more on Neustar to create their own DNS root and own universe to rule

[David Farber <dave () farber net>]

Begin forwarded message:

From: "Strata R. Chalup" <strata () virtual net>
Date: October 1, 2005 5:08:18 AM EDT
To: Bob Frankston <Bob2-19-0501 () bobf frankston com>
Cc: dave () farber net, "Strata R. Chalup" <strata () virtual net>
Subject: Re: [IP] more on Neustar to create their own DNS root and  
own universe to rule



Indeed, and I should hasten to add that many different pathing,  
decision, and trust systems can be encompassed in the simple phrase  
'alternate root servers'.  In any system you are dependent on what  
you can see, and it is simply the closed-system approach of one root  
zone that keeps the view uniform.

There are any number of approaches, some more feasible than others,  
that can be taken.  However any that are desired to be repeatable are  
going to depend upon a monolithic context somewhere to supply that  
repeatability, whether it's the current root server setup, a mesh  
network of cryptographically-signed trusted peers, or embedded meta- 
lookup info prepended into a new URL/URI structure (said meta-lookup  
info depending again on a monolithic hierarchy somewhere, and being  
the equivalent of what was done with routing a decade or so ago).

"Mappings at the edge" seems somewhat vague, but doubtless depends on  
as much unwritten context as my conflation of the above paragraphs  
into 'alternate root servers'.  Can you be more clear?  Edge in  
respect to what-- the host doing the query? the recursive zone of the  
domain?  other?  I'm taking 'mapping' as 'FQDN to IPv4' but perhaps  
you had a different mapping in mind, such as zone to SOA to root- 
server-set, or ??

The cheerful curse of the net as we know it is that many, many things  
began as an expedient way to solve a local problem, and through a  
combination of applied effort and good intuition were nudged willy- 
nilly into a sort of scaleability. I remember the day that BUIT-A  
became kudzu in the /etc/hosts file, and in a previous life as 'eddie! 
mrose' I became all too familiar with certain sorts of ambiguity.[0]   
As the late and lamented Prof Michael Dertouzos said at a panel on  
the future of the net, (paraphrased) "we think we are inventing the  
bulldozer, when all we are really doing is inventing platinum- 
handled, diamond-plated carbon nanotube shovels".

Perhaps the possibility of disjoint FQDN-to-IP maps will push the  
semantic burden where it arguably belongs, on the data itself.  Some  
of the early URI-related schemes allowed indicating that a lump of  
data was in fact the same lump of data as that at foo://bar.baz.waldo  
regardless of its differing URL. What people are interested in is  
tracking information, not tracking URLs or domain names.  'Smart  
information' could become a sort of reverse-aggregating feed, where  
the edge registers with as many middles as it likes, and accepts  
updates from various registered parties directly into a user- 
organized datastream.  A fundamentally opt-in based system for  
subscribing to information, be it DNS-ish data, or the data that  
lives at the URLs that the DNS-ish data tells you how to translate,  
and your net stack tells you how to route to.

And it's much too early in the morning, or late at night, to expand  
too much on that idea.  Ask me later, or just run with it-- the bones  
are there, reasonably jointed and waiting to be enfleshed.

cheers,
Strata

[0] Depending on where you were in the uucp world in 1981 - 82ish,  
eddie!mrose would either resolve to mit-eddie!mrose (myself) or uw- 
eddie!mrose, netwizard Marshall Rose.   I can only wonder if Marshall  
got as many questions about gardening and people's personal lives as  
I got queries about the behavior of TCP windows under various kernel  
and driver conditions (which I would generally re-route appropriately).

Bob Frankston wrote:


> Multiple roots won't help keep sites visible. If anything it's the  
> opposite
> since you'll be dependent upon your local root benefactor rather  
> than the
> current system where all the root operators must cooperate and then  
> all
> they can do is deny you a mapping entry.
> The solution is to remove the dependence upon a central service and  
> provide
> mappings at the edge. This is not a simple problem to solve but it is
> better to address the basic problem than piling more on top of what  
> was
> simply an expedient way to scale /etc/hosts maintenance.  
> Unfortunately it
> got tripped up in using local the semantic model of a small group  
> in a huge
> dynamic global namespace as if ambiguity didn't exist.
> -----Original Message-----
> From: David Farber [mailto:dave () farber net]
> Sent: Saturday, October 01, 2005 00:14
> To: Ip Ip
> Subject: [IP] more on Neustar to create their own DNS root and own  
> universe
> to rule
> Begin forwarded message:
> From: "Strata R. Chalup" <strata () virtual net>
> Date: September 30, 2005 6:47:22 PM EDT
> To: dave () farber net, vixie () mfnx net
> Subject: Re: [IP] more on Neustar to create their own DNS root and
> own universe to rule
> I'm quite curious to hear what Paul Vixie thinks of this.  Back in
> the early 90's, and then again recently, I floated the idea that bind
> should incorporate the idea of alternate root servers.   My
> motivation was more political than technical-- currently it is
> frighteningly easy to make an entire domain disappear, silencing
> dissent and politically-incorrect points of view.  I pointed out that
> with all of the joyful hype about the 'net bringing democracy to the
> masses, it wasn't going to happen if there was a single hierarchy out
> of which one could be plucked, redirected, etc etc.
> Vixie's response, while eminiently polite, was very passionate:  his
> vision of the Internet was that it was one space, and support for
> alternate roots would destroy this.  He added that he would use his
> considerable technical and personal resources to squash such a
> concept if it were attempted.  Given his status as an inventor,
> coder, and general formative net entity, I decided to let the matter
> drop.
> I think One Root Zone is still a bad idea for all the reasons I
> brought up in 1994, 2001, and 2003, plus the additional incentive of
> general censorship and net-nannyism at a carrier and national policy
> level.  But 'One Root Zone plus N Portal Zones' is even *worse* than
> One Root Zone, for all these *plus* the fiscal misbehavior incentives.
> Paul, time to buckle on your armor, dude.   Somebody out there (not
> me!) is pursuing this whole-hog, and has a lotta fiscal incentive,
> and deep pockets, to push it through.
> cheers,
> Strata
> David Farber wrote:
>
> > Begin forwarded message:
> > From: Bob Frankston <Bob2-19-0501 () bobf frankston com>
> > Date: September 30, 2005 1:55:17 PM EDT
> > To: dave () farber net, 'Ip Ip' <ip () v2 listbox com>
> > Cc: "Steven M. Bellovin" <smb () cs columbia edu>
> > Subject: RE: [IP] Neustar to create their own DNS root and own
> > universe to rule
> > Perhaps I'm misreading the release but ... Huh -- what's this  
> > nonsense
> > about needing a special cellular DNS just to find my home machine?  
> > Are
> > these people fooling themselves or working hard to create an
> > alternative
> > reality in which they define a universe just so they can rule it?
> > I hesitate to raise the DNS issues again but I've been following
> > the  "IMS"
> > efforts to allow the carriers to bring apps back into their world of
> > billing for everything. I can't help but wonder if this is an
> > attempt to
> > revisit WAP -- the purposefully mislabeled "wireless Internet" and
> > to  make
> > it more difficult to simply access services without the carriers
> > having
> > gatekeeper control and billing.
> > This is a ROOT server and makes cellular users captive. The idea
> > that  the
> > current roots aren't carrier grade is strange -- they handle
> > traffic  loads
> > that would make a carrier wince. I can already access my home files
> > when
> > roaming anywhere in the world. Do these people think there's a
> > real  problem
> > or is it another convenient lie (stupid vs malevolent). Like the
> > one  that
> > said you need special WAP protocols even as I able to travel around
> > the
> > world using a GSM data connection at lower latencies and lower
> > prices on
> > their own networks than they said were possible. And that was just
> > using
> > the normal voice path at voice prices!
> > This is part of the revenge of the Telcos. They are perpetuating
> > the lie
> > that the carriers have a role in push to talk. It's a simple edge
> > application. I can write a small app to hook an SMS message and do
> > it  on a
> > PPC phone now (or Symbion, Linux etc).
> > If anything we need to get past the whole notion of hand-offs.
> > Remember how
> > any years it took the carriers to make it work at all? I won't do the
> > design here but it is fairly simple for devices at the edge to
> > maintain
> > their relationships as they travel. Taking the state information
> > out  of the
> > network scales far better. But it does the one thing that the
> > carriers fear
> > more than anything -- it takes their control away. I could then
> > roam  from
> > carrier to carrier transparently and to Wi-Fi. The current regimen
> > makes
> > Wi-Fi calls billable. With relationships maintained edge-to-edge
> > there is
> > no place for the billing troll to perch.
> > What's interesting is that it is so "obvious" we need handoffs in the
> > network but a few minutes of thinking demonstrate that not only is
> > that not
> > true but we can do far better without it. It's not (necessarily)
