It's not quite that simple though. At the time NSI began wildcarding there were 13 other (cc)tlds that were wildcarding. Some (.ws I think) for about two years at that point.
Now, there was a clause in the ICANN/NSI contract that NSI had put in (since neither ICANN nor NSI had even the faintest trust in each other; fair enough, each wanted the other dead and it showed; IBM forced them to get along; but I digress) that said ICANN can't treat NSI any different than any other TLD manager, so, when ICANN got frapped for wildcarding NSI was within their rights as they had negotiated them and that ICANN had agreed to by contract. ICANN of course went back on their word... frapped sitefinder (which I found both annoying and helpful at times - a dead draw in summation) and the rest is as you describe.
NSI is a company. It had a pretty clear job to do and is accountable to it's shareholders. Buy a share and you get to vote.
ICANN is accountable to mysterious guys that move in the shadows. It's all favours and party politics and the reason the meetings are so boring is because it had all be worked out in the bar last night.
Those of you smirking right now have been to one of these things I see.
"Lets see ICANN has been doing this around for 5+ years with no problems or scandals."
Uh, cough, pull up a chair. Lesse now.
1) Ira Magaziner, President Clinton's senior science advisor tried to arbitrate the growing contraversy surrounding DNS in 1997. It was agreed There would be a summer of worldwide consulatsion to "agree on what we agreed on" and there actually was enough consensus overall the green light was given for a wrapup meeting for the commnity to draft the "newco" that would provide legal and administrative support for Postel. Behind our backs, Ira and Roger Cochetti (IBM, now Netsol) created the newco with NSI and staffed it.
Hello ICANN, goodby settled peace and the chance to run this without government involvement.
2) Out of the gate ICANN was supposed to be a membership organization immune to capture. Out of the gate it had been captured by old white guys (see 1) and to this day is not a membership organization. If it had members - they could vote. Big*cough*business has spent literally hundreds of millions in DC to prevent this from ever happening. The same three letter computer companies you loud every day they say "Linux" are responsible for this.
3) 10 years ago people, at Postel's sugestion, people began selling alternitive domain names. Common sense was used. Fast forward 6 years later, ICANN takes $50K for a TLD application, spends six months "vetting it" for "legal and technical and intellectual property considerations" then as soon as it's turned on a judge declared it an illegal lottery (see ".biz lottry declared illegal"). The $50K was for what? It's bad enough they're holding it us up but it appears they don't even pretend to do the expensive job they claim they do.
4) Legal was handled by Joes-Day who gave ICANN millions of dollars credit while augering them into the ground. Check the book. Also see Tony Rutkosski's org chart of ICANN and realize this is all to replace one guy who did this as a part time activity.
5) ICANN has changed the bylaws in the morning to exclude people from a meeting the night before - literally. It's kicked people out of meetings docuented to be "open to the public". It has a government comittee that meets in secret. One of them is now the CEO.
MI6 is more open than ICANN. (And less complicated)
6) ICANN was once sued so it's own elected director could see the books. Imagine any other corporation where a director is not entitled to see the books!
7) ICANN was created to solve the new tld problem as Postel was getting nowhere thorugh three iterations of a draft and it looked like he was about to lose control. The TM wonks got in place ans subvtered it so three years were spend dicussing IP law. The net result was the IP guys got more rights in cybespace than they had in meatspace and the net user not had less rights than in meatspace and hey, what about those new network resources we were about to implement before you stepped in and "helped us". Instead we got the lamest 7 tlds in 2000 and none since. All this beacuse we choose to use the US servers for "convenience"?
How much time ya got? We could go on about the ICANN budget. Postel got $30 to do things, ICANN gets $15M/Y to stall and do nothing. How bout the theft of the NSF intellectual infrastructure fund by an ICANN CEO? How about paying poeple off with tlds and root servers? Expense accounts, junkets, five star hotels?
It is and always was, a tool for big business and governments. And will be as long as you let it be. Primary the root for yourself, that's the first step toward independance. Or not. Cotinue to suck the tit of Mr's Bushe's nameservers rather than trust your own. Silly.
"On the other hand, if everyone set up their own root servers DNS would break. There HAS to be top-level root servers in order for DNS to work properly. If everyone didn't use the same root servers, dns would be ambiguous and thus worthless."
Not really. Let's look at the simplest case; the analogy holds for all other domains.
For you and I to have sync'd up root zones free of a central controlling authority is for us to agree that 2).COM exists and 2) What nameservers serve up.COM.
How tough is that? Keep in mind if you ask any nameserver "where are the nameservers for.com"... it tells you!
Some people download the.com zone and use it as a local, not network resource. That speeds things up a bit in some cases. But you need some seriously significant machine resources to do this.
