worth reading A REPLY FROM Vixie on Neustar to create their own DNS root and own universe to rule

[David Farber <dave () farber net>]

Begin forwarded message:

From: Paul Vixie <paul () vix com>
Date: October 1, 2005 10:44:02 AM EDT
To: "Strata R. Chalup" <strata () virtual net>
Cc: dave () farber net
Subject: Re: Fwd: [IP] more on Neustar to create their own DNS root  
and own universe to rule


strata,

someone was kind enough to forward this to me.  note that i no longer  
work
at MFN (since 2002, that is) and that vixie () mfnx net will no longer  
reach me.

dave,

you may forward this to I-P if you find it entertaining or otherwise  
useful.

paul

# > From: "Strata R. Chalup" <strata () virtual net>
# > Date: September 30, 2005 6:47:22 PM EDT
# > To: dave () farber net, vixie () mfnx net
# > Subject: Re: [IP] more on Neustar to create their own DNS root  
and  own
# > universe to rule
# >
# > I'm quite curious to hear what Paul Vixie thinks of this.  Back  
in the
# > early 90's, and then again recently, I floated the idea that bind  
should
# > incorporate the idea of alternate root servers.  My motivation  
was more
# > political than technical-- currently it is frighteningly easy to  
make an
# > entire domain disappear, silencing dissent and politically-incorrect
# > points of view.  I pointed out that with all of the joyful hype  
about the
# > 'net bringing democracy to the masses, it wasn't going to happen  
if there
# > was a single hierarchy out of which one could be plucked,  
redirected, etc
# > etc.
# >
# > Vixie's response, while eminiently polite, was very passionate:  
his vision
# > of the Internet was that it was one space, and support for  
alternate roots
# > would destroy this.  He added that he would use his considerable  
technical
# > and personal resources to squash such a concept if it were  
attempted.
# > Given his status as an inventor, coder, and general formative net  
entity,
# > I decided to let the matter drop.
# >
# > I think One Root Zone is still a bad idea for all the reasons I  
brought up
# > in 1994, 2001, and 2003, plus the additional incentive of general
# > censorship and net-nannyism at a carrier and national policy  
level.  But
# > 'One Root Zone plus N Portal Zones' is even *worse* than One Root  
Zone,
# > for all these *plus* the fiscal misbehavior incentives.
# >
# > Paul, time to buckle on your armor, dude.  Somebody out there  
(not me!)
# > is pursuing this whole-hog, and has a lotta fiscal incentive, and  
deep
# > pockets, to push it through.
# >
# > cheers,
# > Strata

in 2005 i am just as passionate but not always just as polite about  
this as
i was in prior years.  on http://fm.vix.com/ i repeated some of my  
words from
NANOG last week.  to wit:

    i am not neccesarily an admirer of the US-DoC/ICANN/VeriSign  
trinity,
    but i work to uphold it in spite of its flaws and my misgivings,
    simply because of the end-game mechanics.  if any hair-brained
    alternate root scheme ever gets traction and starts to be a  
force to
    be reckoned with, then THAT is when the gold rush will begin.   
instead
    of a few whacko pirates like new.net and unidt, we'll be buried in
    VC-funded "namespace plays".  every isp will have to decide  
whether to
    start one, join one, or stay with the default. most will decide to
    outsource or consort, but the money plays and consortia will  
come and
    go and fail and merge just like telco's and isp's do today. the  
losers
    will be my children, and everybody else who just wants to type a  
URL
    they saw on a milk carton into their browser and have it work.

sadly for me, it doesn't always matter to the world what i think.   
folks ARE
doing "alternate roots", and mostly not for the democracy-related  
reasons you
gave.  a note, though.  i had the incredible honour of joining martin
varsavsky, dan gilmor, joi ito, david isenberg, and a dozen or so  
others in
madrid to talk about internet's effect on democracy.  from I-P's  
archives:

http://www.interesting-people.org/archives/interesting-people/200503/ 
msg00113.html

i strongly recommend a reading, even if it's a re-reading, of "the
infrastructure of democracy" as shown on the above page.  and do note  
that
i was in total agreement with that consensus position.

however, there's not a lot of overlap between the concept of internet- 
enabled
democracy and the concept of alternate roots.  having lots of roots  
means that
speech is not as free, and that your isp or your government can  
connect you to
a namespace that lacks the kind of dissent they don't like, or mis- 
answer
your computer's DNS questions in a way that shows you only what they  
want you
to see.  alternate roots is a goalset not only outside the DNS  
protocol but
incompatible with internet-enabled democracy.

that having been said, i'm sometimes a practical man.  alternate  
roots do
exist, and more will come.  i've pondered the meaning of all of this  
within
the context of the dns protocol and of my company's open source  
implementation
of that protocol, and i think i can see a way to define and support  
alternate
roots in a way that will reduce their chaos -- but not their harm.   
given that
the US-DoC/VeriSign/ICANN trinity pursuing "a policy contrary to  
their own
interests" and that the inevitable result of this will be hundreds if  
not
thousands of chaotically interrelated dns namespaces, i'm ready to  
consider
ways that DNS and BIND might be extended to make that inevitable  
condition less
painful to live in.  but if i do it, it will be with rage in my heart  
against
those who could have helped us preserve name universality but who  
squandered
that opportunity for short term political or financial gain.

oh and one more thing.  a small technical matter, insignificant next  
to the
democracy-related points you raised.  neustar isn't doing anything  
wrong--
the "root" they'll operate will only be seen by GPRS cell towers, not by
end-user handsets.  end-user GPRS handsets will mostly see content  
from .MOBI,
and GSMA (the contracting party for neustar in this case) was a very  
strong
member of the consortium who asked for .MOBI.  it's not wrong to make a
namespace that's only usable by a closed population-- folks following  
RFC1918
do it every day.  it's not wrong for neustar to do this.  silly,  
yes.  wrong,
no.  it's not necessary and it will cause them more trouble than it  
saves
them and it will be used as a template by people who shouldn't follow  
it and
it's clearly causing a lot of misunderstanding in forums like I-P...  
but it's
not an alternate root in the sense that new.net or unidt are  
alternate roots,
and it's probably safe to stop talking about it now.


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/