[governance] Clues for WCIT issues and prospects

David Conrad drc at virtualized.org
Tue Dec 18 13:35:14 EST 2012


Dominique,

On Dec 18, 2012, at 8:43 AM, Dominique Lacroix <dl at panamo.eu> wrote:
> Le 18/12/12 17:28, David Conrad a écrit :
>> The most the US government could do would be to direct its contractors to remove the ccTLD's records from the root zone.
> Yes, that's what I meant, and so the author in the article we're commenting.
> 
> And the operating contractor IS Verisign. Return to the starting point.

No. If the USG were to direct its contractors to violate the processes over which it provides oversight, we would not be back at the starting point, we would be in uncharted territory.

> So you confirm that, even being a bad move provoking a crisis, it could be possible.

I confirm it is possible for the USG to direct its contractors to violate existing processes.

However, this does NOT "remove DNS access for a country".  As mentioned, the root servers must pick up the inappropriately modified zone.  In addition, DNS caches must expire out the old information (and you may find that ccTLD name servers tend to be quite long lived in DNS caches).  In the intervening time between when the root zone was inappropriately modified and when resolutions for the ccTLD name servers start to fail, it is extremely likely that the situation would either be resolved (pun intended) or an alternative mechanism would be established by which the root zone was accepted by the root servers.  Since ultimately it is resolver operators (typically ISPs) that decide which root name servers to use and most of those resolver operators do not reside in a jurisdiction subject to US law, it is wildly unlikely the USG would slit their own throats by trying to violate the processes they provide oversight for.  Particularly given there are much easier (and subject to greater "plausible deniability") ways to have the same effect as removing a country from the DNS.

> That's exactly why it's an asymetric situation unesasy to be accepted by a lot of countries in the world.

My impression is that the uneasiness is primarily driven by a misunderstanding of how root zone updates work and the role performed by the USG in those updates.  As mentioned when this issue came up previously, my experience with the USG role when I was at IANA was that it was exclusively focused on ensuring ICANN hasn't run amok and that documented processes are followed. 

> Could we imagine another process? not necessarily with a plenary UN assembly ;-)

Sure, I'm not a particular fan of the current process and there are always ways in which you can add more Byzantine complexity in order to address political concerns, however without an organization that is above national laws, you will _always_ be at the mercy of the nation that is hosting the organization that is making the root zone edits and signing the root zone. 

Regards,
-drc

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20121218/d8b7770d/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t


More information about the Governance mailing list