Now, the goog has the resources to cache the entire domain tree, from "." down to your latest subdomain, and Jim Fleming has speculated that they hired ex ICANN CEO Darth Cerf to head up Googles brand of DNS when the split comes, while others speculate they hired him to prove Google hires old people to fix the Brian Reid lawsuit. They could both be right I guess.
Anyway, we've become very lazy and complacent with regards to DNS; we have the same config now that was in use 20 years ago: "lets just use the US run servers to get the root zone data".
"That's one way to look at it. Another way is that the UN is desperately trying to puff up its own importance in the face of growing scandals and ineffectiveness."
Bingo. Please understand that this is an ITU initiative, the UN could care less; the ITU is a UN chartered treaty organization; in some sense the two can be and are intermingled in word.
The ITU used to coordinate telephone line voltages so you could call Botswana from Siberia and it would work. They also coordinate radio and satellite spectrum.
The problem is, they don't coordinate anything in the internet. They don't like that and badly seek relevance in a post-POTS (plain old telephone service) internet era. Go find and read Carl Malamud's tome in this area: "Exploring the Internet" to read how the ITU blocked the internet for years and pay special attenction to one Robert Shaw in the book and in the formative IAHC/ICANN era.
Remember it was the ITU (+ WIPO + ISOC) that got their bums spanked by the US for making a run at controlling the DNS with the ill-thought out "IAHC" scandal. It's the same people running around behind the scenes folks. Like the cockroaches they are, they thrive in darkness and secrecy. The only thing that's open is their wallets.
Now, why is it you care whether it's a corrupt bunch of euros or a pack of demented fundies in the US? You don't.
Have fun kids. A domain is a domain is a domain. They all act the same at all levels. Just declare yourself primary for . (dot).
If you do this the goverments and treaty organizations of the world now have less control over your computer, and you're immune from root server meltdowns or poitical chaos. I guess you could say you're trading politcal stability for technical stability.
About the only thing that has not changed in 10 years of DNS scuffles is the FTP server at internic.net. That handy little bugger just keeps on serving...
Of course in the interests of "stability" all governments will strongly urge you not to do this. Keep in mind whenever a government invades another territory it always says it is for "stability". That's really what they say. Check for yourself.
Question everything, follow the money and vote with your nameserver.
"However, it's unclear to me whether DoC can actually halt ICANN introducing.xxx, or whether ICANN is merely being courteous. Whenever I read commentary on the topic, they usually say that DoC blocked.xxx, but when I read news reports, they always talk in more nebulous terms that suggest that DoC is acting in an advisory capacity. Which is it?"
The DoC controls the root, ICANN just makes suggestions for changes. (Very) occasionally.
Control of the root was handed off by the NSF to the DoC duing the time of the interagency domain name meetings where the NSF, DOC, FBI, CIA and 9 other government departments met to decide what to do with this now hot potato. As an NSF staffer told me, "DOC thought they had all the answers while we all giggled so we let them have it".
ICANN is supposed to have authority over the root, but for the past 4 (5?) years Commerce has said "uh, not yet".
"Well, I got mine at internic.com and they were charging heavy surcharges over the internic.net fees. Either way, there was a complete lack of options at the time and not many people, including myself, knew better."
Ok, so you paid 10X too much cause you didn't do your homework.
NSI knew about internic.com but couldn't do anything about it. It was legal. Sleazy, but legal.
None of this has to do with the UN or US administration of network identifiers of course.
(Internic.com was a typoscam that didn't last. The NSF transferred the trademark to "Internic" (coined by Susan Estrada while at General Atomics, part of the RS/DS/IS contract NSI and NSF had) to NSI which (finally) let them enforce their IP rights which led to, if memory serves, an FTC complaint; they shut down internic.com for confusing the consumer, which is of course the intent of trademaek law - consumer, NOT PRODUCER, protection.)
"Unfortunately, I fear that educating the american public about this issue"
Pardon the rant but I've been involved in this fiasco for 10 years now; statements like the above incite the cynic in me to retort "American public hell, it's taken 5 years just to get the/. crowd to wake up to this".
But as long as you're awake, here's the bit you've missed: It doesn't fucking matter if the US or UN does it.
Think about it. What do you get from the root zone exactly? The names of the tlds in the root and where the nameservers are for that tld.
And your happy to outsource this component of DNS nameservice to some government (like it matter one whit which one) ?
And how hard is it exactly to keep track of the nameservers for com? They do after all, change one of two nameservers every 5 years or so, so currrency is an issue, albeit NOT A HUGE ONE.
Keep saying to yourself: "I don't know where those pesky.COM nameservers are unless a government tells me".
Then primary the root for yourself, so if/when the legacy root servers fall over/split, you won't care. Or notice. Ever.
"Do you dream of $500 domain names? Cause that's what I paid for my first one."
To be fair you should point out that $500 is over ten years.
