[At-Large] R: China is going to divide the DNS

Karl Auerbach karl at cavebear.com
Sun Jul 1 22:38:18 UTC 2012

The real issue of that Internet Draft is not based in technology, rather 
it is based in politics.

As many have pointed out, there is zero chance that the IETF process 
will allow this draft to grow to any sort of internet standard status.

But the IETF is not the last word - it never really was.  Just look a 
the of network services as shown by IANA.  It shows something on the 
order of 15,000 network services many of which were done outside of the 
context of the IETF - 

There is no technical doubt that parallel, competing DNS roots could be 
established.  There are many who argue that that would cause a split in 
the internet name space.  It could.  But that is a possible outcome, not 
a necessary outcome.

Personally I look at the issue not as one of singularity or multiplicity 
of DNS roots but rather as one of consistency.

Everyone, I hope, has seen the Monty Python tobacconist sketch -  more 
often called the Hungarian Phrase Book sketch in which a person has a 
Hungarian-to-English phrase book that horribly mistranslates things.


Think of DNS roots as competing phrase books.  A poor DNS root such as 
shown in the sketch might be funny, but it would make its users angry 
and would have minimal commercial prospects and, if it survived at all, 
it would tend to evolve into a special niche.

Think of DNS roots as facing the same kind of pressure - if they are 
inconsistent, i.e. if they surprise their users, then those users (or 
their ISPs) will vote with their feet and choose a less surprising DNS root.

Now, there is the argument of misrepresentation - it is a valid 
argument.  But there are existing mountains of laws and regulations in 
every country that can be brought to bear on people (natural or 
corporate) that engage in fraudulent representations.  It may be harder 
than one likes to turn an accusation into a punishment, but due process 
is neither always efficient nor always quick.

And there is a flaw in the internet architecture - which is the lack of 
universal mutual identification and authentication.  We tend to use the 
internet as if we we though that every time we utter a domain name we 
get perfect answers.  Anybody who utters "google.com" in a web browser 
while traveling learns that DNS names lack geographic uniformity.  And 
we all know that DNS names lack temporal uniformity because we have all 
encountered DNS names that have been re-purposed.

Consequently that flaw in the internet architecture contributes to this 
belief that domain names are somehow perfect master keys.

We would be silly to pick up a telephone, tap out a number we believe to 
be that of our doctor and as soon as someone - anyone - answers we blurt 
out our deepest secrets.  We know better - it could be a wrong number or 
someone else may have picked up.  But on the internet we do not know 
better, we blurt out like that.

So the problem with arguments about misleading data from competing roots 
are based more on a lack of a universally deployed internet layer to do 
consistent identification and authentication than they are based on DNS 

My own sense is that if we allow competing roots we would not have 
needed ICANN's TLD processes; new TLDs could have grown in much the same 
way that new products aspire to shelf space in stores.  Those TLD 
products that got user acceptance would survive and those that didn't 
would fail - that is true "bottom up" consensus rather than the rather 
forced system we see in ICANN.  For more on that idea see 

Back to the internet draft:

In my business (testing of internet protocols for robustness) I see a 
lot of corporate energy to create internet drafts in order to gain 
ability to claim "we ware working within the IETF" while moving forward 
on an idea no matter whether the IETF goes along or not.

I suspect that the authors of this draft are serious technologists who 
are earnest about their ideas and that the ideas themselves are worthy 
of examination and consideration.

But the larger political message is that the mantra of a singular, 
rigidly catholic DNS is starting to evolve into a message that elides 
the rigid hierarchy from exactly one provider to a message that 
envisions something more like separate and equal hierarchies that are 
sufficiently consistent with one another that users will not be 
discomforted, at least not any more than they are today by client geo-IP 
based name resolution.


More information about the At-Large mailing list