[governance] The decentralization of the DNS system

Suresh Ramasubramanian suresh at hserus.net
Tue Jun 23 09:39:43 EDT 2015


It is simply a tool to query DNS and get specific / verbose details in your DNS query.

In essence, that query below shows you the path a DNS query for the MX record of “theglobaljournal.com <http://theglobaljournal.com/>” (that is, what mail servers handle mail for theglobaljournal.com <http://theglobaljournal.com/>) took, all the way from the root servers, to the DNS server(s) for theglobaljournal.com <http://theglobaljournal.com/> - managed by Jean Christophe’s provider gandi.net - which then responds with details of the mail servers on which his email is hosted.

That path flows down from the root servers - and guarantees that whoever, or whichever dns server anywhere in the world, makes that query, will end up with that answer.

With an “alternate root” setup, there could very well be one set of roots claiming that Jean-Christophe’s email resides on, say, a mail server at a university in India, rather than on his provider Gandi.net <http://gandi.net/> in France.    To use a sort of correct analogy, that would be like if you searched a telephone directory for his address and phone number, and found two different entries for those under his name.  [of course assuming he is the only jean-christophe nothias in his city - like there is only one domain theglobaljournal.com <http://theglobaljournal.com/>]

I hope that makes McTim’s reply clearer.

> On 23-Jun-2015, at 7:02 pm, nathalie coupet <nathaliecoupet at yahoo.com> wrote:
> 
> Can you explain what dig + trace mean? 
>  
> Nathalie 
> 
> From: McTim <dogwallah at gmail.com>
> To: Suresh Ramasubramanian <suresh at hserus.net> 
> Cc: "governance at lists.igcaucus.org" <governance at lists.igcaucus.org>; Jean-Christophe NOTHIAS I The Global Journal <jc.nothias at theglobaljournal.net>; willi uebelherr <willi.uebelherr at riseup.net> 
> Sent: Tuesday, June 23, 2015 9:10 AM
> Subject: Re: [governance] The decentralization of the DNS system
> 
> On Tue, Jun 23, 2015 at 7:02 AM, Suresh Ramasubramanian
> <suresh at hserus.net <mailto:suresh at hserus.net>> wrote:
> > What you call a fairyland is the reality that you happen to be using to even
> > be able to send this email.
> 
> Indeed, I see no evidence of an alt-root in this dig + trace:
> 
> 
> 
> ; <<>> DiG 9.3.2 <<>> theglobaljournal.net MX +trace
> ;; global options:  printcmd
> .                      10431  IN      NS      c.root-servers.net.
> .                      10431  IN      NS      a.root-servers.net.
> .                      10431  IN      NS      h.root-servers.net.
> .                      10431  IN      NS      k.root-servers.net.
> .                      10431  IN      NS      g.root-servers.net.
> .                      10431  IN      NS      d.root-servers.net.
> .                      10431  IN      NS      f.root-servers.net.
> .                      10431  IN      NS      j.root-servers.net.
> .                      10431  IN      NS      m.root-servers.net.
> .                      10431  IN      NS      e.root-servers.net.
> .                      10431  IN      NS      b.root-servers.net.
> .                      10431  IN      NS      l.root-servers.net.
> .                      10431  IN      NS      i.root-servers.net.
> ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 45 ms
> 
> net.                    172800  IN      NS      h.gtld-servers.net.
> net.                    172800  IN      NS      e.gtld-servers.net.
> net.                    172800  IN      NS      m.gtld-servers.net.
> net.                    172800  IN      NS      c.gtld-servers.net.
> net.                    172800  IN      NS      k.gtld-servers.net.
> net.                    172800  IN      NS      g.gtld-servers.net.
> net.                    172800  IN      NS      j.gtld-servers.net.
> net.                    172800  IN      NS      b.gtld-servers.net.
> net.                    172800  IN      NS      d.gtld-servers.net.
> net.                    172800  IN      NS      f.gtld-servers.net.
> net.                    172800  IN      NS      i.gtld-servers.net.
> net.                    172800  IN      NS      l.gtld-servers.net.
> net.                    172800  IN      NS      a.gtld-servers.net.
> ;; Received 507 bytes from 192.33.4.12#53(c.root-servers.net) in 46 ms
> 
> theglobaljournal.net.  172800  IN      NS      a.dns.gandi.net.
> theglobaljournal.net.  172800  IN      NS      b.dns.gandi.net.
> theglobaljournal.net.  172800  IN      NS      c.dns.gandi.net.
> ;; Received 228 bytes from 192.54.112.30#53(h.gtld-servers.net) in 122 ms
> 
> theglobaljournal.net.  600    IN      MX      10 spool.mail.gandi.net.
> theglobaljournal.net.  600    IN      MX      50 fb.mail.gandi.net.
> theglobaljournal.net.  10800  IN      NS      c.dns.gandi.net.
> theglobaljournal.net.  10800  IN      NS      b.dns.gandi.net.
> theglobaljournal.net.  10800  IN      NS      a.dns.gandi.net.
> ;; Received 142 bytes from 173.246.98.1#53(a.dns.gandi.net) in 39 ms
> 
> 
> >
> > That chinese proposal is not a technical one - it is a smokescreen for a
> > political move.
> 
> Censorship seems to be the motivation.
> 
> 
> 
> 
> Any civil society that actually winds up supporting it
> > finds itself endorsing a multilateral model where civil society, industry or
> > other non government stakeholders are shut off from decision making.
> >
> > If that is your intent, then please do say so in slightly clearer terms than
> > you have so far.
> 
> 
> 
> If you are looking for a chinese proposal to scale the root, the one
> described here seems to be less offensive to CS sensibilities:
> 
> http://www.circleid.com/posts/20141107_secure_unowned_hierarchical_anycast_root_name_service_and_apologia/ <http://www.circleid.com/posts/20141107_secure_unowned_hierarchical_anycast_root_name_service_and_apologia/>
> 
> 
> 
> -- 
> Cheers,
> 
> McTim
> "A name indicates what we seek. An address indicates where it is. A
> route indicates how we get there."  Jon Postel
> 
> 
> 
> ____________________________________________________________
> You received this message as a subscriber on the list:
>     governance at lists.igcaucus.org <mailto:governance at lists.igcaucus.org>
> To be removed from the list, visit:
>     http://www.igcaucus.org/unsubscribing <http://www.igcaucus.org/unsubscribing>
> 
> For all other list information and functions, see:
>     http://lists.igcaucus.org/info/governance <http://lists.igcaucus.org/info/governance>
> To edit your profile and to find the IGC's charter, see:
>     http://www.igcaucus.org/ <http://www.igcaucus.org/>
> 
> Translate this email: http://translate.google.com/translate_t <http://translate.google.com/translate_t>
> 
> 
> ____________________________________________________________
> You received this message as a subscriber on the list:
>     governance at lists.igcaucus.org
> To be removed from the list, visit:
>     http://www.igcaucus.org/unsubscribing
> 
> For all other list information and functions, see:
>     http://lists.igcaucus.org/info/governance
> To edit your profile and to find the IGC's charter, see:
>     http://www.igcaucus.org/
> 
> Translate this email: http://translate.google.com/translate_t

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.igcaucus.org/pipermail/governance/attachments/20150623/4698a7d2/attachment.htm>
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t


More information about the Governance mailing list