When the FNCAC advised the NSF in 1996 to tell its contractor NSI to begin charging for domain registration (because of the spike in registration activity caused by the Wired article about domainz) it was $50/yr for existing registrations and two years in advance for new registrations.
Isn't there some decent way to easily turn paper into insulation? All the cellulose stuff is, I'm led to believe, is paper that has some sodium silicate added to retard fire.
One thing we're doing here is not throwing out bubble wrap and shipping foam. Instead we're insulating atttic space with it, bit at a time. You can never have too much and damn you get a lot if you buy computer stuff off ebay.
Has anybody here made their own SIP's by urethane gluing OSB to pink foam boards?
"While a good idea, you have to remember that the folks lobbying for an.xxx domain are doing so precisely so they can tell the rest of us how to think, and speak, and act. "
An intersting hypothesis, but factually incorrect.
DNS is just a way to find computers on the network. it is not a mind control protocol. If you think otherwise, raise my arm.
The creation of a new network resource does nor force anybody to do anything. Presumably some people will want to buy.xxx names and appreciate the option.
What exactly is wrong with that? Choices are good, no? In other words, should we listen to YOU instead of THEM? Or are we all grown ups that can decide and act for ourselves, making choices as we se fit?
"The real reason that the US government asked for postponement of the.xxx domain is because some lawmaker realized at the last minute that instituting a.xxx domain specifically for adult content effectively legitimizes it."
Nonsense. Cark Rove needed to get a religious group off his back by doing them a favour. Rather than delve into the stem cell issue or any of the other thorny problems on their shopping list, he glanced at their "stop.xxx" request, he made a phone call, and.xxx was stalled.
The whitehouse doesn't legitimize porn, the supremes do.
And it doesn't legitimize porn, it migtates it away from.com. Follow the money there boys and girls.
This is why it's bad to use the legacy root servers. Consider this: say in once scenario eveybody primaried the root zone for themselves; everybody was their own root server, that is they declare themselves authoritative for the "." root zone. Now their comnputer knows where all the tld servers are and can find the.com servers easily, and it caches them. (The root zone doesn't change very much at all) and so on and so forth. Notice there's no latency while you query the root servers to find where the nameservers for.com or.us are. This information is local to you now.
Under this scenario, how would the US government block a tld it didn't like? It can not. Nor can any government.
Under the current scenario, if thew USG shut off the legacy root servers (which it *can do* and no argument to the contrary changes this fact) the internet goes away, worldwide.
Before DNS was invented, everybody downloaded the "hosts.txt" file and your computer in that day knew the names and addresses of all the other computers on the network.
When DNS was invented, the notion of your own compter doing your own nameservice was absurd - about 5 guys worldwide had working nameserver code, so it was a great convenience that DARPA ran a half dozen nameservers that resolved the root and everythings else. And it was great that the NSF paid for these servers, deployed at the most robust points around the network. Through 20 years of sheer laziness and lack of innovation (with a good measure of subterfuge, graft and greed thrown in) we still, for some reason not well understood by me, rely on those 13 IP addresses for all names. Biz-zarre. It's *convenient*.
But, as a citizen of a country not the US I think now the convenience of the US controlled root servers is somewhat diminished.
"How did this ever even become a controversy? Isn't the internet as we know it an outgrowth and result of DARPA work? And didn't the internet essentially grow from those efforts and work?"
Yes, and the old Mercedes in my driveway owes a lot to Henry Ford, but you'll note Daimler bought Chrysler not the other way around; Detroit doesn't get to tell Stuttgart what to do just because mass production was invented in Detroit.
Now, what do you think your average German will do when Germany itself suggests a different root cache (that despite the FUD, doesn't give you a different answer for the same domain) ?
Note that this bill is sponsored by the representatives from the states that ICANN and Netsol reside in.
At some point it will all come to a head and either the US congress or the UN will prevail as being "in charge". In the former case, nothing happens.
In the unlikely event of the latter case, the ICANNites simply flock around the UN, cut deals and all of a sudden the UN is in charge of the same people that run ICANN now, not Congress.
Recall in the ICANNites first run at this (IAHC) they had ICANN being run as a Swiss article 90 corporation in Geneva. ICANNN does, I believe, own a Geneva office.
Recall also the USG is currently blocking ICANN's moves (.xxx would have gone into the legacy root by now if it were not, literally, for Carl Rove).
In that article, he statede that the ICANN is not running things smoothly. How exactly are they not"
They aren't awake often enough. Like during their meetings. I am not making this up. They're also capricous, arbitrary, non-transparent, non-open, in contradiction to all the priciples they claim to have and wre told to have bu the USG.
To cite one example, the only technical person elected to the ICANN board (who also posted earlier in this thread) had to sue to the see the books of a corporation he was elected director of. I was nomincated to some position and they simpy said "no" and changed the bylaws the next day to make it "legal".
