<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Verdana">Alejandro,<br>
<br>
First of all, many thanks for your unusually even tempered
response to my email :) .<br>
<br>
</font>
<div class="moz-cite-prefix">On Tuesday 07 August 2012 11:21 AM, Dr.
Alejandro Pisanty Baruch wrote:<br>
</div>
<blockquote
cite="mid:6DCAB3E586E6A34FB17223DF8D8F0D3D483AEAF1@W8-EXMB-DP.unam.local"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type="text/css" id="owaParaStyle"></style>
<div style="direction: ltr;font-family: Courier New;color:
#000000;font-size: 10pt;">
Parminder,
<div><br>
</div>
<div>let's assume you may be right. Then, do as engineers do:
design and test.<br>
</div>
</div>
</blockquote>
<br>
I know you would consider it a fatal flaw, but unfortunately I must
admit openly that I am not an engineer, and never ever had any kind
of technical education whatsoever. May god save me!<br>
<blockquote
cite="mid:6DCAB3E586E6A34FB17223DF8D8F0D3D483AEAF1@W8-EXMB-DP.unam.local"
type="cite">
<div style="direction: ltr;font-family: Courier New;color:
#000000;font-size: 10pt;">
<div>
<div><br>
</div>
<div>The easiest way to support your view that " the number 13
[root servers] can be expanded without much difficulty " is
to get the best engineer in ITForChange</div>
</div>
</div>
</blockquote>
<br>
I know you would consider this even more unbelievable, but there
simply isnt any engineer here at IT for Change :( <br>
<br>
<blockquote
cite="mid:6DCAB3E586E6A34FB17223DF8D8F0D3D483AEAF1@W8-EXMB-DP.unam.local"
type="cite">
<div style="direction: ltr;font-family: Courier New;color:
#000000;font-size: 10pt;">
<div>
<div> and start participating in the IETF with a proposal.
Better if it takes into account previous explorations of the
subject.</div>
</div>
</div>
</blockquote>
<br>
Happy to be apprised of them. And as mentioned, if this indeed cant
work (though David suggested that it isnt that difficult) the other
option remains, reallocate at least 7 out of the 10 current root
servers in the US to entities outside the US in a geographically and
geo-political even/ just way. As a start, to keep from away from the
spectre of strengthening statist controls, allocate them to the 4
RIRs in Asia-Pacific, Africa, LA and Europe. After all RIPE, the RIR
of North America, already runs a root server. Let others feel a bit
equal too. And in this way the political demand of many Southern
actors get assuaged to some extent. You are from Mexico, why
shouldnt LACNIC, where your countrymen have some legitimate standing
and say, run a root server, when RIPE does, and many private
businesses do. <br>
<br>
What do you say to this proposal.<br>
<br>
parminder <br>
<blockquote
cite="mid:6DCAB3E586E6A34FB17223DF8D8F0D3D483AEAF1@W8-EXMB-DP.unam.local"
type="cite">
<div style="direction: ltr;font-family: Courier New;color:
#000000;font-size: 10pt;">
<div>
<div><br>
</div>
<div>All techno-political framing clouds will dispel.</div>
<div><br>
</div>
<div>Alejandro Pisanty<br>
<div><br>
<div style="font-family:Tahoma; font-size:13px">
<div style="font-family:Tahoma; font-size:13px"><span
class="Apple-style-span" style="border-collapse:
separate; font-size: medium; font-family: 'Times New
Roman'; "><span class="Apple-style-span"
style="font-family:arial; font-size:small"><font
face="Courier New" size="2">
</font></span></span></div>
<div style="font-family:Tahoma; font-size:13px"><span
class="Apple-style-span" style="widows:2;
text-transform:none; text-indent:0px;
letter-spacing:normal; border-collapse:separate;
font:medium 'Times New Roman'; white-space:normal;
orphans:2; color:rgb(0,0,0); word-spacing:0px"><span
class="Apple-style-span" style="font-family:arial;
font-size:small"><font face="Courier New" size="2">!
