This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] NTIA NoI: does anyone care?
- Previous message (by thread): [dns-wg] Re: root zone signing
- Next message (by thread): [dns-wg] NTIA NoI: does anyone care?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Joao Damas
Joao_Damas at isc.org
Mon Oct 20 16:48:40 CEST 2008
Dmitry, my mail was not technical at all. How does the state of affairs change from today? what are your reaction possibilities and their impact and how do they differ from today's scenario? Does the signing of the root zone actually impede or make harder any of the reactions you would exercise today against, for example, the deletion of a ccTLD from the root zone? is there an analysis of how zone signing changes any of this? Joao On 20/10/2008, at 16:42, Dmitry Burkov wrote: > Joao, > to be realistic - the most probable reaction will be refuse to sign > with all following consequences. > SIDR deployment (as it propsed today) it will be a real problem. > DNSSEC deployment will be less problematic but still a problem as it > will be used in software more and more. > > It also raises an old question about Internet governance and role of > USG in this process as will enforce DoC position. > Some people for years tried to explain root servers stability and > practical independence from any one government now their arguments > will fall down. > In any of NTIA's proposed scheme it will be under one country > regulation and if previously you can imagine partly functional > ccTLDs even if zone was changed - > now if signature will be invalid/recalled (don't know term in > english) it will be more problematic. > > When we begin to use digital signatures for infrastructure - may be, > we miss the point that this tool is just a reflection of some real > world > relations and obligations and based on national laws and other > lawyer stuff. > Putting it on this part of the net we risk to involve all issues > from real world. > > And all benefits which you mentioned and which I understand and > recognize from technical point of view will be non significant. > > regards, > Dmitry > > > Joao Damas ?????: >> This is an argument that has repeated itself for some time now, >> with few arguments to back it. >> >> Perhaps those with doubts about how a signed zone might be wielded >> as a weapon against some party, would be interested in performing >> an analysis of what the possible reactions are to such an attempt >> and compare both the actions and their result to today's situation >> with an unsigned zone. Then for the extra bonus, analyse the >> benefits of having a signed zone when it is not being wielded as a >> weapon (assuming the previous analysis actually finds that >> possibility to be real) >> >> Joao Damas >> >> On 15/10/2008, at 18:41, Dmitry Burkov wrote: >> >>> Jim Reid wrote: >>> >>> Jim, >>> for me it seems - that it will raise governance issues and it is >>> not technical problem - but more political and legal issue. >>> I really worry about potential consequences of all these >>> intentions to deploy on the net some digital signatures based >>> techniques (aka DNSSEC, sidr) >>> It is very risky and can provocate Internet fragmentation. >>> We can try to improve security and stability - but in result we >>> can get totally different Internet - it is like as some kind of >>> Pandora box. >>> >>> Dmitry >>>> So far there has been no discussion on the list about the NTIA >>>> proposals about getting the root signed. I would have hoped >>>> someone would have said something by now. Sigh. >>>> >>>> Please try to find some time to look at the NTIA's suggestions >>>> and if possible send your comments to the list. I think this WG >>>> has an obligation to make some sort of "official" response to the >>>> NTIA's consultation. After all, we played our part to get the >>>> ball rolling by producing the "sign the root" letter to ICANN at >>>> the Tallinn meeting. So now that there are some concrete >>>> proposals for consideration, I feel the WG should look at them >>>> and respond. >>>> >>>> I would also welcome suggestions from WG members about how to >>>> stimulate a discussion here about the NTIA proposals. Although >>>> time has been set aside in the RIPE57 agenda, that won't be >>>> enough. The majority of people on this list won't be in Dubai. >>>> And besides, it's really the list that should decide the WG's >>>> opinion and what action it should take. >>>> >>>> Over to you.... >>>> >>> >>
- Previous message (by thread): [dns-wg] Re: root zone signing
- Next message (by thread): [dns-wg] NTIA NoI: does anyone care?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]