[governance] [liberationtech] Chinese preparing for a "Autonomous Internet" ?

parminder parminder at itforchange.net
Sat Jun 23 10:38:51 EDT 2012 


On Saturday 23 June 2012 06:58 PM, Lee W McKnight wrote:
> Parminder,
>
> Just to be superclear about this, you are either on the inter-net, or off. That's all that the root zone file signifies.
>
> Being on the inter-net does not guarantee access to a particular - service or application -

Lee,

I am superclear about it. I surely know root zone file in about being 
off or on the Internet, and quite different from availability of any 
particular service over the Internet. Not sure, what made you believe I 
was confused between the two.

I only said, and I believe so, that the same US's OFAC regime that 
applies to google services *can* very easily apply to any non profit or 
even government agency providing root server and DNS kind of services to 
the sanctioned countries. To quote their website, OFAC orders apply to ' 
"All U.S. persons and entities (companies, non-profit groups, government 
agencies, etc.) wherever located".

So you are wrong to claim that if OFAC wanted to hit the root server 
services (or even domain name services like accepting cctld or new gtld 
applications form the sanctioned countries)  it would have to go around 
persuading NTIA etc. In any case, in the kind of circumstances we are 
talking about, all wings of the administration  act as one. So OFAC and 
NTIA would no doubt talk, but it will be the White House deciding.

(BTW, taking Iran's example, do see the manner how any OFAC diktat is 
carefully and elaborately worded to suit US's short and long term 
political and economic interests at 
http://www.treasury.gov/resource-center/sanctions/Programs/Documents/iran.pdf 
and 
http://www.treasury.gov/resource-center/sanctions/Programs/Documents/internet_freedom.pdf  
)

As for the sledgehammer metaphor you employ, no one likes someone 
standing with a sledgehammer over his/ their head, especially when there 
is a way to get the holder of the sledgehammer to put it down. Would you 
like it, if it were with you :)

  If one is not going to use the sledgehammer ever, there is no point on 
insisting on holding it over other people's head, as US does in not 
agreeing to internationalise 'oversight' of CIR management.

parminder


>   which can be unavailable for any number of reasons. Most commonly, not paying for it. Even for free services can be unavailable, for example because the provider is unable or is not bothering to extract ad revenue from particular geographies, for various reasons.  So they don't want to bear the costs for the load on their own servers coming from areas they can't make $$ from.  Typically though, most folks on the Internet will accept and send traffic anywhere, since the cost per - whatever - is so low.
>
> Then there's cases of national-level filtering and blocking eg China's great firewall.
>
> Or service provider-level filtering which could be in place for business reasons, or due to - national-level law.
>
> But as McTim notes, all of those cases are separate matters entirely from the operation of the root-servers that are distributed on-off switches - metaphorically speaking.
>
> Now to switch metaphors: )
>
> Think really really heavy sledgehammer and a bee (from OFAC view).
>
> Even if the US has been in conflict with Cuba of one sort or another for the past...50 years +.....you wouldn't think to try to swat the bee with the sledgehammer, since you  would realize that it is far more likely that you would drop the sledgehammer on your own foot, than hit the bee.
>
> Not to mention, OFAC has no permission or administrative authorization to pick up that sledgehammer.
>
> According to US law and administrative practice, they would have to ask NTIA to please help them go after the US root zone operators; and/or would have to ask other governments to drop the sledgehammer on their own root-zone operators, since the bee's somewhere else.
>
> There's sequences of improbable events which lead to worst-case scenarios, which can and do happen, and then there's - firebreaks, administrative procedures, and various levels of service above and beyond - being on the net.
>
> Nonetheless, as I have previously noted, this is not to suggest I favor the USG still having its hands so close to - ICANN/IANA/Verisign's - expert finetuning fingers tweaking the rootzone file.  Since yeah we can always imagine a sledgehammer being dropped, on our own hands/net.
>
> Lee
> ________________________________________
> From: McTim [dogwallah at gmail.com]
> Sent: Saturday, June 23, 2012 8:34 AM
> To:governance at lists.igcaucus.org; parminder
> Cc: Lee W McKnight; Louis Pouzin (well)
> Subject: Re: [governance] [liberationtech] Chinese preparing for a "Autonomous Internet" ?
>
> Hi,
>
>
> On Sat, Jun 23, 2012 at 12:46 AM, parminder<parminder at itforchange.net>  wrote:
>    
>> On other issue of, whether US gov can or could take unilateral steps with
>> regard to ICANN and root server management;
>>
>>
>> To take an example. if anyone tries to access the services of google
>> analytics from Cuba she is greeted by the following message (for the full
>> report see
>> http://www.webpronews.com/google-blocks-cuba-from-gaining-analytics-access-2012-06
>> )
>>
>> We’re: unable to grant you access to Google Analytics at this time.
>>
>> A connection Has Been Established Between your current IP address and
>> acountry sanctioned by the U.S. government. For more information, see
>> http://www.ustreas.gov/offices/enforcement/ofac/  .
>>
>> Google Earth, Google’s Desktop Search tool and Google Code Search are
>> similarly blocked.
>>
>> It is my understanding that a simple order from the Office of Foreign Assets
>> Control to ICANN/ Verisign could put provision of root server services to
>> Cuba and its nationals ( and those of some other countries) under similar
>> sanctions. That is how close we are to what many think is an impossible
>> calamity.
>>
>>      
> Your understanding is flawed.
>
> Serving the root is binary, a DNS root-operator either serves it or
> they don't.
>
> If you are talking about filtering routes, well that is done in
> routing, and if an order
> went to ICANN/Verisign, they have no way to command the other root-ops to
> route filter based on IP range.
>
> I doubt $current_employer (F) would filter as above, even though they
> are a US 501(c) corp.
>
> I am sure $former_employer (K) would not as they are not a US corp,
> and have said as much (IIRC) during WSIS.
>
> So Cubans would still get the root served to them.
>
>
> --
> Cheers,
>
> McTim
> "A name indicates what we seek. An address indicates where it is. A
> route indicates how we get there."  Jon Postel
>
>    
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20120623/f265c561/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list