!! !!! !!!!</font></span></span></div>
<div style="font-family:Tahoma; font-size:13px"><span
class="Apple-style-span" style="widows:2;
text-transform:none; text-indent:0px;
letter-spacing:normal; border-collapse:separate;
font:medium 'Times New Roman'; white-space:normal;
orphans:2; color:rgb(0,0,0); word-spacing:0px"><span
class="Apple-style-span" style="font-family:arial;
font-size:small"></span></span><span
class="Apple-style-span" style="widows:2;
text-transform:none; text-indent:0px;
letter-spacing:normal; border-collapse:separate;
font:medium 'Times New Roman'; white-space:normal;
orphans:2; color:rgb(0,0,0); word-spacing:0px"><span
class="Apple-style-span" style="font-family:arial;
font-size:small"><font face="Courier New" size="2">NEW
PHONE NUMBER - NUEVO NÚMERO DE TELÉFONO</font></span></span></div>
<p><span class="Apple-style-span" style="widows:2;
text-transform:none; text-indent:0px;
letter-spacing:normal; border-collapse:separate;
font:medium 'Times New Roman'; white-space:normal;
orphans:2; color:rgb(0,0,0); word-spacing:0px"><span
class="Apple-style-span" style="font-family:arial;
font-size:small"></span></span> </p>
<p><span class="Apple-style-span" style="widows:2;
text-transform:none; text-indent:0px;
letter-spacing:normal; border-collapse:separate;
font:medium 'Times New Roman'; white-space:normal;
orphans:2; color:rgb(0,0,0); word-spacing:0px"><span
class="Apple-style-span" style="font-family:arial;
font-size:small"><font face="Courier New" size="2">+52-1-5541444475
FROM ABROAD </font></span></span></p>
<p><span class="Apple-style-span" style="widows:2;
text-transform:none; text-indent:0px;
letter-spacing:normal; border-collapse:separate;
font:medium 'Times New Roman'; white-space:normal;
orphans:2; color:rgb(0,0,0); word-spacing:0px"><span
class="Apple-style-span" style="font-family:arial;
font-size:small"><font face="Courier New" size="2">+525541444475
DESDE MÉXICO </font></span></span></p>
<p><span class="Apple-style-span" style="widows:2;
text-transform:none; text-indent:0px;
letter-spacing:normal; border-collapse:separate;
font:medium 'Times New Roman'; white-space:normal;
orphans:2; color:rgb(0,0,0); word-spacing:0px"><span
class="Apple-style-span" style="font-family:arial;
font-size:small"><font face="Courier New" size="2">SMS
+525541444475 <br>
Dr. Alejandro Pisanty<br>
UNAM, Av. Universidad 3000, 04510 Mexico DF
Mexico<br>
<br>
Blog: <a class="moz-txt-link-freetext" href="http://pisanty.blogspot.com">http://pisanty.blogspot.com</a><br>
LinkedIn: <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/pisanty">http://www.linkedin.com/in/pisanty</a><br>
Unete al grupo UNAM en LinkedIn,
<a class="moz-txt-link-freetext" href="http://www.linkedin.com/e/gis/22285/4A106C0C8614">http://www.linkedin.com/e/gis/22285/4A106C0C8614</a><br>
Twitter: <a class="moz-txt-link-freetext" href="http://twitter.com/apisanty">http://twitter.com/apisanty</a><br>
---->> Unete a ISOC Mexico,
<a class="moz-txt-link-freetext" href="http://www.isoc.org">http://www.isoc.org</a><br>
. . . . . . . . . . . . . . . . </font></span></span></p>
</div>
</div>
<div style="font-family: Times New Roman; color: #000000;
font-size: 16px">
<hr tabindex="-1">
<div id="divRpF818628" style="direction: ltr; "><font
face="Tahoma" color="#000000" size="2"><b>Desde:</b>
<a class="moz-txt-link-abbreviated" href="mailto:governance-request@lists.igcaucus.org">governance-request@lists.igcaucus.org</a>
[<a class="moz-txt-link-abbreviated" href="mailto:governance-request@lists.igcaucus.org">governance-request@lists.igcaucus.org</a>] en nombre de
parminder [<a class="moz-txt-link-abbreviated" href="mailto:parminder@itforchange.net">parminder@itforchange.net</a>]<br>
<b>Enviado el:</b> martes, 07 de agosto de 2012 00:17<br>
<b>Hasta:</b> <a class="moz-txt-link-abbreviated" href="mailto:governance@lists.igcaucus.org">governance@lists.igcaucus.org</a>; David
Conrad<br>
<b>Asunto:</b> Re: [governance] India's communications
minister - root server misunderstanding (still...)<br>
</font><br>
</div>
<div>David,<br>
<br>
<div class="moz-cite-prefix">On Sunday 05 August 2012
10:40 PM, David Conrad wrote:<br>
</div>
<blockquote type="cite">Parminder,
<div><br>
<div>
<div>On Aug 5, 2012, at 5:40 AM, parminder <<a
moz-do-not-send="true"
href="mailto:parminder@itforchange.net"
target="_blank">parminder@itforchange.net</a>>
wrote:</div>
<blockquote type="cite">
<div bgcolor="#FFFFFF">Now, we know that there
are three kinds of root servers, the
authoritative root server (in which changes
are made to the root file vide the IANA
process), 13 root servers and then the any
number of mirrors that can allegedly be
created by making an investment of 3k usd .<br>
</div>
</blockquote>
<div><br>
</div>
<div>No.</div>
<div><br>
</div>
<div>
<div>There is a "distribution master". </div>
</div>
</div>
</div>
</blockquote>
<br>
So, well, apologies for referring to the root zone file
as the highest level of root zone server; I should
perhaps simply have said 'the highest level of
Internet's root architecture'. However, your chastising
may be biased. Someone, quite unlike me, with deep
technical training like Daniel said is a recent email; <br>
<blockquote>
<p style="margin-bottom:0cm">"As already mentioned,
there are hundreds of root server instances. Each of
these is an actual root server."</p>
</blockquote>
<p style="margin-bottom:0cm">Isnt this statement as or
more untrue, in a discussion where we are mainly
speaking about actual 'control' over the root file.
The hundreds of root servers mentioned above are NOT
'actual root servers'. An actual root server is a
shorthand for an actual root server operator, who
exercises control (at least potentially) over the root
zone file that he publishes. (I learnt this from my
earlier discussions with you on the IANA authority and
the US.) The 'ill-informed' Indian minister seems
rather better informed than 'technical experts' here
on this particular issue. He seems to know better
which is a true or actual root server and which is
not. Quote from the same interview where he quite
wrongly said that Internet traffic flows through 13
root servers (he should have said, internet traffic,
in a way, gets directed by 13 root servers).<br>
</p>
<style type="text/css">
<!--
@page
{margin:2cm}
p
{margin-bottom:0.21cm}
-->
</style><br>
"Currently, India's mirror servers reflect the data but
without mechanisms of control and intervention."<br>
<br>
Clearly what some 'technical experts' stress and what
they suppress (or forget to mention) depends on their
techno-political proclivities. Isnt it obvious!