> > that  the
> > carriers are lying but they succumb to convenient fallacies and  
> > people
> > accept the stories because they are so obviously true. If  
> > anything, my
> > claim that we can do the handoffs at the edge is greeted the
> > skepticism and
> > instead we get proposals for Mobile-IP which reintroduce hand-offs
> > into the
> > network itself.
> > The whole IMS effort to introduce a billable (the word is an
> > implicit  part
> > of any such proposal) control plane into the network makes the
> > whole  notion
> > carrier grade problematic in the sense that it becomes brittle and
> > unreliable. Instead of simply establishing connections between
> > devices and
> > letting the devices work out the protocols you now need every
> > element  to be
> > crafted to interrupt just right for each protocol and then resist any
> > innovation. It's X.400 vs SMTP all over again. It's classic
> > engineering in
> > which everything must work for anything to work rather than Internet
> > engineering in which anything that works works and the more the
> > better.
> > Carrier grade means spending 100x (or much more) to achieve brittle
> > (billable) reliability. Internet grade means you might get an
> > occasional
> > hiccup but it's worth it to reduce the costs and allow
> > experimentation. You
> > can then afford massive extra capacity which yields higher effective
> > reliability. When the #1 ESS was installed at MIT in 1970 it was
> > down  for
> > five hours the first night -- a century of projected downtime.  
> > Carrier
> > grade means failures don't count because they are catastrophic and
> > thus
> > outside the metrics.
> > Sorry about ranting but it leads me back to the DNS itself. In
> > this  case it
> > seems to be about using the DNS for control. But the DNS itself is
> > problematic as it leads to a false sense of authority. Attempts to
> > create a
> > separate DNS threaten this and force us to find alternative means of
> > establishing relationships.
> > If I get a different DNS using EV-DO than I get using IP, then we
> > might as
> > well forget the whole thing and go completely Edge to Edge (P2P)
> > and  create
> > better mechanisms. It's doable but requires giving up the illusion
> > that we
> > need to use the DNS because it's no longer a commons we think we
> > can  trust.
> > -----Original Message-----
> > From: David Farber [mailto:dave () farber net]
> > Sent: Friday, September 30, 2005 09:48
> > To: Ip Ip
> > Subject: [IP] Neustar to create their own DNS root
> > Begin forwarded message:
> > From: "Steven M. Bellovin" <smb () cs columbia edu>
> > Date: September 30, 2005 12:15:11 AM EDT
> > To: dave () farber net
> > Subject: Neustar to create their own DNS root
> > Neustar, a company that should certainly know better, has announced
> > that they're going to create a .gprs TLD to serve the mobile phone
> > industry (http://www.neustar.com/pressroom/files/announcements/
> > ns_pr_09282005.pdf)
> > This, of course, requires creation of a private root zone, against  
> > the
> > very strong warnings in RFC 2826.  This is not quite as bad as a
> > general-purpose alternate root, since it's restricted to use by  
> > mobile
> > operators, but it's bad enough.  Here's one possible complication:
> > suppose some operator decides that some other company is better
> > qualified than Neustar to operate yet another private TLD.  Which  
> > root
> > should they then subscribe to?  (Yes, this would punish that company
> > more than Neustar.  It would also leave Neustar in the driver's seat
> > for any future such private TLDs.)
> > There may be even more to this situation.  ICANN recently approved
> > .mobi, which is aimed at consumers and "providers of those products,
> > services, content, and other items to ... other Providers".  Why
> > aren't
> > they using .grps.mobi for this?
> > (Beyond all that, a U.S. diplomat stated in Geneva that the U.S.  
> > would
> > not agree to turn over control of the Internet to the U.N.  "It's
> > not a
> > negotiating issue. This is a matter of national policy.")
> >         --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
> > -------------------------------------
> > You are subscribed as BobIP () Bobf Frankston com
> > To manage your subscription, go to
> >  http://v2.listbox.com/member/?listname=ip
> > Archives at: http://www.interesting-people.org/archives/
> > interesting- people/
> > -------------------------------------
> > You are subscribed as strata () virtual net
> > To manage your subscription, go to
> > http://v2.listbox.com/member/?listname=ip
> > Archives at: http://www.interesting-people.org/archives/interesting-
> > people/
> --
> ====================================================================== 
> ==
> Strata Rose Chalup [KF6NBZ]                      strata "@"  
> virtual.net
> VirtualNet Consulting                            http:// 
> www.virtual.net/
>               ** Strategic IT for the Growing Enterprise **
> ====================================================================== 
> ==
> =
> -------------------------------------
> You are subscribed as BobIP () Bobf Frankston com
> To manage your subscription, go to
>   http://v2.listbox.com/member/?listname=ip
> Archives at: http://www.interesting-people.org/archives/interesting- 
> people/

--
========================================================================
Strata R Chalup [KF6NBZ]                         strata "@" virtual.net
Virtual.Net Inc                                  http://www.virtual.net/
          ** Strategic IT for the Growing Enterprise **
======================================================================== 
=


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/