In short, they're power hungry assholes. Now, lots of people will probably tell you I'm an asshole too, and they may be right.
Currently, trademark owners have more rights in cyberspace than in the courts. The downside of this is, currently, domain name holders have less rights than they'd have in court.
For one thing, trademark owners cannot lobby courts with tens of millions of dolars a year per like they can the DOC or fledgling startup internet regulatory bodies.
At some point, some US judge someplace is going to defer to a WIPO decision, and at that point, bang, it's done. Some private contract through Geneve just trumped the law of a soverign nation in it's own country.
But, if you think you can do anything what a name "as long as I'm not in the same class of goods or service" then go register viacom or kodak, and read up on famous marks.
Loons? There are some odd personalities to be sure, but a loon, to me, is somebody that bitches about a free service. I haven't used the legacy root servers since 1996 yet somehow I still get my email. Do you need technical support? Tried the phone?
Keep in mind ICANN has millions if not tens of millions of $ to run the root. The half dozen alt.root clusters around have been doing this for almsot 10 years for nothing. Ironic when you consider we were accused back then of "doing this for the money". The money game is clearly in the ICANN arena, not in attempts to carry out Jon Postels vision for a 500 channel internet universe.
"Transfer.com,.org, and.edu management to some sort of NGO"
.org already is.
.com and.net have a nicer whois.
At the end of the day in all practical terms all this comes down to is "who gets the money", and one point of view has it you can buy shares in a publically traded corporation and have have standing (in the legal sense). Try that with a non-membership NGO (like, say, ICANN).
Any plan that changes the nature of.com is doomed to failure. Netsol runs it and always will. Get over it. It's too late to take the names off the license plates.
Forge new territory.
Look at it in this perspective: in 1986 a guy in California invents a better way to name hosts on a military communicaitons network that's been used by around 100 poeple for 10 years.
Now as a Brit living in Canada I expect to have some say in this? Hey, I don't think so eh? China? Pardon me while I giggle uncontrollably.
More to the point, the actual NETWORK was very explicitly handed off from the government to the private sector and done very skilfully by Steve Wolff. He simply *forgot* to do this to the DNS, too. Oopsie.
So, it remains a service provided by the US government and its contractors.
"Second, how hard would it be to keep the search engines in line? Just require that they list only results from places with valid domain names or they lose their DNS entry."
If you have one IP you may have the reverse domain to it. You can make subdomains of that in a pinch.:-)
But honestly, worrying about the DNS is futile. As long as you have your root password you don't care what they do in Geneva, New York or Marina del Rey, for the Internet is edge controlled and has no actual central authority. ICANN manages a list of name that goes in one server and is replicated. Make your own copy for crissakes. Then, all the root servers could fall over or burst into flames and you would't even notice. The TLD servers are important. The root servers really are not; you can replace them in less than five minutes by declaring yourself authoritative for ".".
" If you're connecting directly to the root servers you're contributing to their unneccesary overload and bypassing the heirarchal nature of the DNS system."
That's rather long winded but the bottom line is DJBDNS will not believe any answers that don't come from the corect servers. BIND is a whore and will believe anything, even out of balliwick answers. Big problem. Well understoood for a long time.
The technique you describe above is how EK stole the internic.net domain a decade or so ago. He sent you mail, which bounced, your machine looked up up his MX record by asking his server to return the bounce, and got wrong internic.net A records when it did. Bang, there goes the internic.
"1. It's not Free Software. That makes it useless for many people, either ideologically or practically.
2. It doesn't support IXFR. For many people (read: anyone who can't or doesn't want to run rsync, and people who don't control their peer servers), that takes it completely out of the running. Full stop. End of story."
1) In pracitcal terms - you have the source (and will never need it). This is a non starter.
2) So use DJB-AXFR. Duh.
I've yet to see some "BIND-only" situation that was a problem DJB could not solve, just a lot of people who've never tried real hard to really understand Bernstein's suite of tools.
"If he gave two shit about OTHER PEOPLE he'd spend more time making the tools [not just djdns but his crypto code] actually easy to work with.
I mean it's a DNS server. I don't understand the big guffaw about it. Respond to requests on port TCP:53... not exactly hard."
Having used both extensively I'd say while BIND4 is a little bit easer to set up, TINYDNS (the authoritative DNS server in the DJBDNS suite) is easier than BIND8 or 9 to set up and (MUCH) easier to work with in a production environment.
The first time I set it up it took me about 2 days. These days I can get one up in 5 minutes.
I wrote up this to make it a little easier, please let me know of any suggestions for improvements:
Slashdot Mirror
It's not quite that simple though. At the time NSI began wildcarding there were 13 other (cc)tlds that were wildcarding. Some (.ws I think) for about two years at that point.
