[IP] Re: Department of Homeland and Security wants

[David P. Reed]

master key for DNS

A dirty little secret is that the late, lamented and sensible Jon  
Postel once demonstrated how easy it would be to take the entire  
Internet out of the hands of the government entirely, because in fact  
the decision of what the "root" is is pretty damned arbitrary.  
(because people who think roots and port numbers are "real" seem to  
fantasize about physical metaphors that create more reality than  
there is here, so you have to show them).

I think it would still be a small project to take the roots away from  
the US Gov't entirely, once and for all.   If they demand the key and  
get it with the purpose of enforcing yet another attack on collective  
will, I am happy to help.   Nothing illegal is necessary.  99% of  
humanity will probably volunteer to join the new root system - both  
libertarian conservatives and liberal thinkers are pretty much  
together on this.  I'm pretty sure Microsoft and Apple (and I know  
Linux) communities would happily substitute a new root for a "gov't  
censored" one - and I don't think appeals to "child molesters" and  
"terrorists" and other bloody shirts being waved would cause them to  
think twice.  What might get Microsoft to play ball is a promise to  
stop hammering them on antitrust, but hey, they have to worry about  
the next administration and the one after that - companies outlive  
governments.

And even if Microsoft didn't put the new roots in, it's really easy  
to distribute a root replacement add-in or to add it to the NAT boxes.

So "self help" is why the government might want to think twice about  
sticking this screwdriver in their own eye.

Yeah, as John Levine says, the ICANN may not be a very mature body,  
but just think what the maturity of your favorite governmental figure  
is like.   Do you like the "liberals"?  Do you like the "religious  
right"?   Do you like the Hillary?  What about the Cheney?

In the matter of the DNS, we the users of the Internet hold all the  
power.   The master key is a fantasy.


David Farber wrote:
>
>
>Begin forwarded message:
>
>From: Christian Huitema <huitema at windows.microsoft.com>
>Date: April 1, 2007 4:53:59 PM EDT
>To: dave at farber.net
>Subject: RE: [IP] Re: Department of Homeland and Security wants  
>master key for DNS
>
>>In view of ICANN's chaotic management, I expect that a lot of those
>>governments are quietly happy to have ICANN under adult supervision,
>>and although they may say they want it independent of the US,  
>>short of
>>handing it to the ITU or some other institution with international
>>legitimacy, the USG is going to stay in charge, in which case it
>>really doesn't matter whether the master key belongs to ICANN, IANA,
>>DOC, or DHS because it all amounts to the same thing.
>
>But why do we need a master key for the DNS at all? If a name is  
>really
>popular, one can expect that its key will be well known.  
>Verification of
>that key should not depend on the whims of the centralized  
>registry. DNS
>servers should manage their list of well known keys, and protect their
>users against any bureaucratic error at the root level. Most top level
>domains and many big services should easily reach that level of
>popularity, and not depend on the root key for their security.
>
>-- Christian Huitema
>
>
>
>
>
>-------------------------------------------
>Archives: http://v2.listbox.com/member/archive/247/@now
>Powered by Listbox: http://www.listbox.com
>


-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/@now
Powered by Listbox: http://www.listbox.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE