Re: [dnsext] does making names the same NEED protocol changes at all?

[Phillip Hallam-Baker <hallam@gmail.com>]

I suspect that the point of these requirements is precisely the fact that
they cannot be met within the current architecture.

I am seeing people rushing to change the security model of DNSSEC to support
this requirement, but I doubt that is going to be sufficient.

Let me be clear here, I do not believe that any contributor to this
discussion is acting improperly or following a hidden agenda. But I do
strongly suspect that the problem is intentionally put in such a manner as
to collectively yank our chain.

This is the bring me a rock school (no wrong one) school of management. And
the rock will continue to be the wrong one until such time as we propose
creating a hole in the infrastructure that serves the underlying agenda.


It seems rather surreal to be having a dialogue about how to make locating
Web sites easier when the parties behind the proposal are devoting vast
resources to make access to the 'wrong' sites as hard as possible.

The anual market for censorship equipment and technology is in the billions
of dollars and most of that technology is being made by companies whose
names are really well known in IETF.

Oddly enough, the companies that are involved in that particular market do
not attract a tenth of the scrutiny that CAs attract. I am not aware of any
CA having mis-issued except unintentionally or as a result of coercion. Yet
the sales of equipment designed for the purpose of enabling censorship are
made with full knowledge of their purpose.


Here is an idea, let us table this whole discussion until after we solve the
problem of how to make the Internet accessible without let or hindrance from
any point on the planet with minimal communications connectivity.

The proposal that I made at the start of this discussion for a 'Did you
Mean' record is easily sufficient to address legitimate usability concerns
in this respect. If we wanted to go further we could define a record that
specifies transliteration mappings within a domain.

But at the moment I am rather more interested in the prospects for running
NNTP over USB key and wifi enabled mobile devices as transport.


On Fri, Feb 25, 2011 at 9:30 AM, Andrew Sullivan <ajs@shinkuro.com> wrote:

> No hat, I think.
>
> On Fri, Feb 25, 2011 at 12:48:15PM +0000, Alex Bligh wrote:
>
> > per nation" requirement is long standing), and suggest the answer is
> "give
> > up the aliasing requirement or enforce it by contract with your TLDs".
>
> Two things:
>
> 1.  The issue before us is not merely a TLD or near-TLD one.  If we
> work as though it is, then we're not doing our jobs.
>
> 2.  Notwithstanding the above, there are some delegation relationships
> that are less fraught than others.  There are all sorts of prickly
> layer-9+ issues implicit in talking about a contract between a private
> US corporation and the sovereign power of foreign nations, and I think
> we maybe want to avoid exploring that warren.
>
> A
>
> --
> Andrew Sullivan
> ajs@shinkuro.com
> Shinkuro, Inc.
> _______________________________________________
> dnsext mailing list
> dnsext@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsext
>



-- 
Website: http://hallambaker.com/

_______________________________________________
dnsext mailing list
dnsext@ietf.org
https://www.ietf.org/mailman/listinfo/dnsext