Interesting People mailing list archives
more on Neustar to create their own DNS root and own universe to rule
From: David Farber <dave () farber net>
Date: Sat, 1 Oct 2005 08:19:28 -0400
Begin forwarded message: From: "Strata R. Chalup" <strata () virtual net> Date: October 1, 2005 5:08:18 AM EDT To: Bob Frankston <Bob2-19-0501 () bobf frankston com> Cc: dave () farber net, "Strata R. Chalup" <strata () virtual net>Subject: Re: [IP] more on Neustar to create their own DNS root and own universe to rule
Indeed, and I should hasten to add that many different pathing, decision, and trust systems can be encompassed in the simple phrase 'alternate root servers'. In any system you are dependent on what you can see, and it is simply the closed-system approach of one root zone that keeps the view uniform.
There are any number of approaches, some more feasible than others, that can be taken. However any that are desired to be repeatable are going to depend upon a monolithic context somewhere to supply that repeatability, whether it's the current root server setup, a mesh network of cryptographically-signed trusted peers, or embedded meta- lookup info prepended into a new URL/URI structure (said meta-lookup info depending again on a monolithic hierarchy somewhere, and being the equivalent of what was done with routing a decade or so ago).
"Mappings at the edge" seems somewhat vague, but doubtless depends on as much unwritten context as my conflation of the above paragraphs into 'alternate root servers'. Can you be more clear? Edge in respect to what-- the host doing the query? the recursive zone of the domain? other? I'm taking 'mapping' as 'FQDN to IPv4' but perhaps you had a different mapping in mind, such as zone to SOA to root- server-set, or ??
The cheerful curse of the net as we know it is that many, many things began as an expedient way to solve a local problem, and through a combination of applied effort and good intuition were nudged willy- nilly into a sort of scaleability. I remember the day that BUIT-A became kudzu in the /etc/hosts file, and in a previous life as 'eddie! mrose' I became all too familiar with certain sorts of ambiguity.[0] As the late and lamented Prof Michael Dertouzos said at a panel on the future of the net, (paraphrased) "we think we are inventing the bulldozer, when all we are really doing is inventing platinum- handled, diamond-plated carbon nanotube shovels".
Perhaps the possibility of disjoint FQDN-to-IP maps will push the semantic burden where it arguably belongs, on the data itself. Some of the early URI-related schemes allowed indicating that a lump of data was in fact the same lump of data as that at foo://bar.baz.waldo regardless of its differing URL. What people are interested in is tracking information, not tracking URLs or domain names. 'Smart information' could become a sort of reverse-aggregating feed, where the edge registers with as many middles as it likes, and accepts updates from various registered parties directly into a user- organized datastream. A fundamentally opt-in based system for subscribing to information, be it DNS-ish data, or the data that lives at the URLs that the DNS-ish data tells you how to translate, and your net stack tells you how to route to.
And it's much too early in the morning, or late at night, to expand too much on that idea. Ask me later, or just run with it-- the bones are there, reasonably jointed and waiting to be enfleshed.
cheers, Strata[0] Depending on where you were in the uucp world in 1981 - 82ish, eddie!mrose would either resolve to mit-eddie!mrose (myself) or uw- eddie!mrose, netwizard Marshall Rose. I can only wonder if Marshall got as many questions about gardening and people's personal lives as I got queries about the behavior of TCP windows under various kernel and driver conditions (which I would generally re-route appropriately).
