with my compliments<br><br><a href="http://joebaptista.wordpress.com/2009/06/24/u-s-doc-ssac-says-dns-redirections-a-no-no/">http://joebaptista.wordpress.com/2009/06/24/u-s-doc-ssac-says-dns-redirections-a-no-no/</a><br clear="all">
<br><h2><a href="http://joebaptista.wordpress.com/2009/06/24/u-s-doc-ssac-says-dns-redirections-a-no-no/">U.S. DoC SSAC says DNS redirections a no no.</a></h2>
<p class="info">
<em class="date">June 24, 2009</em><span class="editlink"></span> </p>
<div class="snap_preview"><div class="wp-caption alignleft" style="width: 136px;"><img title="Joe Baptista" src="http://www.cynikal.net/users/baptista/images/joe_baptista_den_haag.jpg" alt="Joe Baptista says Dont Panic ... SSAC is a joke." height="203" width="126"><p class="wp-caption-text">
Joe Baptista says Don't Panic ... SSAC is a joke.</p></div>
<p><strong>This is serious stuff folks! Do we Internet users trust the U.S. government with the keys to our computers? I don’t! <a title="Poll U.S.control of Internet" href="http://answers.polldaddy.com/poll/1732779/">CLICK to VOTE</a>.<br>
</strong></p>
<p><em>A review of a <a href="http://www.icann.org/en/committees/security/sac041.pdf">report</a> published June 10 2009 from the Security and Stability Advisory Committee (SSAC), a U.S. government contractor. </em></p>
<p>SSAC a committee of the Internet Corporation for Assigned Names and
Numbers (ICANN), the government contractor who runs most of the planets
Internet on behalf of the U.S., in a recent report claims that DNS
redirections present a potential security risk. It further claimed the
practice could result in an “erosion of trust relationships and the
creation of new opportunities for malicious attack”. The report
recommends that ICANN “prohibit the use of redirection and synthesized
responses by new TLDs”.</p>
<p>The claim is nonsense and self serving. DNS redirection does not
pose a security risk to the Internet. It solves a number of technical
issues related to traffic and is an excellent marketing tool for
Internet service providers and Top-Level Domain (TLD) operators.</p>
<p>I think the report is self serving because the sole justification
for this report is found in the claim that the practice, extensively
used by service providers and TLD operators, is an “erosion of trust
relationships”. The only trust being eroded is ICANN’s ability to
control the Internet.</p>
<p>The “erosion of trust” reference is in fact ICANN speak to make all
of us compliant with DNSSEC (Domain Name System Security Extensions).
DNSSEC does not work under DNS redirection.</p>
<div class="wp-caption alignleft" style="width: 142px;"><img src="http://tbn1.google.com/images?q=tbn:PW1BrmRsimuTxM:http://blogcdn.webridestv.com/wp-content/uploads/2009/01/uncle-sam.png" alt="DNSSEC = CONTROL" height="156" width="132"><p class="wp-caption-text">
DNSSEC = CONTROL</p></div>
<p>DNSSEC is an evil protocol who’s sole purpose is to reverse engineer
the Internet and take over control of a core process. In short ICANN an
agency of the U.S. Government wants to hold the keys to your computer.
DNSSEC forces any computer using the protocol to trust Uncle Sam. Are
you ready for that. I’m not.</p>
<p>Top level domain (TLD) operators are increasingly adopting the
practice of redirecting queries for inactive domains to their own
pages. This solve a big problem some operators have. The constant
traffic at TLD servers for dead domains. It also is a marketing
opportunity and a means of generating sales for TLD registries.</p>
<p>In most cases a notice to the user is given that the domain no
longer exists but is available for purchase. The user gets a simple to
understand web page and the TLD operator makes some bucks on a sale. I
see nothing wrong with that. I think we call it commerce.</p>
<p>ICANN will attempt to control DNS redirection via contracts with new
TLD operators. There is nothing ICANN can do about service providers
redirecting traffic or existing contracts with legacy TLD operators.</p>
<p><em><strong>EOL</strong></em></p>
<p><em><strong>Editor note: </strong></em><a href="http://www.ntia.doc.gov/DNS/comments/comment034.pdf">My
public comment on the Deployment of DNSSEC is on file with the U.S.
Department of Commerce at the National Telecommunications and
Information Administration.</a><em><strong><br>
</strong></em></p>
</div><br><br>-- <br>Joe Baptista<br><br><a href="http://www.publicroot.org">www.publicroot.org</a><br>PublicRoot Consortium<br>----------------------------------------------------------------<br>The future of the Internet is Open, Transparent, Inclusive, Representative & Accountable to the Internet community @large.<br>
----------------------------------------------------------------<br> Office: +1 (360) 526-6077 (extension 052)<br> Fax: +1 (509) 479-0084<br><br>Personal: <a href="http://www.joebaptista.wordpress.com">www.joebaptista.wordpress.com</a><br>