Now, there was a clause in the ICANN/NSI contract that NSI had put in (since neither ICANN nor NSI had even the faintest trust in each other; fair enough, each wanted the other dead and it showed; IBM forced them to get along; but I digress) that said ICANN can't treat NSI any different than any other TLD manager, so, when ICANN got frapped for wildcarding NSI was within their rights as they had negotiated them and that ICANN had agreed to by contract. ICANN of course went back on their word... frapped sitefinder (which I found both annoying and helpful at times - a dead draw in summation) and the rest is as you describe.
NSI is a company. It had a pretty clear job to do and is accountable to it's shareholders. Buy a share and you get to vote.
ICANN is accountable to mysterious guys that move in the shadows. It's all favours and party politics and the reason the meetings are so boring is because it had all be worked out in the bar last night.
Those of you smirking right now have been to one of these things I see.
"Lets see ICANN has been doing this around for 5+ years with no problems or scandals."
Uh, cough, pull up a chair. Lesse now.
1) Ira Magaziner, President Clinton's senior science advisor tried to arbitrate the growing contraversy surrounding DNS in 1997. It was agreed There would be a summer of worldwide consulatsion to "agree on what we agreed on" and there actually was enough consensus overall the green light was given for a wrapup meeting for the commnity to draft the "newco" that would provide legal and administrative support for Postel. Behind our backs, Ira and Roger Cochetti (IBM, now Netsol) created the newco with NSI and staffed it.
Hello ICANN, goodby settled peace and the chance to run this without government involvement.
2) Out of the gate ICANN was supposed to be a membership organization immune to capture. Out of the gate it had been captured by old white guys (see 1) and to this day is not a membership organization. If it had members - they could vote. Big*cough*business has spent literally hundreds of millions in DC to prevent this from ever happening. The same three letter computer companies you loud every day they say "Linux" are responsible for this.
3) 10 years ago people, at Postel's sugestion, people began selling alternitive domain names. Common sense was used. Fast forward 6 years later, ICANN takes $50K for a TLD application, spends six months "vetting it" for "legal and technical and intellectual property considerations" then as soon as it's turned on a judge declared it an illegal lottery (see ".biz lottry declared illegal"). The $50K was for what? It's bad enough they're holding it us up but it appears they don't even pretend to do the expensive job they claim they do.
4) Legal was handled by Joes-Day who gave ICANN millions of dollars credit while augering them into the ground. Check the book. Also see Tony Rutkosski's org chart of ICANN and realize this is all to replace one guy who did this as a part time activity.
5) ICANN has changed the bylaws in the morning to exclude people from a meeting the night before - literally. It's kicked people out of meetings docuented to be "open to the public". It has a government comittee that meets in secret. One of them is now the CEO.
MI6 is more open than ICANN. (And less complicated)
6) ICANN was once sued so it's own elected director could see the books. Imagine any other corporation where a director is not entitled to see the books!
7) ICANN was created to solve the new tld problem as Postel was getting nowhere thorugh three iterations of a draft and it looked like he was about to lose control. The TM wonks got in place ans subvtered it so three years were spend dicussing IP law. The net result was the IP guys got more rights in cybespace than they had in meatspace and the net user not had less rights than in meatspace and hey, what about those new network resources we were about to implement before you stepped in and "helped us". Instead we got the lamest 7 tlds in 2000 and none since.
All this beacuse we choose to use the US servers for "convenience"?
How much time ya got? We could go on about the ICANN budget. Postel got $30 to do things, ICANN gets $15M/Y to stall and do nothing. How bout the theft of the NSF intellectual infrastructure fund by an ICANN CEO? How about paying poeple off with tlds and root servers? Expense accounts, junkets, five star hotels?
It is and always was, a tool for big business and governments. And will be as long as you let it be. Primary the root for yourself, that's the first step toward independance. Or not. Cotinue to suck the tit of Mr's Bushe's nameservers rather than trust your own. Silly.
"On the other hand, if everyone set up their own root servers DNS would break. There HAS to be top-level root servers in order for DNS to work properly. If everyone didn't use the same root servers, dns would be ambiguous and thus worthless."
.COM exists and 2) What nameservers serve up .COM.
.com"... it tells you!
.com zone and use it as a local, not network resource. That speeds things up a bit in some cases. But you need some seriously significant machine resources to do this.
Not really. Let's look at the simplest case; the analogy holds for all other domains.
For you and I to have sync'd up root zones free of a central controlling authority is for us to agree that 2)
How tough is that? Keep in mind if you ask any nameserver "where are the nameservers for
Some people download the
Now, the goog has the resources to cache the entire domain tree, from "." down to your latest subdomain, and Jim Fleming has speculated that they hired ex ICANN CEO Darth Cerf to head up Googles brand of DNS when the split comes, while others speculate they hired him to prove Google hires old people to fix the Brian Reid lawsuit. They could both be right I guess.
