Slashdot Mirror
ICANN Won't Get DNS Root Servers
daria42 writes "The US Department of Commerce has reversed its original decision on the Internet's root DNS servers, which would have eventually seen them pass into the hands of ICANN. While the original decision would have seen ICANN take full responsibility after it met a number of conditions, the new declaration means Commerce would keep that control, regardless of whether and when those conditions are met. It is possible that some countries could withdraw support from ICANN, and this decision even opens up the gate for a separate DNS system to be established outside the US's control."
ICANN'T even .tel you how bad this news is for the internet community at large. ICANN and the root dns need to Server all ties with the bush administration.
(oh god... I am a horrible person).
with the idiotic patriotic dick waving really...why is the US so afraid to cooperate with international organizations?
What is the reasoning behind this step, apart from making more money for some corporations? Is it really a viable threat that ICANN is some Al-Quaeda offspring organization?
Mod me as you like, but please think at least for a second about what i said.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
Yeah, the best step would be for ICANN and supporting countries to just donate money to set up alternative root dns servers. Redundancy never hurts, but there is the problem changing the hardcoded ips of root nameservers too (i guess it's inevitable to change those sometimes, so why not start sooner?).
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
And I want a pony.
One line blog. I hear that they're called Twitters now.
From CNN -- "US keeps control over internet computers"
From the Brits -- "US appears to affirm its authority on the internet"
From the Canadians -- "US to control internet traffic"
India -- "US won't cede monopoly on the internet"
Seems like the same story has several different headlines, and to the uniformed eye some of them in conflict (yes. I know you can make the case they're not all that different. But monopoly on the internet it isn't). It would be nice if the people writing the stories understood what a root server was. Might make for a more informed public, you know?
Check out "SarBox And The World Of Tomorrow"
Don't interact w/ a summarized article. Read the actual statement from the US government. I wish these news sites would link to their sources when they're available.
I'm not really sure what to make of this. I definitely do not think that having the root domains under control by the US government is a good idea, and I also do not think that ICAAN is really up to the task either. I wonder if it might be better to have the root domain servers be distributed throughout the world (run as non-profit organizations, with only minimal fees required to maintain the servers, and executive salaries at these orgs capped).
"Teleporting Rodents with D-Cell Battery Displacement" theory -- IgnoramusMaximus (692000)
And we should just allow people to pick and use whatever IP address they want too.
With IPv6, that may not be so far-fetched.
And I want a pony
Now that's far-fetched. We've already had this discussion...every pony I get for you dies. No more ponies until you learn some responsibility!
____
~ |rip/\/\aster /\/\onkey
Come on where's the D in DNS if we need central authority... Crypto has gone a long way since! Some authorities could sign pairs of DNS + IPs and have these distributed anywhere. For exemple I could chose to trust organization foo and bar to provide me safe a safe DNS. Requiring coincidence of two unrelated authorities would marginalize the risks of dns poisoning. The authority don't even need bandwith for that, they could be goolgle, yahoo, ibm, gnu, ms etc. As for who decides who gets a domain name, except for specific extensions (gov, countries etc) this should be open to anyone, and basically registering would simply consist in referring one's domain name to major authorities before someone else does.
\u262D = \u5350
http://www.orsn.org/
Well, that's the point - France owns .fr, but it's not a ROOT server.
.com, .fr, .gov, .uk, .org, .ru main DNS servers are located.
ROOT severs are the '.' servers, which manage where the
I see no good reason why the 13 root servers shouldn't be owned by different organisations, one of them by France, one by US, one by China, etc - because currently US Government can pull the plug on the DNS system if they wish so. You can't find something.gov.fr without going through the root servers.
You got it almost right, but it works like this:
...not the other way around. The whole thing starts with the dns servers, they are Archimedes' one (13) fixed points the whole dns revolves around.
The ISP nameserver has a huge cache with a timeout. If a record cannot be found (because it hasn't been cached before or it has been discarded because of the timeout) then it goes to resolve the domain. To resolve the domain, you actually go backwards (from a higher hierarchy to lower), thus:
root -> country level -> domain level
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
While I don't trust ICANN (a group that spends most of their money on law firms) the US has to get a clue. The US is WAY behind in IPv6 adoption (excluding the military). If the US continues to hoard its control of DNS on the IPv4 internet, and simultaneously refuses to adopt IPv6, it will get to watch while the rest of the world migrates to IPv6 and obseletes the US's authority.
Look at this in terms of China's bid to pwned Unocal. (CNOOC is *not* a company, it is a corporate-smelling arm of the Chinese government). Energy is a strategic asset. Now look at all of the credit card information stolen/lost/inappropriately xferred lately. Information is a strategic asset.
Xferring control of Root DNS servers does not necessarily lead to compromise/abuse any more than leaving your credit card lying in a bus station will necessarily lead to your account being, er, misused. Similarly, retaining control does not guarantee security, but why screw with it? Who should take up this burden--the Oil-for-food-United-Nations?
The fact is, the US created the internetworking protocols, and laid the early hardware. Much of the structure is US assets, which the whole rest of the world is free to use.
