic" updates.

... thus the mail when the file is updated and the restart a few
days later. For my example, the named.root FTP/HTTP/AXFR server
would have to be at least as secure as a root server, but would
not have to be more secure.

If people want to review the downloads first, sure, it's a good
idea. Change the shell script to not move the file and just
complain to the admin instead:

  Mail -s "New Internet root DNS nameservers" hostmaster<<EOF
  The list of root nameservers in `pwd`/named.root is newer
  than your current root.cache file. Please run the following on
  `hostname` after reviewing the contents of the new root server
    cd `pwd`
    mv named.root root.cache

  DNS cron on `hostname`

The administrator would get around to installing it eventually.

For the PC or Mac servers, I'd want a PCN-style update:

  A new root nameserver list has been downloaded.
  Would you like to install it now?
    o Yes
    o Review it and give me an option to install it.
    o No, not now, try me later.

The idea is to make sure periodic downloads are encouraged from the
start and to make sure there is a DNS-known place (whose name is not
sites can get root server information as long as Internet DNS lives.

IMHO, it's better than promoting laziness by making sure that the
root nameserver addresses are always the same. (What about IPV6? IPVn?)

My shell script was just an example. Implementation may vary.

I can see it taking a while for the initial laziness to be overcome, but
once it is in place, it could provide for a lot of improvements including
multiply-rooted TLDs.

The big thing is WHO would do this distribution? The Internic's systems
are already too overwhelmed and customer support is spotty at best.

If we pass it to those service providers that service others [i.e. 1st
tier] then its more work for them, but I can see it being a much more
reliable process.

Just my two cents,