Bob Frankston wrote:
Multiple roots won't help keep sites visible. If anything it's the opposite since you'll be dependent upon your local root benefactor rather than the current system where all the root operators must cooperate and then allthey can do is deny you a mapping entry.The solution is to remove the dependence upon a central service and providemappings at the edge. This is not a simple problem to solve but it isbetter to address the basic problem than piling more on top of what was simply an expedient way to scale /etc/hosts maintenance. Unfortunately it got tripped up in using local the semantic model of a small group in a hugedynamic global namespace as if ambiguity didn't exist. -----Original Message----- From: David Farber [mailto:dave () farber net] Sent: Saturday, October 01, 2005 00:14 To: Ip IpSubject: [IP] more on Neustar to create their own DNS root and own universeto rule Begin forwarded message: From: "Strata R. Chalup" <strata () virtual net> Date: September 30, 2005 6:47:22 PM EDT To: dave () farber net, vixie () mfnx net Subject: Re: [IP] more on Neustar to create their own DNS root and own universe to rule I'm quite curious to hear what Paul Vixie thinks of this. Back in the early 90's, and then again recently, I floated the idea that bind should incorporate the idea of alternate root servers. My motivation was more political than technical-- currently it is frighteningly easy to make an entire domain disappear, silencing dissent and politically-incorrect points of view. I pointed out that with all of the joyful hype about the 'net bringing democracy to the masses, it wasn't going to happen if there was a single hierarchy out of which one could be plucked, redirected, etc etc. Vixie's response, while eminiently polite, was very passionate: his vision of the Internet was that it was one space, and support for alternate roots would destroy this. He added that he would use his considerable technical and personal resources to squash such a concept if it were attempted. Given his status as an inventor, coder, and general formative net entity, I decided to let the matter drop. I think One Root Zone is still a bad idea for all the reasons I brought up in 1994, 2001, and 2003, plus the additional incentive of general censorship and net-nannyism at a carrier and national policy level. But 'One Root Zone plus N Portal Zones' is even *worse* than One Root Zone, for all these *plus* the fiscal misbehavior incentives. Paul, time to buckle on your armor, dude. Somebody out there (not me!) is pursuing this whole-hog, and has a lotta fiscal incentive, and deep pockets, to push it through. cheers, Strata David Farber wrote:Begin forwarded message: From: Bob Frankston <Bob2-19-0501 () bobf frankston com> Date: September 30, 2005 1:55:17 PM EDT To: dave () farber net, 'Ip Ip' <ip () v2 listbox com> Cc: "Steven M. Bellovin" <smb () cs columbia edu> Subject: RE: [IP] Neustar to create their own DNS root and own universe to rulePerhaps I'm misreading the release but ... Huh -- what's this nonsense about needing a special cellular DNS just to find my home machine? Arethese people fooling themselves or working hard to create an alternative reality in which they define a universe just so they can rule it? I hesitate to raise the DNS issues again but I've been following the "IMS" efforts to allow the carriers to bring apps back into their world of billing for everything. I can't help but wonder if this is an attempt to revisit WAP -- the purposefully mislabeled "wireless Internet" and to make it more difficult to simply access services without the carriers having gatekeeper control and billing. This is a ROOT server and makes cellular users captive. The idea that the current roots aren't carrier grade is strange -- they handle traffic loads that would make a carrier wince. I can already access my home files when roaming anywhere in the world. Do these people think there's a real problem or is it another convenient lie (stupid vs malevolent). Like the one that said you need special WAP protocols even as I able to travel around the world using a GSM data connection at lower latencies and lower prices on their own networks than they said were possible. And that was just using the normal voice path at voice prices! This is part of the revenge of the Telcos. They are perpetuating the lie that the carriers have a role in push to talk. It's a simple edge application. I can write a small app to hook an SMS message and do it on a PPC phone now (or Symbion, Linux etc). If anything we need to get past the whole notion of hand-offs. Remember how any years it took the carriers to make it work at all? I won't do the design here but it is fairly simple for devices at the edge to maintain their relationships as they travel. Taking the state information out of the network scales far better. But it does the one thing that the carriers fear more than anything -- it takes their control away. I could then roam from carrier to carrier transparently and to Wi-Fi. The current regimen makes Wi-Fi calls billable. With relationships maintained edge-to-edge there is no place for the billing troll to perch. What's interesting is that it