Root zone control – the emperor has no clothes!

I’ve thought for a while that the US control of authorising the root zone file for the Internet was more symbolic than useful. Sure it exists, sure it annoys the hell out of just about everyone else,

But in reality if it is ever significantly abused it will be quickly abandoned. A couple of articles on this below.

Begin forwarded message:

From: “David P. Reed” <>
Date: April 2, 2007 9:28:32 AM EDT
Subject: Re: [IP] Re: Department of Homeland and Security wants master key for DNS

A dirty little secret is that the late, lamented and sensible Jon Postel once demonstrated how easy it would be to take the entire Internet out of the hands of the government entirely, because in fact the decision of what the “root” is is pretty damned arbitrary.
(because people who think roots and port numbers are “real” seem to fantasize about physical metaphors that create more reality than there is here, so you have to show them).

I think it would still be a small project to take the roots away from
the US Gov’t entirely, once and for all.   If they demand the key and
get it with the purpose of enforcing yet another attack on collective
will, I am happy to help.   Nothing illegal is necessary.  99% of
humanity will probably volunteer to join the new root system – both libertarian conservatives and liberal thinkers are pretty much together on this.  I’m pretty sure Microsoft and Apple (and I know
Linux) communities would happily substitute a new root for a “gov’t censored” one – and I don’t think appeals to “child molesters” and “terrorists” and other bloody shirts being waved would cause them to think twice.  What might get Microsoft to play ball is a promise to stop hammering them on antitrust, but hey, they have to worry about the next administration and the one after that – companies outlive governments.

And even if Microsoft didn’t put the new roots in, it’s really easy to distribute a root replacement add-in or to add it to the NAT boxes.

So “self help” is why the government might want to think twice about sticking this screwdriver in their own eye.

Yeah, as John Levine says, the ICANN may not be a very mature body, but just think what the maturity of your favorite governmental figure
is like.   Do you like the “liberals”?  Do you like the “religious
right”?   Do you like the Hillary?  What about the Cheney?

In the matter of the DNS, we the users of the Internet hold all the
power.   The master key is a fantasy.

David Farber wrote:
> Begin forwarded message:
> From: Christian Huitema <>
> Date: April 1, 2007 4:53:59 PM EDT
> To:
> Subject: RE: [IP] Re: Department of Homeland and Security wants master
> key for DNS
>> In view of ICANN’s chaotic management, I expect that a lot of those
>> governments are quietly happy to have ICANN under adult supervision,
>> and although they may say they want it independent of the US, short
>> of handing it to the ITU or some other institution with international
>> legitimacy, the USG is going to stay in charge, in which case it
>> really doesn’t matter whether the master key belongs to ICANN, IANA,
>> DOC, or DHS because it all amounts to the same thing.
> But why do we need a master key for the DNS at all? If a name is
> really popular, one can expect that its key will be well known.
> Verification of
> that key should not depend on the whims of the centralized registry.
> DNS servers should manage their list of well known keys, and protect
> their users against any bureaucratic error at the root level. Most top
> level domains and many big services should easily reach that level of
> popularity, and not depend on the root key for their security.
> — Christian Huitema


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: