Domain: tinc-org.com
Stories and comments across the archive that link to tinc-org.com.
Comments · 10
-
Alternatives to ICANN and othrt root zones
I think there are a few things amiss with the pfir plan and I'd like to suggest and comment on some alternatives and have a few comments about our continues use of 20th century DNS.
Look back at the creation of ICANN and it's not difficult to see why it has failed. The timeline goes something like this: when the Wired article came out in 1994 where Joshua Quittner reported he registered mcdonalds.com and McDonalds didn't want it he ended up selling it to Burger King. At the time InterNIC registrations were taking about 3 days. This shot up to 11 weeks in a matter of days. The NSF, who funded NSI to run the InterNIC, did not feel it's role, which is to foster academic and scientific advancement, included subsidizing deodorant.com and the like, so, it asked the FNCAC to do something. What they did was instruct the NSF to tell NSI to begin charging for domains. This caught the Internet community rather off guard and discussion ensued on a "newdom" mailing list (whose archives can be found here). Several forces came into play. First was the rift between the group that felt they too could run a TLD and the group that though this should be run from a great big central registry. The latter became the IAHC/CORE thing while the former became the first alternative root. The US Government shut down the IAHC and began it's own proceedings: the white paper was produced. Other governments, most notably in the form of Paul Twoomey from Australia
and Chris Wilkinson from the EU balked at the plan and the revised plan, the green paper took out the language about creating 5 new TLDs immediately (thereby throwing each conflicted group at least one bone). At the time Mikki Barry and Kathy Kleinman suggested in Becky Burr's office that a set of global meetings take place, not to decide answers to tough problems, but to determine just where there was consensus on the various issues. This became the IFWP forum and 3 meetings were held in Reston Va., Geneva, and Singapore. There was to be a followup meeting to merge these consensus points into a framework for the new corporation that was to replace IANA. While this was happening, NSI and IANA were negotiating, and Ira Magaziner, Clinton's senior science advisor and Roger Cochetti, a VP of IBM were running around selecting a new board. The IFWP wrap up meeting never happened, it was scuttled by Mike Roberts (suspicion is high he had been told be would be president) and the vast amount of time and energy, money, hopes and aspirations that was IFWP went down the toilet - which is a real shame as it was a significant body of work. Three proposals went in to the US government to form the new corporation. The IANA/NSI proposal drafted by Joe Sims and NSI, the Boston Working Group proposal (which is where the wrap-up meeting was to have been) which was a sane version of the NSI/ICANN proposal, and the ORSC proposal which was the BWG plan with greater fiscal responsibility and an existing corporate shell. Citing popular public support for the IANA/NSI plan it was selected - but if you read the public comments on the NTIA site carefully you'll see far less support than implied and much of it was tentative, frankly. A board materialized out if thin air, selected because they didn't know anything about DNS. So what went wrong? Was the original ICANN plan flawed or were the people just the wrong choices? I suggest that if Karl Aurbach and 9 people like him has been the original board we would not now be even talking about DNS; the board appointed from in high did not represent the Internet community whatsoever and instead represented telco, government and trademark special interests. It is believed the concessions made so that foreign government supported the "green paper" was that they got to pick certain members of the board. The first big clue there was trouble was when the board missed it's deadline to define a process for their replacement and simply extended their jobs; they should have been gone over two years ago now.
So what have we learned from this? In my opinion, no group that says "we're in charge" really is; respect is earned, not asserted and I think this was the great failing of both IAHC and ICANN. So while I generally like Weinstein, Newman and Farber, I do distrust the IAB to some extent based on previous debacles like the Boston Tea party where they were thrown out for claiming OSI and not TCP/IP was the way to go. The ISOC is another non-starter, it's wanted to get it's hands on the DNS for over a decade and has been a great supporter of the authoritarian regimes of both IAHC and ICANN. The key, I believe, is not some group claiming they should be in charge or that they have all the answers - nobody does - but the good old fashioned and time proven method of Internet collaborative cooperation. And this means actually doing it, not paying lip service to it like ICANN did. Oh and cut out the 5 star hotels and first class Concorde flights.
Is this about Internet governance? No. Absolutely not. In it's most basic form this is nothing more than an institutionalized debate between Dave Crocker and Karl Denninger in 1986 taken to it's logical conclusion. But it's nothing to do with governance of the Internet. Face it, if all you do is read and write email and/or usenet news, and play on ISC or muck about on the web, you may never have heard of ICANN and it certainly has zero effect on you. This is just about new top level domains, period; the IP addresses have virtually all been handed over to the regional registries and the port allocations are handles by somebody than CAN add one to a number and write it down on a piece of paper.
But didn't ICANN break up NSI ? Nope. That was Ira Magaziners plan executed through the Department of Commerce. You don't really think NSI gave in because ICANN though it was a good idea do you? What has ICANN really done in 4 years? They've knuckled under to WIPO and given us the horribly flawed UDRP and 7 really stupid TLDs that despite $2.$M worth of scrutiny still had huge problems to the point of being dragged into court over it.