is so "obvious" we need handoffs in the network but a few minutes of thinking demonstrate that not only is that not true but we can do far better without it. It's not (necessarily) that thecarriers are lying but they succumb to convenient fallacies and people accept the stories because they are so obviously true. If anything, myclaim that we can do the handoffs at the edge is greeted the skepticism and instead we get proposals for Mobile-IP which reintroduce hand-offs into the network itself. The whole IMS effort to introduce a billable (the word is an implicit part of any such proposal) control plane into the network makes the whole notion carrier grade problematic in the sense that it becomes brittle and unreliable. Instead of simply establishing connections between devices and letting the devices work out the protocols you now need every element to be crafted to interrupt just right for each protocol and then resist any innovation. It's X.400 vs SMTP all over again. It's classic engineering in which everything must work for anything to work rather than Internet engineering in which anything that works works and the more the better. Carrier grade means spending 100x (or much more) to achieve brittle (billable) reliability. Internet grade means you might get an occasional hiccup but it's worth it to reduce the costs and allow experimentation. You can then afford massive extra capacity which yields higher effective reliability. When the #1 ESS was installed at MIT in 1970 it was down forfive hours the first night -- a century of projected downtime. Carriergrade means failures don't count because they are catastrophic and thus outside the metrics. Sorry about ranting but it leads me back to the DNS itself. In this case it seems to be about using the DNS for control. But the DNS itself is problematic as it leads to a false sense of authority. Attempts to create a separate DNS threaten this and force us to find alternative means of establishing relationships. If I get a different DNS using EV-DO than I get using IP, then we might as well forget the whole thing and go completely Edge to Edge (P2P) and create better mechanisms. It's doable but requires giving up the illusion that we need to use the DNS because it's no longer a commons we think we can trust. -----Original Message----- From: David Farber [mailto:dave () farber net] Sent: Friday, September 30, 2005 09:48 To: Ip Ip Subject: [IP] Neustar to create their own DNS root Begin forwarded message: From: "Steven M. Bellovin" <smb () cs columbia edu> Date: September 30, 2005 12:15:11 AM EDT To: dave () farber net Subject: Neustar to create their own DNS root Neustar, a company that should certainly know better, has announced that they're going to create a .gprs TLD to serve the mobile phone industry (http://www.neustar.com/pressroom/files/announcements/ ns_pr_09282005.pdf)This, of course, requires creation of a private root zone, against thevery strong warnings in RFC 2826. This is not quite as bad as ageneral-purpose alternate root, since it's restricted to use by mobileoperators, but it's bad enough. Here's one possible complication: suppose some operator decides that some other company is betterqualified than Neustar to operate yet another private TLD. Which rootshould they then subscribe to? (Yes, this would punish that company more than Neustar. It would also leave Neustar in the driver's seat for any future such private TLDs.) There may be even more to this situation. ICANN recently approved .mobi, which is aimed at consumers and "providers of those products, services, content, and other items to ... other Providers". Why aren't they using .grps.mobi for this?(Beyond all that, a U.S. diplomat stated in Geneva that the U.S. wouldnot agree to turn over control of the Internet to the U.N. "It's not a negotiating issue. This is a matter of national policy.") --Steven M. Bellovin, http://www.cs.columbia.edu/~smb ------------------------------------- You are subscribed as BobIP () Bobf Frankston com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/ interesting- people/ ------------------------------------- You are subscribed as strata () virtual net To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting- people/--====================================================================== == Strata Rose Chalup [KF6NBZ] strata "@" virtual.net VirtualNet Consulting http:// www.virtual.net/** Strategic IT for the Growing Enterprise **====================================================================== === ------------------------------------- You are subscribed as BobIP () Bobf Frankston com To manage your subscription, go to http://v2.listbox.com/member/?listname=ipArchives at: http://www.interesting-people.org/archives/interesting- people/
-- ======================================================================== Strata R Chalup [KF6NBZ] strata "@" virtual.net Virtual.Net Inc http://www.virtual.net/ ** Strategic IT for the Growing Enterprise **======================================================================== =
------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Neustar to create their own DNS root and own universe to rule David Farber (Oct 01)