Re: national security
Dear Paul, Thank you for your response even if it is not to the question asked. I never made any proposal. I have listed suggestions made by different parties (I certainly takes seriously) to address real life problems of immediate security for nations subject to catastrophe, war, international fights or confronted to a netwok collapse. And I asked for serious warnings, anlyses, advices, alternative suggestions. At 19:47 30/11/03, Paul Vixie wrote: this statement is akin to many others made in ignorance of what dns is. you are treating it as a mapping service. perhaps you have been successful at treating dns as a mapping service in some local context, and this may have led you to the impossible conclusion that dns itself is a mapping service. dns is a coherent, distributed, autonomous, reliable database. distributing the root as you claim to believe is necessary would create multiple domain name systems, Amusing. Yes I experimented that in 78. And some where unhappy :-). I will not tell you the DNS is several things to achieve a common purpose which addres maping. The way it does it _tryies_ to be a coherent, distibuted, autonomous, reliable database. What by essence it never is, except if you stop feeding it and you wait for all the TTL to die. Here, we are in the case it is impeached to continue trying. not *a* domain name system with a distributed root. there is no way to have *a* domain name system with a distributed root unless we (ietf or other similar agencies) first defined what that meant. Interesting. Which agency? An agency under cooperation agreement with ICANN or NTIA, or a standarization body like ITU, or the P2P standardization committee. Anyway, I do not look for a fundamental debate. But for serious, experienced and documented considerations about the flexiblity of the existing system and its capacity to effectively sustain some duress under necessity. And how to best specify/design the solutions then to use. when you're ready to commission a multiyear study which would yield documents of the same size and scope as rfcs 1033+1034+1035+2181, then you'll have demonstrated that you have some understanding of what you're asking for . NSA started the study. Work is engaged by the WH. http://whitehouse.gov/pcipb. ICANN has documented the way it should be done (ICP-3). NSI has commited a 500 million budget on DNS. Other projects are at works. The target now is to know what to in the meanwhile and what to do to protect onselef from their results. and note that you would then have to sell the resulting system to the internet populance which includes end users, domain holders, registrars, registries, ISPs, and as you point out, nations. lots of luck, but that ship already sailed. :-) amusing. The world lived millions years without the DNS. For 20 years international data nets created naming but lived without the DNS. True, for less than a decade, since the Web, the world faces a management problem because IETF has kept with an early 80's applications architecture. 3/4 of the world is just telling USA (WSIS, this week) okay for your 'root bluff': how much. Naming was not created by the DNS and will survive the DNS. The DNS application is a good example of an extended service but it must adapt to the current needs. It is a 1983 car. It is brillant, it has been refurbished a lot, but still it is a 1983 vintage. in no particular order, i'll address a couple of your other comments. 5. the possibility of a redundant DNS system. Today the Internet has two root files (the same file but presented on two main systems - DNS and FTP). If one is hacked there is not reference. A redundant system would consist in two or more root masters refereeing to different sets of TLD name servers (all of them carrying the same files, but possibly of different origins for security reasons). there is a reference. several references, actually. hey! Is not a reference unique? As, John would say: wich unique master is the master? there is no possibility of a hack going undetected or uncorrected. Not disputing that. The point is: what is the worst impact of one of the unique copies being hacked and detected. What are the recovery procedures? What are the control procedures? Are they fool proof? Are they accepted by users? Police is often immediately notified bank robberies. Yet hold-ups hurt and kill people every day. We are not salesmen here. But cops and insurance companies. Most of all when the hacker seats in the Oval Office, what is the solution? Kaspurcheff was not the only root hacker to be known. Jon Postel was too. WTC was built to resist the worst winds. Not 747s. Many people regret it. Our role is to make sure it does not to happen again. but more important, if you had several root files which indicated different servers for some TLD's, you would have (by definition) several domain name systems, 1. there are two different root files in use each time
Re: national security
On 1 Dec 2003, Paul Vixie wrote: ICANN's obligation is to guarantee to the public the stability of DNS at the root layer. i disagree... From ICANN's own bylaws: The mission of The Internet Corporation for Assigned Names and Numbers (ICANN) is to coordinate, at the overall level, the global Internet's systems of unique identifiers, and in particular to ensure the stable ^ and secure operation of the Internet's unique identifier systems ... [emphasis added] According to m-w.com, ensure means to make sure, certain, or safe : Guarantee. In other words, ICANN's mission is a promise, a guarantee. But that's not all: ICANN's contract, or rather Memorandum of Understanding with the United States requires, yes requires, that ICANN, yes ICANN, not the RIRs, not the root server operators, to design, develop, and test the mechanisms, methods, and procedures ... to oversee the operation of the authoritative root server system and the allocation of IP number blocks. Those are ICANN's own promises that it has made, in legal document after legal document, to the United States Government. ICANN may say otherwise, you may believe otherwise. But that's the contractual words in black and white. It has been the same language since 1998. In other words, ICANN has made a contractual committment to tell you, as an operator of a root server, what mechanisms, methods, and procedures you must follow to operate your servers. And that word oversight in the MoU does not mean that ICANN promises to merely watch how you and the other root server operators do what you do very well. The word oversight includes an ability to reject and to command. In other words, ICANN has promised the USG that it's authority over root operations supersedes your own. We are all well aware that in actual fact that ICANN has no legal authority over the root server operators. And we are all aware that the root server operators have been wary of entering into agreements with ICANN regarding the operation of the root servers. That, however, has not stopped ICANN from making a written promise to the United States govenment that it will both oversee the root server operations and formalize its relationship with the root server operators. Perhaps ICANN is willing to admit that it has no real authority - presumably by declaring to the US Department of Commerce that it considers those sections that I mentioned to be obsolete and not obligatory upon ICANN, and by removing the obligation to ensure the stable and secure operation that is contained in its own bylaws - and clearly articulating to everyone, governments and businesses included, that ICANN is nothing more than an advisory body that operates only by eminating good vibes in the hope that others, who do have real power to act, will act in resonance. In the meantime ICANN goes about telling governments of the world that it does far more than emit nudges and hopes; ICANN tells governments that it ensures and guarantees. And outside of the IETF and related communities ICANN does not say that it is merely an advisory body lacking authority. ICANN's message to the business and intellectual property communities is that ICANN stands strong and firm and will let nothing interfere with the stable operation of the internet. Your note makes my point - that ICANN is in many regards an empty shell, and has been one for years, that has no real power except in the realm of the (over) protection of intellectual property, allocation of a very few new top level domains, and the determination of who among compeiting contenders is worthy to operate contested ccTLDs. At the end of the day - and it is nearly the end of the day here - the fact of the matter is that ICANN is telling different stories to different groups. To the IETF, ICANN holds itself out as one of the guys, merely a warm and fuzzy coordinator. But to the business community, ICANN holds itself forth as a guarantor of internet stability. And to the United States Govenment, ICANN has undertaken to make legal promises to the effect that it is in charge of DNS, including root server operations, and IP address allocation. --karl-- PS, if I am late to the party on anycast issues than it ought to be easy for ICANN to articulate the answers to my concerns. This is not an idle request. The internet community deserves proof that these questions are truly answered by hard, reviewable, analysis. Moreover, with Verisign and sitefinder lingering on the horizon it is not beyond conception that Verisign will wave the flag of bias and ask ICANN to demonstrate why anycast got such an easy entree.
Re: national security
Paul Vixie; The switch to anycast for root servers is a good thing. again there's a tense problem. there was no switch to anycast. the last time those thirteen (or eight) ip addresses were each served by a single host in a single location was some time in the early 1990's. So? Service by multiple hosts in a single location is hardly anycast. When it was switched to anycast? But it was hardly without risks. For example, do we really fully comprehend the dynamics of anycast should there be a large scale disturbance to routing on the order of 9/11? yes, actually, we do. (or at least the f-root operator does.) Can you explain, the reactions of people who have been engaging in root server operations against anycast without comprehending the dynamics of anycast, as observed in the last month in IETF DNS OP ML? Masataka Ohta
Re: national security
karl, ICANN has responsibility to do what it can to make sure the DNS and ICANN root system work. It does not have to disenfranchise the RIRs and the root servers to do this. vint At 12:02 AM 12/1/2003 -0800, Karl Auerbach wrote: Verisign will wave the flag of bias and ask ICANN to demonstrate why anycast got such an easy entree. because it did not change the results of queries. sitefinder did. Vint Cerf SVP Technology Strategy MCI 22001 Loudoun County Parkway, F2-4115 Ashburn, VA 20147 703 886 1690 (v806 1690) 703 886 0047 fax [EMAIL PROTECTED] www.mci.com/cerfsup
U.S. Anti-spam Bill and the IETF
This is from the ASRG list, it seems that the new U.S. Federal anti-spam bill mentions IETF explicitly. Yakov Original Message Subject: [Asrg] 6. Proposals - Legal - Subject labelling (?) Date: Wed, 26 Nov 2003 10:22:51 + From: Jon Kyme [EMAIL PROTECTED] To: ASRG [EMAIL PROTECTED] CANSPAM The Commission shall transmit to the Senate Committee on Commerce, Science, and Transportation and the House of Representatives Committee on Energy and Commerce--a report, within 18 months after the date of enactment of this Act, that sets forth a plan for requiring commercial electronic mail to be identifiable from its subject line, by means of compliance with Internet Engineering Task Force Standards, the use of the characters `ADV' in the subject line, or other comparable identifier, or an explanation of any concerns the Commission has that cause the Commission to recommend against the plan. -- ___ Asrg mailing list [EMAIL PROTECTED] https://www1.ietf.org/mailman/listinfo/asrg --- Yakov Shafranovich / PGP Key: 0x10D051E6 / www.shaftek.org SolidMatrix Technologies, Inc. / www.solidmatrix.com Fight spam, but keep it in perspective (Brad Templeton) ---
