Re: Montevideo statement

Phillip Hallam-Baker <hallam@gmail.com> Tue, 08 October 2013 13:19 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A12A21E8162 for <ietf@ietfa.amsl.com>; Tue, 8 Oct 2013 06:19:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DHPXp1EZij37 for <ietf@ietfa.amsl.com>; Tue, 8 Oct 2013 06:19:51 -0700 (PDT)
Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 7960021E808A for <ietf@ietf.org>; Tue, 8 Oct 2013 06:19:36 -0700 (PDT)
Received: by mail-la0-f45.google.com with SMTP id eh20so6782464lab.4 for <ietf@ietf.org>; Tue, 08 Oct 2013 06:19:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=kVtoxFYNIjtaSzYPpjDubATw1BBQoWC5/jDX7A9ZdxU=; b=xuJ3ucEdU5pD+fVIBwxf9IRHTsPDQxO4eCw372JVb35f6XD/R9HsshPpOnBYx9d6oS fPfQ6I/bB0vjzgBpiMEb6vgJCVhH1IWpyy8p24NVDVYHjcdTc6bAXpREM3idcl5oR7Gu b6HX4snM3B46YazWvfehSi6RGVSUfFFyv4AU4XiTbs8SA/9BInm1lmQCxuo54DKbHZi+ 5Vevn9Tj96CzWQrHU4A0EiNcrKthfwvkS/Yd4xmrok8HjoSz+AkM/4EPHz1ngH3JpOR3 X26K/+juPFvgTQ0N394e8Y2kfbBAUHGeK4FDapf0sdBfzZ+JZORwVMbD5LDEcIv56S2q 5uqQ==
MIME-Version: 1.0
X-Received: by 10.152.203.233 with SMTP id kt9mr1309210lac.29.1381238375263; Tue, 08 Oct 2013 06:19:35 -0700 (PDT)
Received: by 10.112.148.165 with HTTP; Tue, 8 Oct 2013 06:19:35 -0700 (PDT)
In-Reply-To: <10B2223B-CDCA-491A-BC53-45FD7E54A16E@isi.edu>
References: <ABCF1EB7-3437-4EC3-B0A8-0EDB2EDEA538@ietf.org> <20131007225129.GA572@laperouse.bortzmeyer.org> <4B3BF00B-0916-4EED-A73C-A0EB8B2A78FD@piuha.net> <CAMm+LwjqEX8XUM2RcLWGS0ZR8Ax=wHJjQhnSAoYbntWVeqNgAA@mail.gmail.com> <10B2223B-CDCA-491A-BC53-45FD7E54A16E@isi.edu>
Date: Tue, 08 Oct 2013 09:19:35 -0400
Message-ID: <CAMm+LwhA58HBpkk_+n+JbR=MvrdCZ_AjYEw2rOgLewAjZ2fd8w@mail.gmail.com>
Subject: Re: Montevideo statement
From: Phillip Hallam-Baker <hallam@gmail.com>
To: manning bill <bmanning@isi.edu>
Content-Type: multipart/alternative; boundary="001a11345984b533ce04e83a9e61"
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2013 13:19:52 -0000

On Tue, Oct 8, 2013 at 8:53 AM, manning bill <bmanning@isi.edu> wrote:

> >
> >
> > I think the US executive branch would be better rid of the control
> before the vandals work out how to use it for mischief. But better would be
> to ensure that no such leverage exists. There is no reason for the apex of
> the DNS to be a single root, it could be signed by a quorum of signers (in
> addition to the key splitting which I am fully familiar with). And every
> government should be assigned a sovereign reserve of IPv6 addresses to
> prevent a scarcity being used as leverage.
> >
> > --
> > Website: http://hallambaker.com/
>
>         Quorum signing with split keys  was already built and tested in a
> root server operator testbed (the OTDR testbed) from 1998-2005.  It was
> considered more fragile than the current system.
>

Considered more fragile by whom?

By the members of the $250m/yr NSA mole program?


Very few people in DNS land recognize the class of attack as being
realistic. Even when they have prime ministers and members of the GRU
visiting them to tell them how important the issue is to their country.

We already have one example of lobbyists attempting this type of attack
(see Martin's post). So it is far from unrealistic.


At present ICANN's power over the DNS is entirely discretionary. Attempting
to drop Palestine out of the routing tables would simply be the end of the
ICANN root zone. ICANN could continue to manage .com but their influence
over the rest of the system would end completely.

But DNSSEC changes the balance of power. With the root signed and embedded
infrastructure verifying DNSSEC trust chains, the cost of a switchover
rises remarkably. And when I tried to mention the fact I tended to get
nasty threats.

The third question of power is 'how do we get rid of you'. The answer in
the case of DNSSEC is that you can't.


Fortunately the issue is quite easily fixed, just as the problem of using
IPv6 or BGP allocations for leverage is fixable. Governments don't need to
wait on ICANN or the IETF to develop a quorum signing model for the DNS
apex, they could and should institute one themselves and tell their
infrastructure providers to chain to the quorum roots rather than the
monolithic apex root.


-- 
Website: http://hallambaker.com/