<br>
<br>
In response to my another email, you have asked me to
"provide examples of supposed 'statements of technical
facts' that are ''thoroughly wrapped in a certain
techno-political viewpoint". Apart from the above
example, I will try and find others in your email below
:) <br>
<br>
<blockquote type="cite">
<div>
<div>
<div>
<div>(snip)</div>
<div><br>
</div>
</div>
<div>That's all. There are no special "13"
machines that are the "true root servers" from
which other lesser machines mirror the root
zone.</div>
</div>
</div>
</blockquote>
Well, you did understand early in this discussion that
the argument is not about 'true root servers' but about
'true root server operators', so why dont we stick to
the real point of contestation rather than create
strawmen and defend against them. From your email of a
few days ago <br>
<br>
<blockquote>"The concern (as I understand it) is that
the administration of those root servers is in the
hands of 12 organizations, of which 9 are US-based. "
(David)
<br>
<br>
</blockquote>
Yes, true. It is this what we are discussing here, not
the network latency problem. In that email, you
understood the concern right. It is about root server
operators, and the term '13 root servers' is loosely
used to mean '13 root server operators'. That is the
real issue, and it was the issue that bothered the
Indian and the African ministers the latter being
wrongly, if not mischievously, retorted to in terms to
availability of root server mirrors - a very different
issue. Similarly, this current discussion is
continuously pulled towards the convenient description
of geographic extensions through mirrors of root
servers, away from the real issue of 'concentration'
(against distribution) of power to change root file or
resist changes to root file that is with the root server
operators and none at all with anycast mirror operators.<br>
<br>
It is very interesting that when I did that long
discussion with you, David, on the US's unilateral IANA
authority, your almost entire case was based on how the
root server operators are really independent (which is
the same thing as saying they have 'power') and this is
the insurance against any US mischief with the root zone
file. However, now when we are discussing the power of
root server operators, which is geo-politically very
unevenly distributed, the 'power' with the root server
operators is sought to be so minimized as to be
completely evaporated. The focus is repeatedly sought to
shifted to how anyone can set up a root server and that
those who speak about 13 root servers (meaning, root
server operators) being not distributed well enough are
merely stupid!<br>
<br>
How does what appears to be the 'same fact' take such
very different manifestations in two different political
arguments? This is what I mean by 'technical advice'
being warped by strong techno-political viewpoints. I am
not making any personal accusation. I am stating a
sociological 'fact'. <br>
<br>
<blockquote type="cite">
<div>
<div>(snip)<br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">What I see is that, while
there are of course clearly very significant
differences between these three layers or
kinds of root servers, much of the 'technical
input' on this list that I have come across
seem to focus on the non-difference and
greatly underplay the difference. </div>
</blockquote>
<div><br>
</div>
<div>As discussed above, the distinction you are
making doesn't exist.</div>
</div>
</div>
</blockquote>
<br>
Well!! See above for the distinction. A clear
distinction that you did understand and articulate in
your earlier email in terms of concentration of ability
for "administration of those root servers is in the
hands of 12 organizations, of which 9 are US-based. "
There is obvious and very important distinction between
the 'power' of root zone operator and someone operating
a mirror. This distinction is the very basis of the
whole discussion in this thread. But you have easily and
conveniently dismissed, or minimised, distinctions
between the root file layer, root zone layer and anycast
mirror layer, esp between these two latter layers . This
is done through a unilateral decision to speak about one
thing when the other party is speaking about quite
another, or at least another aspect of the issue - which
here is the issue of 'control' rather than availability
of root file for resolving queries.
<br>
<br>
<blockquote type="cite">
<div>
<div><br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">This I think is
politically motivated, though disguised as
factual neutral/ technical information.</div>
</blockquote>
<div><br>
</div>
<div>Conspiracy theories are tricky things as it
makes it difficult to communicate.</div>
</div>
</div>
</blockquote>
<br>
:). I made it clear at the onset that I am trying to
argue that when a group has strong political
inclinations - as the so called technical community has
- its technical advice gets accordingly wrapped... Call
it my conspiracy theory, but at least I am upfront. But
also (try to ) see how the technical community sees deep
conspiracies in every single political utterance from
the South. Worse its conspiracy theory is further
compounded by a 'stupidity theory'. Double insult!
<br>
<blockquote type="cite">
<div>
<div>
<div><br>
</div>
(snip)
<div><br>
</div>
You misread. The 13 IP(v4) address limitation due
to the default maximum DNS message size still
exists. While there are now ways around this
limitation (specifically, the EDNS0 extension to
the DNS specification), these ways are not
universally supported and as such, cannot be
relied upon, particularly for root service.</div>
</div>
</blockquote>
No, I dont think I misread. Just that the fact remains
that the number 13 can be expanded without much
difficulty, but you are not too interested to explore
that direction while I am (again, political proclivities
intervene). Wasnt introducing multilingual gtlds also
considered a bit 'difficult to rely upon' just a few
years back. Finally, political considerations helped get
over that unnecessary and exaggerated fear. It depended
who were taking the decisions, the US centric ICANN
establishment earlier, but the same establishment with
some WSIS related fears and cautions in the second
instance.
<br>
<br>
<blockquote type="cite">
<div>
<div><br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">So if indeed it is not,
why not breach it and make people of the world
happy.
</div>
</blockquote>
<div><br>
</div>
<div>Even if it were possible, I sincerely doubt
everyone having their own root server would make
the people of the world happy.</div>
</div>
</div>
</blockquote>
This is 'the' most important point - whether there is
any justification at all to increase the number or root
servers and/or to reallocate / redistribute them in a
manner that is politically more justifiable and thus
sustainable. I will take it up in a separate email. <br>
<br>
regards<br>
parminder <br>
<br>
<blockquote type="cite">
<div>
<div><br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">Even within the limit of
13, why not allocate root servers in a
geo-graphically equitable manner, as
Sivasubramanian has suggested, especially when
it seems to make no difference at all to
anyone. Why not make all these ill-informed
ministers happy. </div>
</blockquote>
<div><br>
</div>
<div>As mentioned in a previous note, the
operators of the root servers are independent
(modulo "A" and "J" (through the Verisign
contract with the USG) and "E", "G", and "H"
(operated by USG Departments), albeit each of
these operators deal with their root servers
differently). How root server operators
distribute their instances is entirely their
decision. To date, there has apparently been
insufficient justification for those root server
operators to decide to distribute their machines
in a "geo-graphically equitable manner".</div>
<div><br>
</div>
<div>With that said, there are at least two root
server operators ("L" (ICANN) and "F" (ISC)) who
have publicly stated they are willing to give a
root server instance to anyone that asks.
Perhaps the ill-informed ministers could be
informed of this so they could be happy?</div>
<br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">I read that there is no
central control over the 13 or at least 9 of
these root servers. Is it really true? </div>
</blockquote>
<div><br>
</div>
Yes. The diversity of architecture and lack of
centralized control is seen as a feature as it
reduces the opportunities for "capture".</div>
<div><br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">Is the 13 root server
architecture not something that is aligned to
what goes in and from the authoritative root
server.
</div>
</blockquote>
<div><br>
</div>
Root server architecture is independent of how the
root zone is distributed.</div>
<div><br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">If it is, why can these
root servers not be reallocated in the way
tlds have been reallocated. Can they be
reallocated or cant they? </div>
</blockquote>
<div><br>
</div>
<div>In practical terms, the "reallocation of a
root server" boils down to transferring the root
server's IP address and telling the new owner
the zone transfer password.</div>
<div><br>
</div>
<div>Before the DNS became a political
battleground, root server "reallocation"
occurred (extremely infrequently) when (a) the
person to whom Jon Postel "gave" the root server
changed employers or (b) the assets of the
organization running the root server were
acquired by another company. Today,
"reallocation" of a root server would either
require the existing root server operator
voluntarily giving the root server IP address to
a different organization or that IP address
would have to be "taken" by eminent domain or
somesuch.</div>
<div><br>
</div>
</div>
<div>
<blockquote type="cite">
<div bgcolor="#FFFFFF">I also read that the it
is not about 13 physical root servers, but 13
root server operators,
</div>
</blockquote>
<div><br>
</div>
<div>Well, 12 operators (since Verisign operates
two root servers).</div>
<br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">so the number 13 is about
the root server ownership points, and not
physical location points.