Anyway, we've become very lazy and complacent with regards to DNS; we have the same config now that was in use 20 years ago: "lets just use the US run servers to get the root zone data".
Hey, let's not.
"That's one way to look at it. Another way is that the UN is desperately trying to puff up its own importance in the face of growing scandals and ineffectiveness."
Bingo. Please understand that this is an ITU initiative, the UN could care less; the ITU is a UN chartered treaty organization; in some sense the two can be and are intermingled in word.
The ITU used to coordinate telephone line voltages so you could call Botswana from Siberia and it would work. They also coordinate radio and satellite spectrum.
The problem is, they don't coordinate anything in the internet. They don't like that and badly seek relevance in a post-POTS (plain old telephone service) internet era. Go find and read Carl Malamud's tome in this area: "Exploring the Internet" to read how the ITU blocked the internet for years and pay special attenction to one Robert Shaw in the book and in the formative IAHC/ICANN era.
Remember it was the ITU (+ WIPO + ISOC) that got their bums spanked by the US for making a run at controlling the DNS with the ill-thought out "IAHC" scandal. It's the same people running around behind the scenes folks. Like the cockroaches they are, they thrive in darkness and secrecy. The only thing that's open is their wallets.
Now, why is it you care whether it's a corrupt bunch of euros or a pack of demented fundies in the US? You don't.
Here's what they're fighting over:
ftp://internic.net/domain/root.zone.gz
Have fun kids. A domain is a domain is a domain. They all act the same at all levels. Just declare yourself primary for . (dot).
If you do this the goverments and treaty organizations of the world now have less control over your computer, and you're immune from root server meltdowns or poitical chaos. I guess you could say you're trading politcal stability for technical stability.
About the only thing that has not changed in 10 years of DNS scuffles is the FTP server at internic.net. That handy little bugger just keeps on serving...
Of course in the interests of "stability" all governments will strongly urge you not to do this. Keep in mind whenever a government invades another territory it always says it is for "stability". That's really what they say. Check for yourself.
Question everything, follow the money and vote with your nameserver.
"However, it's unclear to me whether DoC can actually halt ICANN introducing .xxx, or whether ICANN is merely being courteous. Whenever I read commentary on the topic, they usually say that DoC blocked .xxx, but when I read news reports, they always talk in more nebulous terms that suggest that DoC is acting in an advisory capacity. Which is it?"
The DoC controls the root, ICANN just makes suggestions for changes. (Very) occasionally.
Control of the root was handed off by the NSF to the DoC duing the time of the interagency domain name meetings where the NSF, DOC, FBI, CIA and 9 other government departments met to decide what to do with this now hot potato. As an NSF staffer told me, "DOC thought they had all the answers while we all giggled so we let them have it".
ICANN is supposed to have authority over the root, but for the past 4 (5?) years Commerce has said "uh, not yet".
"Well, I got mine at internic.com and they were charging heavy surcharges over the internic.net fees. Either way, there was a complete lack of options at the time and not many people, including myself, knew better."
Ok, so you paid 10X too much cause you didn't do your homework.
NSI knew about internic.com but couldn't do anything about it. It was legal. Sleazy, but legal.
None of this has to do with the UN or US administration of network identifiers of course.
(Internic.com was a typoscam that didn't last. The NSF transferred the trademark to "Internic" (coined by Susan Estrada while at General Atomics, part of the RS/DS/IS contract NSI and NSF had) to NSI which (finally) let them enforce their IP rights which led to, if memory serves, an FTC complaint; they shut down internic.com for confusing the consumer, which is of course the intent of trademaek law - consumer, NOT PRODUCER, protection.)
"Unfortunately, I fear that educating the american public about this issue"
/. crowd to wake up to this".
.COM nameservers are unless a government tells me".
Pardon the rant but I've been involved in this fiasco for 10 years now; statements like the above incite the cynic in me to retort "American public hell, it's taken 5 years just to get the
But as long as you're awake, here's the bit you've missed: It doesn't fucking matter if the US or UN does it.
Think about it. What do you get from the root zone exactly? The names of the tlds in the root and where the nameservers are for that tld.
And your happy to outsource this component of DNS nameservice to some government (like it matter one whit which one) ?
And how hard is it exactly to keep track of the nameservers for com? They do after all, change one of two nameservers every 5 years or so, so currrency is an issue, albeit NOT A HUGE ONE.
Keep saying to yourself: "I don't know where those pesky
Then primary the root for yourself, so if/when the legacy root servers fall over/split, you won't care. Or notice. Ever.
"Do you dream of $500 domain names? Cause that's what I paid for my first one."
To be fair you should point out that $500 is over ten years.
