[governance] Clues for WCIT issues and prospects

David Conrad drc at virtualized.org
Tue Dec 18 11:28:06 EST 2012


Dominique,

We've been over this before.

It is simply not possible for the US government to _unilaterally_ remove DNS access to a country.  The most the US government could do would be to direct its contractors to remove the ccTLD's records from the root zone.  That inappropriately modified root zone must then be pulled from the Verisign distribution server and installed on the root servers around the world.  Since the root server operators are independent, whether they accept a root zone that has been modified inappropriately is each their own decision (and several have gone on record claiming the "value add" they bring and why there can be no single body to which they are accountable is precisely to act as this check and balance).

If the US government were to undertake such an action, it would immediately and irrevocably lead to a Internet-wide governance crisis in which the current mechanisms by which the root is maintained would undoubtedly be the first victim.  It would not result in the country's DNS access removed, but would, instead, be _much_ more likely to remove the US government from its role in root maintenance.

Regards,
-drc

On Dec 18, 2012, at 8:07 AM, Dominique Lacroix <dl at panamo.eu> wrote:

> Do you agree with that drawing of the management of the root file? 
> 
> http://reseaux.blog.lemonde.fr/2012/09/02/controle-internet/
> 
> @+, Dom
> 
> 
> Le 18/12/12 16:46, McTim a écrit :
>> About Verisign, I agree that it's a short expression for an actual reality:
>> US gov COULD cut DNS access to any country in the world. Verisign would just
>> execute orders.
>> 
>> Please explain how this is technically possible.  To my knowledge, it
>> is not (and I have worked for 2 root-server operators).
>> 
>> Are you talking about removing a ccTLD from the root zone?
>> 
>> Are you talking about Verisign dropping queries from IP address blocks
>> to the 2 root servers they operate?
>> 
>> While the first is not possible for the USG to accomplish, the second
>> is technically possible, but
>> doesn't mean that a nation state would be denied access to the DNS
>> root from all root servers.
> 
> ____________________________________________________________
> You received this message as a subscriber on the list:
>     governance at lists.igcaucus.org
> To be removed from the list, visit:
>     http://www.igcaucus.org/unsubscribing
> 
> For all other list information and functions, see:
>     http://lists.igcaucus.org/info/governance
> To edit your profile and to find the IGC's charter, see:
>     http://www.igcaucus.org/
> 
> Translate this email: http://translate.google.com/translate_t

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20121218/b2cbe2d8/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t


More information about the Governance mailing list