Re: [arch-d] Centralization or diversity

Stephane Bortzmeyer <> Mon, 23 December 2019 08:09 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 865B2120074 for <>; Mon, 23 Dec 2019 00:09:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.648
X-Spam-Status: No, score=-1.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4usDioQrVgiq for <>; Mon, 23 Dec 2019 00:09:31 -0800 (PST)
Received: from ( [IPv6:2001:4b98:dc0:41:216:3eff:fe27:3d3f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3ADE212004A for <>; Mon, 23 Dec 2019 00:09:31 -0800 (PST)
Received: by (Postfix, from userid 10) id D3537A029B; Mon, 23 Dec 2019 09:09:28 +0100 (CET)
Received: by godin (Postfix, from userid 1000) id AA571EC0B1A; Mon, 23 Dec 2019 09:07:46 +0100 (CET)
Date: Mon, 23 Dec 2019 09:07:46 +0100
From: Stephane Bortzmeyer <>
To: Martin Thomson <>
Cc:, Jari Arkko <>
Message-ID: <>
References: <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
X-Transport: UUCP rules
X-Operating-System: Ubuntu 18.04 (bionic)
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <>
Subject: Re: [arch-d] Centralization or diversity
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 23 Dec 2019 08:09:32 -0000

On Wed, Nov 06, 2019 at 09:58:08AM +1100,
 Martin Thomson <> wrote 
 a message of 25 lines which said:

> But my experience with centralized services is that they aren't
> centralized in the fault tolerance sense.  If I look at the big
> services, that scale is only achieved with careful distributed
> systems design.

I disagree. These systems are generally very homogeneous (software
and, of course, human management) so they still have SPOF. An example

Centralized management is good for the administrators (less work and
better results) but may be dangerous for robustness. (That's why I
don't like the whole idea of SDN.)

> This draft really wants to say something less negative: that it values diversity on multiple axes.  The draft covers:
> * fault domains geopolitical organizational
> To which I might add:
> * geographic
> * implementation
> * infrastructure (power, network, hardware)

And software! Many DNS zones, for instance, can be completely taken
down, if there is a 0-day vulnerability allowing to DoS all servers,
which are of the same make and version.

> Finally, I don't like the emphasis on DNS in this document.  It only
> serves to sensationalize.

Well, I disagree with the analysis of the draft (centralization to a
few public resolvers have nothing to do with DoH, it existed before)
but the problem is real. Unfortunately, we don't lack examples of