ICANN but I CAN'T, sometimes
Any formal body has to have some jurisdiction in which it is constituted. One can argue whether California non-profit law is better or worse than being a UN entity. I believe there are arguments against the latter as much as there may arguments against the former. The IETF is about as close as we've got as an authority on the Internet that is not bounded by geographic boundaries, governmental control or commercial contract. You can make a reasonable argument that we should be running the show here, not ICANN. The UNITC meeting needed to happen several years ago, but now we're there, realistically there is only one option left for a single, cohesive Internet to remain whilst taking into account ALL the World's population: ICANN needs to become a UN body. nonsense - as constituted today, ICANN is a better forum for interested constituencies to debate policy FOR THOSE AREAS THAT ARE IN ICANN'S PURVIEW (not shouting, just emphasis on limited purview of ICANN). Interesting. Everybody on the sidelines of this; (like me), not Vint or the other Internet Founding father's, pretty well assume a drift towards rational processes in the world winning over a long time frame. How long? Seems based on the drift rate, pretty darn long. So ICANN is definitely one of the clearest entities which has a completely, totally non-geographicly defined constituency. There are others, like International Civil Aviation Organization for commercial air traffic and WHO for health. DNS, biological viruses, and jet aircraft all by there nature challenge rule by dotted lines on the ground, made by chance, desceased power mad old guys, where rivers flow; (now, that's a reason for a boundry; Wow. its RUNNING WATER. Lets have a war right here), etc. So an somewhat negative example is air transit. The whole structure makes air travel a detail of world war I. Anybody smart enough to read should realize, no matter how horrific a (set) of wars are, they aren't forever, and the structure of such a thing should look beyond the present. So, here is a reasonably understandable negative example. A thought experiment would be if DNS wars happened after the twin towers attack. All questions would be framed as security issues, no matter how farfetched the reasoning. Fortunately for the DNS, this isn't the case. But with Voice over IP inevitable to abolish PSTN telephony, the DNS also becomes the world directory of electronically reachable persons; (with WWW and LDAP hanging off of it). SO civil libritarians, anarchists, and conspiracy theorists are poking around in a domain of reality that is truly, wired to everything else, and everyone else, longterm. So, as said above: One can argue whether California non-profit law is better or worse than being a UN entity. I guess your right. But there should be, and probably will, (see the LONG DRIFT theory above). A completely tracable process much like representative political processes which has no geographic hooks whatsoever. Oddly though, since the material world is where things are changed by the acts of humans; this is problematic, I guess. If even a NGO structured ICANN tells a named person to change a RR, there are two(+) geographic named places. One where the person ordered happens to be, and the second where the computer(s) happen to be. Third is the place(s) where the descision occurred. Some of these can be completely masked by technology; for instance, the ICANN type descision maker could have some PGP style exculsive permission to Telnet into the DNS, no matter where it is; (any they might be enjoined from knowing it), and change it. What this simulates is techno-omnipotence, to avoid political meddling / incomptence. I think considering how new in jurisprudence terms the DNS conflicts are, ICANN has done a reasonable job. I read many judgements from Montreal and Geneva (WIPO) and only thought one was grossly wrong. And I think WIPO effectively censored that arbitrator; ( only used once after. He's overboard for life, probably for the two mistake's) [HEY like California... three strike, you know]. (TATA group of company's versus Bodacious TATA's is, I believe, clearly in error). Another thing that is somewhat comical (and sad) is WIPO is still based on licking the pavement of geography based power. (sad). They organize these named persons by national origin. This is an insult to them, and to the parties in disputes. We all know this is to prove some obscure non-reality of fairness. But, there background professionally, etc is more likely a bias than national origin anyway. All references to national origins should be minimized, and almost inaccessable. I think the arbitrators, likely with or without I'm so legit I even SMELL ethical, paper trails probably mean well. A DNS battle is a winner take all dispute with non-trivial consequences. So its an acid test generally. Generally, for the accountability and major structural decisions for ICANN, Maybe the Kennedy school of goverment should
Re: national security
[EMAIL PROTECTED] (J-F C. (Jefsey) Morfin) writes: Most of all when the hacker seats in the Oval Office, what is the solution? Kaspurcheff was not the only root hacker to be known. Jon Postel was too. good bye, sir. -- Paul Vixie
Re[2]: national security
On Fri, 28 Nov 2003, Anthony G. Atkielski wrote: Iljitsch van Beijnum writes: In the multi6 (multihoming in IPv6) working group, as one of many proposals, we've been looking at putting a 64 bit host identifier in the bottom 64 bits of an IPv6 address. If such a host identifier is crypto-based (ie, a hash of a public key) then it is possible to authenticate a host at any time regardless of where the host connects to the network at that particular time and without the need for a PKI or prior communication. This is precisely the kind of mistake that will exhaust the entire IPv6 address space just as quickly as the IPv4 address space. Don't engineers ever learn from the past? Ahhh...No. Don't people understand the power of exponential growth?
