[governance] Re: Alternative DNS systems and net neutrality

Karl Auerbach karl at cavebear.com
Mon Nov 26 18:36:47 EST 2007


Dan Krimm wrote:
> I do understand that ICANN's relationships with the RSOs are informal --
> there is no direct authority.

The root server operators have been fairly consistent and unanimous in 
their rejection of oversight from any entity, especially ICANN.

I have written about what ought to be the reciprocal obligations of root 
server oversight.  IANA also put together a pretty good statement of 
requirements for TLD servers - but which is equally applicable to root 
servers.  I don't have a handy pointer to that one, but it is something 
that deserves better visibility than it has obtained.

Take a look at the tail end of something I wrote in 2005: "About Those 
Root Servers" at http://www.cavebear.com/cbblog-archives/000192.html

Here's the bottom line from that note (the agreements it mentions are 
agreements between the oversight body and each root server operator.):

... what should be the terms in those agreements?  My list is found 
below.  Most of the obligations in that list are things that the root 
servers do already; most of the obligations have no affect on current 
operations.  Rather most of the obligations ensure that the status quo 
remains the status quo into the future.  I've listed these obligations 
in qualitative terms; in practice these obligations should be restated 
into quantitative service level agreements.

     * Servers must be operated to ensure high availability of 
individual servers, of anycast server clusters, and of network access paths.

     * Root zone changes should be propagated reasonably quickly as they 
become available.

     * User query packets should be answered with dispatch but without 
prejudice to the operator's ability to protect itself against ill formed 
queries or queries that are obviously intended to cause harm or overload.

     * User query packets should be answered accurately and without 
manipulation that interferes with the user's right to enjoy the 
end-to-end principle and to be free from the undesired introduction of 
intermediary proxies or man-in-the-middle systems.

     * Operators should coordinate with one another to ensure reasonably 
consistent responses to queries made to different root servers at 
approximately the same time.

     * There should be no discrimination either for or against any query 
source.

     * Queries should be given equal priority no matter what name the 
query is seeking to resolve.

     * There should be no ancillary data mining (e.g. using the queries 
to generate marketing data) except for purposes of root service capacity 
planning and protection.

     * The operator must operate its service to be reasonably robust 
against threats, both natural and human.

     * The operator must demonstrate at reasonable intervals that it has 
adequate backup and recovery plans.  Part of this demonstration ought to 
require that the plans have been realistically tested.

     * The operator must demonstrate at reasonable intervals that it has 
adequate financial reserves and human resources so that should an ill 
event occur the operator has the capacity (and obligation) to recover.

Obligations go two-ways.  The oversight body should ensure that there is 
wide and free dissemination of the root zone file so that people, 
entities, and local communities can cache the data and, when necessary, 
create local temporary DNS roots during times of emergency when those 
local communities are cut-off from the larger part of the internet.

		--karl--
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance



More information about the Governance mailing list