[governance] India's communications minister - root server misunderstanding (still...)
David Conrad
drc at virtualized.org
Thu Aug 2 16:13:11 EDT 2012
On Aug 2, 2012, at 12:34 PM, Sivasubramanian M <isolatedn at gmail.com> wrote:
> The root server infrastructure, despite its harmless functions, occupy a recurrent space in Internet Governance debates, their functions understood, or otherwise, for its symbolic value.
Understandable.
> I have always wondered if it wouldn't be wiser for United States to make a gesture of assurance to the rest of the world by exploring the technical feasibility of locating a few more elsewhere.
Technically, it is feasible to locate a root server anywhere there is Internet connectivity (and, in fact, with the deployment of anycast instances, this has already occurred, see http://root-servers.org/map/). I believe the issue isn't placement, it is ownership.
> The Wikipedia article on Root Name Server says that "The choice of 13 nameservers was made because of limitations in the original DNS specification" with a 'why?' asking for citation.
The answer to "why?" is quite simple: the original DNS specification limited the guaranteed supported size of a DNS message to 512 bytes and 13 IP(v4) addresses is all you can fit in a message of that size. While the DNS specifications have evolved to support larger messages, it turns out a surprisingly (at least to me) large percentage of the infrastructure refuses to allow those larger messages (the refusals being largely due to old software, broken implementations, or security policy that mistakenly assumes DNS messages must be less than or equal to 512 bytes in length). As such, we're stuck with 13.
> Assuming that there is a limitation, could there be other possible gesturegs? Fully Qualified Mirrors? Or, could there be an extraordinary gesture of one of the Universities retaining a Fully Connected Mirror in their premises and relocate the Root Server to an Institution such as the Indian Institute of Technology with transition support for 3 to 5 years? Or, would Verisign Inc do the same to make this extraordinary gesture by shifting the root server to Verisign India or Verisign Africa? The relocated servers would be under the present root server infrastructure any way.
I'm not sure what you mean by "Fully Qualified Mirror". The myriad of root server instances spread all over the world as shown in that map are indistinguishable at a protocol level from each other. The concern (as I understand it) is that the administration of those root servers is in the hands of 12 organizations, of which 9 are US-based.
> It may not be easy, it could be technically complex, and possibly expensive.
It is actually quite easy and relatively inexpensive to deploy a root server instance. I believe ICANN is more than happy to let pretty much anyone run a copy of "L" if they buy a ~$3K server (to ICANN specifications), provide Internet connectivity to that server, and sign an agreement with ICANN saying they won't muck with or limit the data the instance serves.
> Even a pretension to add / relocate one or two servers would lay to rest most of the criticism about the unilateral control of the root, read (conveniently by those who archestrate anti-Internet propaganda), unilateral control of the Internet.
Unfortunately, I suspect this isn't true. My impression is that the "control of the root" isn't really about root servers, it is about editorial control of the data in the root zone.
Regards,
-drc
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
governance at lists.igcaucus.org
To be removed from the list, visit:
http://www.igcaucus.org/unsubscribing
For all other list information and functions, see:
http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
http://www.igcaucus.org/
Translate this email: http://translate.google.com/translate_t
More information about the Governance
mailing list