[dns-wg] revised text for NTIA response - v4

I have updated the list of  bullet points to reflect the recent  
comments and feedback. There are a few minor tweaks and some  
introductory motherhood and apple pie statements. Point 5 has the most  
substantive change. I think it now accommodates the concerns that some  
have expressed about the possibilty that the existing way of managing  
the root could become entrenched by the deployment of DNSSEC. Perhaps  
the two sentences here need to be split into discrete statements?

We have to be careful here. If we don't go along with the current  
process for co-ordinating root zone changes, politicians will latch on  
to that as an excuse to open another line of attack over USG control  
of the Internet. If that happens, we won't get a signed root any time  
soon. So I hope the line we can all agree on is "Let's go with the  
current process for managing the root for now to get DNSSEC deployed.  
But don't introduce a signed root in a way that will prevent a  
different mechanism with perhaps different entities and roles being  
used at some point later on.". I hope we can all live with that. This  
is what I have tried to encapsulate in point 5.

Point 12 is a tweaked version of Richard Lamb's remarks. I think this  
could/should be moved nearer to the top of the list.

Anyway, now it's time for comments. It would be helpful if you  
contribute alternate text along with any clarifications or remarks. ie  
Please don't just say "Point X is unclear/confusing". Please say why  
it's confusing and suggest better wording. If we are to reach  
consensus by this weekend, the discussion needs to be focused and  
direct.

#
#	$Id: ntia-draft,v 1.4 2008/11/03 10:25:25 jim Exp $
#

RIPE welcomes the NTIA's consultation on the proposals to sign the
root and is pleased to support that effort. We urge the NTIA to adopt
a solution that leads to a prompt signed root zone. The solution must
not compromise the stability and integrity of the root zone management
process. It should be flexible enough to allow for the entities and
roles involved in the process to be replaced or for the process itself
to be replaced. The solution should minimise reasonable concerns,
whether they are of a political, economic or business nature.

It is to be expected that a community as diverse as RIPE cannot have a
unified set of detailed answers to the NTIA questionnaire. However  
several
members of the RIPE community will be individually responding to that
questionnaire. We present the following statement as the consensus
view of our community (or the DNS Working Group?) about the principles
that should form the basis of the introduction of a signed DNS root.

1. Secure DNS, DNSSEC, is about data authenticity and integrity and
not about control.

2. The introduction of DNSSEC to the root zone must be recognised as a
global initiative.

3. Addition of DNSSEC to the root zone must be done in a way that the
security and stability of the Domain Name System is not at risk.

4. Deployment of a signed root should be done in a timely but not
hasty manner.

5. To assist with a timely deployment, any procedural changes
introduced by DNSSEC should be aligned with the current process for
coordinating changes to and the distribution of the root zone. However
those procedural changes should provide sufficient flexibility to
allow for the roles and processes as well as the entities holding
those roles to be changed after suitable consultations have taken
place.

6. Policies and processes for signing the root zone should make it
easy for TLDs to supply keys and credentials so the delegations for
those TLDs can be signed.

7. There is no technical justification to create a new organisation to
oversee the process of signing of the root.

8. No data should be moved between organisations without appropriate
authenticity and integrity checking.

9. The public part of the key signing key must be distributed as
widely as possible.

10. The organisation that generates the root zone file must hold the
private part of the zone signing key.

11. Changes to the entities and roles in the signing process must not
necessarily require a change of keys.

12. When balancing the various concerns about signing the root zone,
the chosen approach must provide an appropriate level of trust and
confidence by offering a maximally secure technical solution.