Re: [Privsec-discuss] [Iana-strategy] [Stackevo] Consolidation

Andrew Sullivan <ajs@anvilwalrusden.com> Tue, 03 October 2017 16:16 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: privsec-discuss@ietfa.amsl.com
Delivered-To: privsec-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0B5F134F12; Tue, 3 Oct 2017 09:16:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.5
X-Spam-Level:
X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=dR7J/KhM; dkim=pass (1024-bit key) header.d=yitter.info header.b=Ph+5L72P
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q1w_Rf5nbh8H; Tue, 3 Oct 2017 09:16:49 -0700 (PDT)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47FB5134F01; Tue, 3 Oct 2017 09:16:47 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id CC315BEDAD; Tue, 3 Oct 2017 16:16:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1507047376; bh=VlLsBSDZ36iKfQWKjJLpT8D3gRoeAb6Tw5OrsJIa1nM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=dR7J/KhM/SiGXPwK4gaD16H1skHL2JKqtBOM6ubq1wlGfBOyN0fiqj7vwnag7pz1V JANAaAHQs0eVSrnLwnFhlvUE7C59j4Ks5/P6dm/ZtMPLz/lyR5V8lwqBo+JiV7m2A0 anCa5Fo0SVP7QlvgyAp0yE4YYgvq4yKVS+P9K0Xw=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g9OudqrJyRAB; Tue, 3 Oct 2017 16:16:14 +0000 (UTC)
Date: Tue, 3 Oct 2017 12:16:11 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1507047374; bh=VlLsBSDZ36iKfQWKjJLpT8D3gRoeAb6Tw5OrsJIa1nM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Ph+5L72PG7HCe3Wcw7B6sYl6DN+QaQ1RFIcrs0nVL1VBfkercDHQxIjDyiyO8B5uI MsM8NrQ4rOYPzZ8MbY0ko4h4LDI5dUiTO1aTMQKqDDnKv/YJHaCBhU31AmAfcvhSae jalrgAZuZXKSxRcZKBxbXWsPi61va2yB0jMLI5Ps=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: Aaron Falk <aaron.falk@gmail.com>
Cc: Jari Arkko <jari.arkko@piuha.net>, Stackevo <stackevo@iab.org>, privsec-discuss@iab.org, tech-plenary@iab.org, IAB <iab@iab.org>, IANA Strategy <iana-strategy@iab.org>
Message-ID: <20171003161610.3omoq6zdpcdcr45f@mx4.yitter.info>
References: <3F737F0E-9834-4469-9DB6-5EE392E96C2C@piuha.net> <C520880D-668F-4D46-BF46-0796D60877F1@piuha.net> <B43AB5A3-481E-4936-850A-530445656D34@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <B43AB5A3-481E-4936-850A-530445656D34@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/privsec-discuss/I-NwJpWP1hXVeSBI30lFQFa1dHg>
Subject: Re: [Privsec-discuss] [Iana-strategy] [Stackevo] Consolidation
X-BeenThere: privsec-discuss@iab.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Privacy and Security Discussion List <privsec-discuss.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/privsec-discuss>, <mailto:privsec-discuss-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privsec-discuss/>
List-Post: <mailto:privsec-discuss@iab.org>
List-Help: <mailto:privsec-discuss-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/privsec-discuss>, <mailto:privsec-discuss-request@iab.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Oct 2017 16:16:51 -0000

Not sure which list we're using for this discussion, but maybe it
should be on one list :)  Anyway,

On Mon, Oct 02, 2017 at 05:53:22PM -0400, Aaron Falk wrote:

> it would be to restore the major distributed systems services (e.g.,
> electrical, BGP, DNS) service if some major subset of the network was
> unexpectedly brought offline.

One of the things that was clear at least by October 2016 is that the
architectural assumptions for the DNS include distributed operation;
but actual DNS operations for large web properties at least are
concentrated in just a few providers.  The resilience story for the
Internet is accordingly quite a bit worse than it ought to be.

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com