Re: national security
--On Monday, 01 December, 2003 07:24 -0500 vinton g. cerf [EMAIL PROTECTED] wrote: karl, ICANN has responsibility to do what it can to make sure the DNS and ICANN root system work. It does not have to disenfranchise the RIRs and the root servers to do this. Vint, I would go even further than this. One of the best actions ICANN can take, IMO, is to look at a particular situation (and the root system and DNS operations generally are probably good examples) and say yep, it is working followed by some version of if it ain't broke, don't fix it... or even intervene. One corollary to this is that not only does it not have to disenfranchise... but that it arguably should not intervene in those activities at all unless there is a strong case that they are not working in some significant way. In that sense, the observation that ICANN has not significantly intervened in either the root system or with the address registry environment should be judged as a success unless it is argued that one or the other is seriously not working. john
Re: national security
Dear jfc, As far as I can tell, you have gone only by your initials on this thread. To help some of us weigh this discussion, could you please identify yourself by name and affiliation? Regards, Michael Lambert --- Michael H. Lambert Network Engineer Pittsburgh Supercomputing CenterV: +1 412 268 4960 4400 Fifth Avenue F: +1 412 268 8200 Pittsburgh, PA 15213 USA
Re: national security
At 22:21 01/12/03, Paul Vixie wrote: [EMAIL PROTECTED] (J-F C. (Jefsey) Morfin) writes: Most of all when the hacker seats in the Oval Office, what is the solution? Kaspurcheff was not the only root hacker to be known. Jon Postel was too. good bye, sir. -- Paul Vixie Dear Mr. Vixie, Things will not fall a part on Dec 6th by midnight. But if 189 States and USA do not agree on something reasonable on THIS point, we will enter a period where there will be progressive disagreements over the naming, IMHO to no one's benefit. And the necessary changes will then not occur smoothly. Europe supports the US position with some internal differences which permit to help a compromise. Unless you really want to say good bye to the whole thing, why don't you help? For example, are we not able to just devise a procedure and a system which build the root file from the TLD Managers owns real time data? Would Vint have responded that, it was stability for ICANN and IETF for years. OK, ICANN's stablity through power greed is inadequate, but is that not also inadequate to permit it? And not to consider who to change that situation? Be sure that whatever the outcome of Dec. 5/6, the IANA US root file management is condemned. And probably ICANN in two years time if it stick to it. The USA are not going to support them. As they did not in Marrakech for the IDNs. What would be their advantage? The important issue is to know what will replace it? An automated compilation of the TLD Managers data by IANA would be preferable to an ITU system, after a rought debate and transfer. Best regards jfc morfin
Re: national security
Alas for this rosy vision, ICANN *tried* to boss the RIRs and get them to sign contracts agreeing to pay it and obey it, but they balked. So all credit to the RIRs - and none to ICANN - on this one. On Mon, 1 Dec 2003, John C Klensin wrote: --On Monday, 01 December, 2003 07:24 -0500 vinton g. cerf [EMAIL PROTECTED] wrote: karl, ICANN has responsibility to do what it can to make sure the DNS and ICANN root system work. It does not have to disenfranchise the RIRs and the root servers to do this. Vint, I would go even further than this. One of the best actions ICANN can take, IMO, is to look at a particular situation (and the root system and DNS operations generally are probably good examples) and say yep, it is working followed by some version of if it ain't broke, don't fix it... or even intervene. One corollary to this is that not only does it not have to disenfranchise... but that it arguably should not intervene in those activities at all unless there is a strong case that they are not working in some significant way. In that sense, the observation that ICANN has not significantly intervened in either the root system or with the address registry environment should be judged as a success unless it is argued that one or the other is seriously not working. john -- http://www.icannwatch.org Personal Blog: http://www.discourse.net A. Michael Froomkin |Professor of Law| [EMAIL PROTECTED] U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA +1 (305) 284-4285 | +1 (305) 284-6506 (fax) | http://www.law.tm --It's warm here.--
