This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] NTIA NoI: does anyone care?
- Previous message (by thread): [dns-wg] NTIA NoI: does anyone care?
- Next message (by thread): [dns-wg] Re: NTIA NoI: does anyone care?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dmitry Burkov
dburk at burkov.aha.ru
Mon Oct 20 17:03:43 CEST 2008
Joao, not exactly and immediately today. The problem is that new tool will be used in software and especially end-user soft. As it will happen the situation will be changed radically. Or I am madness or something miss. Dmitry Joao Damas ?????: > Dmitry, > my mail was not technical at all. > How does the state of affairs change from today? what are your > reaction possibilities and their impact and how do they differ from > today's scenario? Does the signing of the root zone actually impede or > make harder any of the reactions you would exercise today against, for > example, the deletion of a ccTLD from the root zone? > is there an analysis of how zone signing changes any of this? > > Joao > > > On 20/10/2008, at 16:42, Dmitry Burkov wrote: > >> Joao, >> to be realistic - the most probable reaction will be refuse to sign >> with all following consequences. >> SIDR deployment (as it propsed today) it will be a real problem. >> DNSSEC deployment will be less problematic but still a problem as it >> will be used in software more and more. >> >> It also raises an old question about Internet governance and role of >> USG in this process as will enforce DoC position. >> Some people for years tried to explain root servers stability and >> practical independence from any one government now their arguments >> will fall down. >> In any of NTIA's proposed scheme it will be under one country >> regulation and if previously you can imagine partly functional ccTLDs >> even if zone was changed - >> now if signature will be invalid/recalled (don't know term in >> english) it will be more problematic. >> >> When we begin to use digital signatures for infrastructure - may be, >> we miss the point that this tool is just a reflection of some real world >> relations and obligations and based on national laws and other lawyer >> stuff. >> Putting it on this part of the net we risk to involve all issues from >> real world. >> >> And all benefits which you mentioned and which I understand and >> recognize from technical point of view will be non significant. >> >> regards, >> Dmitry >> >> >> Joao Damas ?????: >>> This is an argument that has repeated itself for some time now, with >>> few arguments to back it. >>> >>> Perhaps those with doubts about how a signed zone might be wielded >>> as a weapon against some party, would be interested in performing an >>> analysis of what the possible reactions are to such an attempt and >>> compare both the actions and their result to today's situation with >>> an unsigned zone. Then for the extra bonus, analyse the benefits of >>> having a signed zone when it is not being wielded as a weapon >>> (assuming the previous analysis actually finds that possibility to >>> be real) >>> >>> Joao Damas >>> >>> On 15/10/2008, at 18:41, Dmitry Burkov wrote: >>> >>>> Jim Reid wrote: >>>> >>>> Jim, >>>> for me it seems - that it will raise governance issues and it is >>>> not technical problem - but more political and legal issue. >>>> I really worry about potential consequences of all these intentions >>>> to deploy on the net some digital signatures based techniques (aka >>>> DNSSEC, sidr) >>>> It is very risky and can provocate Internet fragmentation. >>>> We can try to improve security and stability - but in result we can >>>> get totally different Internet - it is like as some kind of Pandora >>>> box. >>>> >>>> Dmitry >>>>> So far there has been no discussion on the list about the NTIA >>>>> proposals about getting the root signed. I would have hoped >>>>> someone would have said something by now. Sigh. >>>>> >>>>> Please try to find some time to look at the NTIA's suggestions and >>>>> if possible send your comments to the list. I think this WG has an >>>>> obligation to make some sort of "official" response to the NTIA's >>>>> consultation. After all, we played our part to get the ball >>>>> rolling by producing the "sign the root" letter to ICANN at the >>>>> Tallinn meeting. So now that there are some concrete proposals for >>>>> consideration, I feel the WG should look at them and respond. >>>>> >>>>> I would also welcome suggestions from WG members about how to >>>>> stimulate a discussion here about the NTIA proposals. Although >>>>> time has been set aside in the RIPE57 agenda, that won't be >>>>> enough. The majority of people on this list won't be in Dubai. And >>>>> besides, it's really the list that should decide the WG's opinion >>>>> and what action it should take. >>>>> >>>>> Over to you.... >>>>> >>>> >>> >
- Previous message (by thread): [dns-wg] NTIA NoI: does anyone care?
- Next message (by thread): [dns-wg] Re: NTIA NoI: does anyone care?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]