I, for one, welcome the same old overlords whom at least we [sorry y'all] can vote on. What will you do when CHINA wants to throw a "broadcast flag"-level wrench into things?
Don't trust anyone under thirty.
Everyone who thinks that beuorcrats, politics and technology go well together raise your hands... now please leave. I know the term "Bush Administration" is a trigger for blind hatred and rhetoric on par with "Microsoft", but this isn't a bad thing. The U.S. has managed these DNS servers for 25 years and has kept the process from being political. The U.S. currently has a significant ECONOMIC (forget "security") stake in ensuring that these domain servers are maintained and stable. ICANN or a world political body does not have the same motiviation. They're motivated by making a name for themselves, expanding their country's control over the Internet, retaliating against other governments for non-Internet policy decisions, etc. A solution to having a single government control such an important resource should be found in order to prevent abuse, but that solution must GUARANTEE that we are reducing the potential for abuse of the system, not increasing it.
I'd hardly call 4 in California, 4 in Virginia, 2 in Maryland, 2 in Europe and 1 in Japan "well distributed". "Clustered in a few places" would be more accurate.
Those are the logical servers. The physical servers for five of the roots have multiple locations. (But that might just be a building across town for some of them.) The Wiki claims that As a result most of the physical, rather than nominal, root servers are now outside the United States. And if it's in a Wiki, it must be true, right? ;)
One line blog. I hear that they're called Twitters now.
...perhaps it's because the "international organizations" we work with, like the UN, can't even keep their word and uphold the tenets of their own charters for things that are much more important than the root servers?
Also, no one said anything about al-Qaeda.
Except you, of course.
But the US believes that the root servers are important enough that they should be under the control and purview of the same entities that have been their stewards in some cases since the literal inception of DNS itself, rather than an organization along with international entities that may not have the same level of experience. This isn't just about "keeping machines patched" or knowing how to run a DNS box. That's the most vanishingly small part of this equation.
Also, it might help to remember that the US, along with its vast military-industrial complex, the Department of Defense and DARPA's investments into pie-in-the-sky technologies, and our massive academic research establishment are what you and the entire fucking world HAS TO THANK for the "internet", and we've already proven that we can manage the root servers and have a secure and well established network of capable contractors, so I think that, given the geometrically increasing importance of the internet to the US and its economy, you're damned straight we have a vested interest in making sure critical internet infrastructure is properly administered (and by "administered", I don't mean from a sysadmin perspective).
And while the corporations with the root server contracts make some money and might not want to see that go away, this decision is NOT for "making more money for some corporations". It's been made for the security of these critical infrastructure pieces. In our own system, we have some accountability and we know it. Even if ICANN meets the DoC-set guidelines, there are no guarantees that its capability and contingencies are better than, or even meet, the capability that already exists in the prevailing arrangement. Why ratchet back from predictability and reliability, and a known set of variables, frankly, to "please" the international community? The "internet", in general, was not an international creation. It was a US creation, the result of a lot of investment and research dollars from the exact entities that no one else would have supported. The fact that it has easily become an exceedingly open international and global tool is a testament to its creators.
I'm starting to get fed up with the anti-US dick waving on slashdot, really...
Mod me as you like, but please think at least for a second about what i said.
As unlikely as it is for me to concede that the US should still do anything for the world good... the root zone should still be run as it has been for the last couple decades. Few, infrequent changes, and very very stable. THat's what matters.
Why do other parties want control of the root zone? So they can bargain with it? Add new TLD's? Give me a break.
The root zone needs to simply run as it is, that's all.
I have long felt that the internet, while created by the US, should evolve into a complete international body. That ICANN should take over all authority of the internet. Unfortunately, this will bring the same level of difficulty as the UN has, but to a lesser degree.
I have long felt that as we evolve, (socially, and politically), the idea that all of the earth will eventually fall under one global gov't will happen. I also feel that this won't happen until long after space travel becomes a normal mundane thing. Systems like the internet, will not only help bring this, but are an essential part of this.
Keeping with that mentality, the internet needs to serve everyone's interest, and to do so, it must be controlled by an open body made up of an international representation.
In other news: US Government to rename ICANN to NOYOUCANNOT
Hmmm witty sig or funny sig? Maybe elitest techy sig!
Actually the backbone routers are far more of a liability - take down the DNS root servers and caches would keep things ticking over for a few days. Take down a couple of backbone routers and the resulting BGP storm might take down the internet...
(sorry)
Ah, arrogance and stupidity, all in the same package. How efficient of you. -- Londo Mollari
And the rest of the world doesn't?
Do you really want China, who sits on the Security Council, making decisions about the internet? Under the control of the USA, the internet has florished, under the control of the UN, it would be strangled.
Look at all the scandels that constantly plague the UN, all the corruption. And you have no say at all in anything the UN does. You want them to control the internet? This isn't dick waving, this is just common sense. If you think anyone in the international community can do a better job than the USA, please, by all means, tell us who you have in mind and why they can do a better job.
And maybe the US is afraid to 'cooperate', as you put it, because we do all the work, spend all the money, and then get screwed by those we 'cooperate' with, when they don't cooperate back. Just look at the Human Rights commission!