When the FNCAC advised the NSF in 1996 to tell its contractor NSI to begin charging for domain registration (because of the spike in registration activity caused by the Wired article about domainz) it was $50/yr for existing registrations and two years in advance for new registrations.
Isn't there some decent way to easily turn paper into insulation? All the cellulose stuff is, I'm led to believe, is paper that has some sodium silicate added to retard fire.
One thing we're doing here is not throwing out bubble wrap and shipping foam. Instead we're insulating atttic space with it, bit at a time. You can never have too much and damn you get a lot if you buy computer stuff off ebay.
Has anybody here made their own SIP's by urethane gluing OSB to pink foam boards?
"While a good idea, you have to remember that the folks lobbying for an .xxx domain are doing so precisely so they can tell the rest of us how to think, and speak, and act. "
.xxx names and appreciate the option.
An intersting hypothesis, but factually incorrect.
DNS is just a way to find computers on the network. it is not a mind control protocol. If you think otherwise, raise my arm.
The creation of a new network resource does nor force anybody to do anything. Presumably some people will want to buy
What exactly is wrong with that? Choices are good, no? In other words, should we listen to YOU instead of THEM? Or are we all grown ups that can decide and act for ourselves, making choices as we se fit?
"The real reason that the US government asked for postponement of the
Nonsense. Cark Rove needed to get a religious group off his back by doing them a favour. Rather than delve into the stem cell issue or any of the other thorny problems on their shopping list, he glanced at their "stop
The whitehouse doesn't legitimize porn, the supremes do.
And it doesn't legitimize porn, it migtates it away from
This is why it's bad to use the legacy root servers. Consider this: say in once scenario eveybody primaried the root zone for themselves; everybody was their own root server, that is they declare themselves authoritative for the "." root zone. Now their comnputer knows where all the tld servers are and can find the
Under this scenario, how would the US government block a tld it didn't like? It can not. Nor can any government.
Under the current scenario, if thew USG shut off the legacy root servers (which it *can do* and no argument to the contrary changes this fact) the internet goes away, worldwide.
Before DNS was invented, everybody downloaded the "hosts.txt" file and your computer in that day knew the names and addresses of all the other computers on the network.
When DNS was invented, the notion of your own compter doing your own nameservice was absurd - about 5 guys worldwide had working nameserver code, so it was a great convenience that DARPA ran a half dozen nameservers that resolved the root and everythings else. And it was great that the NSF paid for these servers, deployed at the most robust points around the network. Through 20 years of sheer laziness and lack of innovation (with a good measure of subterfuge, graft and greed thrown in) we still, for some reason not well understood by me, rely on those 13 IP addresses for all names. Biz-zarre. It's *convenient*.
But, as a citizen of a country not the US I think now the convenience of the US controlled root servers is somewhat diminished.
"How did this ever even become a controversy? Isn't the internet as we know it an outgrowth and result of DARPA work? And didn't the internet essentially grow from those efforts and work?"
Yes, and the old Mercedes in my driveway owes a lot to Henry Ford, but you'll note Daimler bought Chrysler not the other way around; Detroit doesn't get to tell Stuttgart what to do just because mass production was invented in Detroit.
Now, what do you think your average German will do when Germany itself suggests a different root cache (that despite the FUD, doesn't give you a different answer for the same domain) ?
Note that this bill is sponsored by the representatives from the states that ICANN and Netsol reside in.
At some point it will all come to a head and either the US congress or the UN will prevail as being "in charge". In the former case, nothing happens.
In the unlikely event of the latter case, the ICANNites simply flock around the UN, cut deals and all of a sudden the UN is in charge of the same people that run ICANN now, not Congress.
Recall in the ICANNites first run at this (IAHC) they had ICANN being run as a Swiss article 90 corporation in Geneva. ICANNN does, I believe, own a Geneva office.
Recall also the USG is currently blocking ICANN's moves (.xxx would have gone into the legacy root by now if it were not, literally, for Carl Rove).
"Find me one company that used its money to maintain a virtual monopoly without government's help."
Microsoft?
(A more scholarly answer might be Brown Shoe)
In that article, he statede that the ICANN is not running things smoothly. How exactly are they not"
They aren't awake often enough. Like during their meetings. I am not making this up. They're also capricous, arbitrary, non-transparent, non-open, in contradiction to all the priciples they claim to have and wre told to have bu the USG.
To cite one example, the only technical person elected to the ICANN board (who also posted earlier in this thread) had to sue to the see the books of a corporation he was elected director of. I was nomincated to some position and they simpy said "no" and changed the bylaws the next day to make it "legal".
In short, they're power hungry assholes. Now, lots of people will probably tell you I'm an asshole too, and they may be right.
But I can't be bought.
Currently, trademark owners have more rights in cyberspace than in the courts. The downside of this is, currently, domain name holders have less rights than they'd have in court.
