[dns-wg] NTIA NoI: does anyone care?
Dmitry Burkov dburk at burkov.aha.ru
Mon Oct 20 17:03:43 CEST 2008
Joao, not exactly and immediately today. The problem is that new tool will be used in software and especially end-user soft. As it will happen the situation will be changed radically. Or I am madness or something miss. Dmitry Joao Damas ?????: > Dmitry, > my mail was not technical at all. > How does the state of affairs change from today? what are your > reaction possibilities and their impact and how do they differ from > today's scenario? Does the signing of the root zone actually impede or > make harder any of the reactions you would exercise today against, for > example, the deletion of a ccTLD from the root zone? > is there an analysis of how zone signing changes any of this? > > Joao > > > On 20/10/2008, at 16:42, Dmitry Burkov wrote: > >> Joao, >> to be realistic - the most probable reaction will be refuse to sign >> with all following consequences. >> SIDR deployment (as it propsed today) it will be a real problem. >> DNSSEC deployment will be less problematic but still a problem as it >> will be used in software more and more. >> >> It also raises an old question about Internet governance and role of >> USG in this process as will enforce DoC position. >> Some people for years tried to explain root servers stability and >> practical independence from any one government now their arguments >> will fall down. >> In any of NTIA's proposed scheme it will be under one country >> regulation and if previously you can imagine partly functional ccTLDs >> even if zone was changed - >> now if signature will be invalid/recalled (don't know term in >> english) it will be more problematic. >> >> When we begin to use digital signatures for infrastructure - may be, >> we miss the point that this tool is just a reflection of some real world >> relations and obligations and based on national laws and other lawyer >> stuff. >> Putting it on this part of the net we risk to involve all issues from >> real world. >> >> And all benefits which you mentioned and which I understand and >> recognize from technical point of view will be non significant. >> >> regards, >> Dmitry >> >> >> Joao Damas ?????: >>> This is an argument that has repeated itself for some time now, with >>> few arguments to back it. >>> >>> Perhaps those with doubts about how a signed zone might be wielded >>> as a weapon against some party, would be interested in performing an >>> analysis of what the possible reactions are to such an attempt and >>> compare both the actions and their result to today's situation with >>> an unsigned zone. Then for the extra bonus, analyse the benefits of >>> having a signed zone when it is not being wielded as a weapon >>> (assuming the previous analysis actually finds that possibility to >>> be real) >>> >>> Joao Damas >>> >>> On 15/10/2008, at 18:41, Dmitry Burkov wrote: >>> >>>> Jim Reid wrote: >>>> >>>> Jim, >>>> for me it seems - that it will raise governance issues and it is >>>> not technical problem - but more political and legal issue. >>>> I really worry about potential consequences of all these intentions >>>> to deploy on the net some digital signatures based techniques (aka >>>> DNSSEC, sidr) >>>> It is very risky and can provocate Internet fragmentation. >>>> We can try to improve security and stability - but in result we can >>>> get totally different Internet - it is like as some kind of Pandora >>>> box. >>>> >>>> Dmitry >>>>> So far there has been no discussion on the list about the NTIA >>>>> proposals about getting the root signed. I would have hoped >>>>> someone would have said something by now. Sigh. >>>>> >>>>> Please try to find some time to look at the NTIA's suggestions and >>>>> if possible send your comments to the list. I think this WG has an >>>>> obligation to make some sort of "official" response to the NTIA's >>>>> consultation. After all, we played our part to get the ball >>>>> rolling by producing the "sign the root" letter to ICANN at the >>>>> Tallinn meeting. So now that there are some concrete proposals for >>>>> consideration, I feel the WG should look at them and respond. >>>>> >>>>> I would also welcome suggestions from WG members about how to >>>>> stimulate a discussion here about the NTIA proposals. Although >>>>> time has been set aside in the RIPE57 agenda, that won't be >>>>> enough. The majority of people on this list won't be in Dubai. And >>>>> besides, it's really the list that should decide the WG's opinion >>>>> and what action it should take. >>>>> >>>>> Over to you.... >>>>> >>>> >>> >
[ dns-wg Archives ]