What alternative roots exist? Quite a few actually, and while on the face of it you might think this would be a problem, but face it, if you can pick up your mail and get to Yahoo! then they work, and any of them will let you do that. The differences in them are what new TLDs they publish in their root zones. I need to disclaim right away that I coordinate, with Brian Reid's help, the ORSC root, and it's generally believed to have the greatest penetration and is certainly the longest continuously operating one. The barrier to entry it low: show us working TLD servers and we'll list you. Other notable ones are the TINC root which is operated by some old time Usenet people such as Peter da Silva which has a policy of one tld per entity, which I don't like think can be made to work (the now defunct eDNS tried this and it was found to be too easily worked around), PacROOT which in my opinion swings too far the other way with their NameSlinger client - I don't think I know the proper number of TLDS any entity should operate but I do know it's not in the hundreds if not thousands; this raises anti-trust issues, and OpenNIC which is pretty good but only has a small number of new TLDs. There is also NameSpace which believes they should run all tlds. This grates against the notion of the root as a collection of independantly run TLDs in my opinion. But, it doesn't matter to me which one people use as long as they use one of them. Vote with your nameservers - it is in nobody's interest to break anything and using any of these roots will let you see all current DNS names and a whole universe of new ones although how many depends on which one you pick.
Why do we still use root servers? Now this is where it gets interesting. What if the US Government suddenly shut off the legacy root servers? 90% of the net would feel some sort of perturbation immediately especially since at least one TLD (.SE) is name-served directly from the root (not TLD!) servers as are many in-addr.arpa delegations. As the TTLs to TLD servers expired, users of the legacy root would not be able to resolve any DNS names. But, people that use other root servers would be immune to the demise of the legacy roots (modulo one of Swedens 7 .SE nameservers of course) but an even better tactic in my opinion is to primary the root zone for yourself. Then, any or all root servers could be shut off and you wouldn't notice a thing. This would leave you with one remaining problem and that is where could you get the root zone from. Your upstream might be a good place or as DJB has suggested, a cryptographically signed root zone could be posted to usenet periodically. This has the inherent advantage of being out of band of TCP/IP; that is, even a UUCP connection could inject the zone into the news stream. That's one answer to "how do you bootstrap DNS without DNS".
Do I think ORSC should be the next ICANN as the ICANNWATCH poll suggests? No and hell no! Nobody should be in charge, and given that the net and the DNS itself is edge controlled - that is, whoever has the root password to a nameserver determines what dns names exist and what don't - any model that asserts a central authority is doomed to fail. There is need for coordination, but not authority.
Vote with your nameserver; vote early and vote often.
Richard Sexton
March 19, 2002
-
Alternatives.
-
TINC!The only choice for me is The Internet Namespace Cooperative.
Download your own copy of the root cache file and you have all the functionality of the internic "root zone" and then some.
-
TINC!The only choice for me is The Internet Namespace Cooperative.
Download your own copy of the root cache file and you have all the functionality of the internic "root zone" and then some.
-
THERE IS ANOTHER, OLDER, CHEAPER .BIZ
.BIZ was first deployed by Karl Denninger around 5 years ago. I think he charged $25 or something. Karl subsequently sold MCS.NET and these days Leah Gallegos runs .BIZ. I think she charges about $6 with the idea that that's wholesale and anybody can be a "registrar" for somebody else or just grab domains for themselves. The URL is HTTP://WWW.BIZTLD.NET .
The .BIZ TLD resolves in many of the popular alternative root clusters: ORSC, TINC, PacROOT
Being outside the ICANN/US Government system means it's not subject to dangerous foolishness like the horribly flawed UDRP and silly-assed "sunrise" provision. -
Anyone can be a root domain server.TINC's long term answer to ICANN is http://www.tinc-org.com/.
Do you know who really gives ICANN its power? Paul Vixie. If He picked a different set of servers to plunk down in the default root cache file in BIND, that's what people would use. US government or no, that file is really where ICANN gets its power over the domain name system from.
-
.dot takenUnder The Internet Namespace Cooperative.dot is already taken:
;; ANSWER SECTION:
dot. 6D IN NS AARDVARK.WR.UMIST.AC.UK.
dot. 6D IN NS NS1.OP.net.
dot. 6D IN NS matterhorn.nielsen.net.
;; ADDITIONAL SECTION:
AARDVARK.WR.UMIST.AC.UK. 1d23h46m40s IN A 130.88.146.3
NS1.OP.net. 1d23h46m40s IN A 209.152.193.4
matterhorn.nielsen.net. 1d23h46m40s IN A 207.179.43.2
-
tinc is an alternative dns systemThe Internet Namespace Cooperative offers an 'alternative' root that gives a number of extra TLD's (such as
.dot and .irc) and access to the generic top level domains and country top level domains.The Internet Namespace Cooperation is run on technical cooperation instead of commerce and addition of domains into the root is on the base of a set of technical rules (mainly to ensure reliability).
I think this is the right way to create change: cooperate and offer an alternative.
-
Re:Why are we still dealing with these loosers ?
The Internet Namespace Cooperative does something similar to what you propose. They support backwards compatibility with the "official" recognized TLDs, but add a number of their own.
-
Re:What about my own root server?
Perhaps you are thinking of TINC, The Internet Namespace Cooperative. (Forgive me if that title is wrong...)
It is located at http://www.tinc-org.com/
I own the .mnet. TLD within the TINC.