[EURO-Discuss] Short bio for the election of the Euralo representatives to the ALAC
JFC Morfin
jefsey at jefsey.com
Sat Aug 30 19:41:03 EDT 2008
At 23:27 30/08/2008, Lutz Donnerhacke wrote:
>Because this point might be interesting in this election:
>I believe in a single root. Not a virtual one. A real single root.
>
>I *define an internet* as a transitive hull of computers connected using
>TCP/IP. And I *define the Internet* as an internet with contains the IANA
>operated DNS root servers.
>
>Please consider this very clear position in your vote.
>I'm a technical guy, I do not dream.
Dear Lutz,
I am afraid only non-technical guys are dogmatic: "The principle of
constant change is perhaps the only principle of the Internet that
should survive indefinitely." (RFC 1958).
As a result ICANN's position is extremely clear (ICP-3):
".. alternate roots are commonly operated by large organizations
within their private networks without harmful effects, since care is
taken to prevent the flow of the alternate resource records onto the
public Internet."
"It should be noted that the original design of the DNS provides a
facility for future extensions that accommodates the possibility of
safely deploying multiple roots on the public Internet for
experimental and other purposes. As noted in RFC 1034, the DNS
includes a "class" tag on each resource record, which allows resource
records of different classes to be distinguished even though they are
commingled on the public Internet. For resource records within the
authoritative root-server system, this class tag is set to "IN";
other values have been standardized for particular uses, including
255 possible values designated for "private use" that are
particularly suited to experimentation."
"As described in a recent proposal within the IETF,11 this "class"
facility allows an alternate DNS namespace to be operated from
different root servers in a manner that does not interfere with the
stable operation of the existing authoritative root-server system. To
take advantage of this facility, it should be noted, requires the use
of client or applications software developed for the alternate
namespace (presumably deployed after responsible testing), rather
than the existing software that has been developed to interoperate
with the authoritative root" ...
"In an ever-evolving Internet, ultimately there may be better
architectures for getting the job done where the need for a single,
authoritative root will not be an issue. But that is not the case
today. And the transition to such an architecture, should it emerge,
would require community-based approaches. In the interim, responsible
experimentation should be encouraged, but it should not be done in a
manner that affects those who do not consent after being informed of
the character of the experiment."
"Experimentation has always been an essential component of the
Internet's vitality. Working within the system does not preclude
experimentation, including experimentation with alternate DNS roots.
But these activities must be done responsibly, in a manner that does
not disrupt the ongoing activities of others and that is managed
according to experimental protocols."
"DNS experiments should be encouraged. Experiments, however, almost
by definition have certain characteristics to avoid harm: (a) they
are clearly labeled as experiments, (b) it is well understood that
these experiments may end without establishing any prior claims on
future directions, (c) they are appropriately coordinated within a
community-based framework (such as the IETF), and (d) the
experimenters commit to adapt to consensus-based standards when they
emerge through the ICANN and other community-based processes. This is
very different from launching commercial enterprises that lull users
into a sense of permanence without any sense of the foregoing
obligations or contingencies."
Most of the technical guys (such as the IETF) failed ICANN. With the
current situation as a result. @larges carried the experiment. Tested
the way virtual root should work, and the way it works today (I wrote
a TLD Manager and Root Administrator Best Practices that was signed
by several and discussed with Europe and Denic at that time). We do
not intend to suffer from the lack of response of the IETF (I called
upon three times in vain, asking to share in our ICANN conformant
test-bed experimentation [dot-root project] that was reported at the
time to Europe, ITU, Govs, etc. [in French]).
Today, I am sure many are ready to try to include DNSSEC in thier own
system plans if you wish to help determine why it would be good, how,
and how to test it. Specially the very young NSEC3. And how to adapt
to the virtual root matrix.
However, I am sorry, I am a network architect and system designer,
our members are @large Internet lead users. They are technically and
politically aware. Our duty is to our fellow citizens and to our
countries : we cannot back to 1983 when I was running the world
"root" and interfaced the young Internet (RFC 920, Postel). Telling
the ICANN BoD it is possible could be religious, but would not be
telling the truth.
I will look carefully through your other mails. This is very
ionformative and helpfull. Even if we may disagree on some points.
Thank you!
jfc
More information about the EURO-Discuss
mailing list