</div>
</blockquote>
<div><br>
</div>
In the sense that there are 13 IP(v4) addresses
that are "owned" by 12 organizations. Geography
is largely irrelevant.</div>
<div><br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">Therefore what is needed
is to reallocate the ownership points in a
geo-politically equitious manner. As Siva
suggests, probably one to an Indian Institute
of Technology.
</div>
</blockquote>
<div><br>
</div>
<div>Somewhat as an aside, my understanding is
that efforts to provide infrastructure (not root
server infrastructure specifically albeit the
same folks do provide anycast instances for a
root server operator) in India were blocked by
demands for bribes greater than the value of
hardware being shipped into the country (see <a
moz-do-not-send="true"
href="http://permalink.gmane.org/gmane.org.operators.nanog/100786"
target="_blank">http://permalink.gmane.org/gmane.org.operators.nanog/100786</a>).</div>
<br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">Why this is not done, or
cant be done are the real questions in the
present debate. Any answers?<br>
</div>
</blockquote>
<div><br>
</div>
<div>Sure. You are assuming a top-down model that
does not exist. There is no single entity that
can dictate to the root server operators "you
will give your root server to IIT". You and
others that care about this are free to make the
case to (say) Verisign that it would be in their
corporate best interests for them to relocate
administrative control of one of their root
servers to India, but it would be up to Verisign
(or perhaps more accurately, its shareholders)
to make that decision.</div>
<br>
<blockquote type="cite">
<div bgcolor="#FFFFFF">Is the real problem here
that if root server allocation issue is opened
up, countries would like to go country-wise on
root servers (as the recent China's proposal
for 'Autonomous Internet') which will skew the
present non-nation wise Internet topology
(other than its US centricity), which is an
important feature of the Internet.<br>
</div>
</blockquote>
</div>
<br>
</div>
<div>No. Placement of root servers has no impact on
Internet topology. Really. Distributing root server
instances can be helpful in reducing root query
latency and improving resiliency in the event of
network disruption. That's pretty much it. Opening
up the "root server allocation issue" is a red
herring, particularly given pretty much anyone can
get a root server instance if they care and are
willing to abide by the restrictions inherent in
operating a root server. </div>
<div><br>
</div>
<div>Merging a subsequent note:</div>
<div><br>
</div>
<div>
<div class="moz-cite-prefix">On Sunday 05 August
2012 06:10 PM, parminder wrote:</div>
</div>
<div>
<blockquote type="cite"><span
style="background-color:rgb(255,255,255)">'
administrative access will not be available' to
the anycast operator to his own anycast server.
</span></blockquote>
<div><br>
</div>
<div>Yes. However, if you ask anyone familiar with
computer systems, you will be told that if you
have physical access to a machine, you can gain
control of that machine. Obtaining such control
would violate the terms by which the machine was
granted, but that's irrelevant.</div>
<br>
<blockquote type="cite"><span
style="background-color:rgb(255,255,255)">This
is a pretty centralised control, </span><span
style="background-color:rgb(255,255,255)">not at
all the picture one got from all the technically
well informed insiders who seem to suggest on
this list that everything is open, uncontrolled
and hunky-dory and kind of anyone can set up and
operate root servers.</span></blockquote>
<div><br>
</div>
<div>I'm getting the impression that you read what
you prefer to read, not what is actually written.
No one (to my knowledge) has suggested
"everything is open, uncontrolled and hunky-dory".
Root service is considered critical
infrastructure and is treated as such, so anyone
asserting it is "open and uncontrolled" would be
confused at best. Can you provide a reference to
anyone making this suggestion?</div>
<div><br>
</div>
<div>As for "hunky-dory", I suppose some folks would
say the way the root servers are operated is
"hunky-dory". I am not among them.</div>
<div><br>
</div>
<blockquote type="cite"><span
style="background-color:rgb(255,255,255)">Was
the African minister really so wrong, or even
the Indian minister? </span></blockquote>
<br>
</div>
<div>Yes. Really. </div>
<div><br>
</div>
<div>Regards,</div>
<div>-drc</div>
<div><br>
</div>
</blockquote>
<br>
<br>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>