[governance] U.S. DoC SSAC says DNS redirections a no no.

Joe Baptista baptista at publicroot.org
Thu Jun 25 15:22:24 EDT 2009 

with my compliments

http://joebaptista.wordpress.com/2009/06/24/u-s-doc-ssac-says-dns-redirections-a-no-no/

U.S. DoC SSAC says DNS redirections a no
no.<http://joebaptista.wordpress.com/2009/06/24/u-s-doc-ssac-says-dns-redirections-a-no-no/>

*June 24, 2009*
[image: Joe Baptista says Dont Panic ... SSAC is a joke.]

Joe Baptista says Don't Panic ... SSAC is a joke.

*This is serious stuff folks! Do we Internet users trust the U.S. government
with the keys to our computers? I don’t! CLICK to
VOTE<http://answers.polldaddy.com/poll/1732779/>
.
*

*A review of a report<http://www.icann.org/en/committees/security/sac041.pdf>published
June 10 2009 from the Security and Stability Advisory Committee
(SSAC), a U.S. government contractor. *

SSAC a committee of the Internet Corporation for Assigned Names and Numbers
(ICANN), the government contractor who runs most of the planets Internet on
behalf of the U.S., in a recent report claims that DNS redirections present
a potential security risk. It further claimed the practice could result in
an “erosion of trust relationships and the creation of new opportunities for
malicious attack”. The report recommends that ICANN “prohibit the use of
redirection and synthesized responses by new TLDs”.

The claim is nonsense and self serving. DNS redirection does not pose a
security risk to the Internet. It solves a number of technical issues
related to traffic and is an excellent marketing tool for Internet service
providers and Top-Level Domain (TLD) operators.

I think the report is self serving because the sole justification for this
report is found in the claim that the practice, extensively used by service
providers and TLD operators, is an “erosion of trust relationships”. The
only trust being eroded is ICANN’s ability to control the Internet.

The “erosion of trust” reference is in fact ICANN speak to make all of us
compliant with DNSSEC (Domain Name System Security Extensions). DNSSEC does
not work under DNS redirection.
[image: DNSSEC = CONTROL]

DNSSEC = CONTROL

DNSSEC is an evil protocol who’s sole purpose is to reverse engineer the
Internet and take over control of a core process. In short ICANN an agency
of the U.S. Government wants to hold the keys to your computer. DNSSEC
forces any computer using the protocol to trust Uncle Sam. Are you ready for
that. I’m not.

Top level domain (TLD) operators are increasingly adopting the practice of
redirecting queries for inactive domains to their own pages. This solve a
big problem some operators have. The constant traffic at TLD servers for
dead domains. It also is a marketing opportunity and a means of generating
sales for TLD registries.

In most cases a notice to the user is given that the domain no longer exists
but is available for purchase. The user gets a simple to understand web page
and the TLD operator makes some bucks on a sale. I see nothing wrong with
that. I think we call it commerce.

ICANN will attempt to control DNS redirection via contracts with new TLD
operators. There is nothing ICANN can do about service providers redirecting
traffic or existing contracts with legacy TLD operators.

*EOL*

*Editor note: *My public comment on the Deployment of DNSSEC is on file with
the U.S. Department of Commerce at the National Telecommunications and
Information Administration.<http://www.ntia.doc.gov/DNS/comments/comment034.pdf>
*
*


-- 
Joe Baptista

www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive, Representative &
Accountable to the Internet community @large.
----------------------------------------------------------------
 Office: +1 (360) 526-6077 (extension 052)
    Fax: +1 (509) 479-0084

Personal: www.joebaptista.wordpress.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20090625/7ed5445a/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

More information about the Governance mailing list