For one thing, trademark owners cannot lobby courts with tens of millions of dolars a year per like they can the DOC or fledgling startup internet regulatory bodies.
At some point, some US judge someplace is going to defer to a WIPO decision, and at that point, bang, it's done. Some private contract through Geneve just trumped the law of a soverign nation in it's own country.
But, if you think you can do anything what a name "as long as I'm not in the same class of goods or service" then go register viacom or kodak, and read up on famous marks.
Loons? There are some odd personalities to be sure, but a loon, to me, is somebody that bitches about a free service. I haven't used the legacy root servers since 1996 yet somehow I still get my email. Do you need technical support? Tried the phone?
.com name.
Keep in mind ICANN has millions if not tens of millions of $ to run the root. The half dozen alt.root clusters around have been doing this for almsot 10 years for nothing. Ironic when you consider we were accused back then of "doing this for the money". The money game is clearly in the ICANN arena, not in attempts to carry out Jon Postels vision for a 500 channel internet universe.
Enjoy your
At the end of the day in all practical terms all this comes down to is "who gets the money", and one point of view has it you can buy shares in a publically traded corporation and have have standing (in the legal sense). Try that with a non-membership NGO (like, say, ICANN).
Any plan that changes the nature of .com is doomed to failure. Netsol runs it and always will. Get over it. It's too late to take the names off the license plates.
Forge new territory.
Look at it in this perspective: in 1986 a guy in California invents a better way to name hosts on a military communicaitons network that's been used by around 100 poeple for 10 years.
Now as a Brit living in Canada I expect to have some say in this? Hey, I don't think so eh? China? Pardon me while I giggle uncontrollably.
More to the point, the actual NETWORK was very explicitly handed off from the government to the private sector and done very skilfully by Steve Wolff. He simply *forgot* to do this to the DNS, too. Oopsie.
So, it remains a service provided by the US government and its contractors.
If you don't like it, don't use it.
"Second, how hard would it be to keep the search engines in line? Just require that they list only results from places with valid domain names or they lose their DNS entry."
:-)
If you have one IP you may have the reverse domain to it. You can make subdomains of that in a pinch.
But honestly, worrying about the DNS is futile. As long as you have your root password you don't care what they do in Geneva, New York or Marina del Rey, for the Internet is edge controlled and has no actual central authority. ICANN manages a list of name that goes in one server and is replicated. Make your own copy for crissakes. Then, all the root servers could fall over or burst into flames and you would't even notice. The TLD servers are important. The root servers really are not; you can replace them in less than five minutes by declaring yourself authoritative for ".".
They're doing a fair bit of technical recuiting. Does this mean with the right skillset I get a double-zero number?
" If you're connecting directly to the root servers you're contributing to their unneccesary overload and bypassing the heirarchal nature of the DNS system."
Primary the root for yourself. Duh. Double duh.
[parent deleted]
That's rather long winded but the bottom line is DJBDNS will not believe any answers that don't come from the corect servers. BIND is a whore and will believe anything, even out of balliwick answers. Big problem. Well understoood for a long time.
The technique you describe above is how EK stole the internic.net domain a decade or so ago. He sent you mail, which bounced, your machine looked up up his MX record by asking his server to return the bounce, and got wrong internic.net A records when it did. Bang, there goes the internic.
Cute huh?
"1. It's not Free Software. That makes it useless for many people, either ideologically or practically.
2. It doesn't support IXFR. For many people (read: anyone who can't or doesn't want to run rsync, and people who don't control their peer servers), that takes it completely out of the running. Full stop. End of story."
1) In pracitcal terms - you have the source (and will never need it). This is a non starter.
2) So use DJB-AXFR. Duh.
I've yet to see some "BIND-only" situation that was a problem DJB could not solve, just a lot of people who've never tried real hard to really understand Bernstein's suite of tools.
"So if you screw up your TTL or serial no on the zone files - this is it."
That'a why there's instructions on the DJBDNS site to fix this. (You wrap around the serial, duh).
Even without the almost daiy BIND bugs, there's no reason to use it, ever.
"If he gave two shit about OTHER PEOPLE he'd spend more time making the tools [not just djdns but his crypto code] actually easy to work with.
... not exactly hard."
I mean it's a DNS server. I don't understand the big guffaw about it. Respond to requests on port TCP:53
Having used both extensively I'd say while BIND4 is a little bit easer to set up, TINYDNS (the authoritative DNS server in the DJBDNS suite) is easier than BIND8 or 9 to set up and (MUCH) easier to work with in a production environment.
The first time I set it up it took me about 2 days. These days I can get one up in 5 minutes.
I wrote up this to make it a little easier, please let me know of any suggestions for improvements:
http://dumpbind.vrx.net.
DJB's zero security problems compared to the hundreds if not thousands for BIND is a fairly compelling argument in my mind.