Re: [atlarge-discuss] HOWTO send a message to ICANN

[david@aminal.com]

On Thu, Feb 13, 2003 at 11:16:56AM -0500, Joe Baptista wrote:
> 
> check nanog presentation - page 31
> 
> http://www.caida.org/outreach/presentations/2002/nanog0210/
> 

I'm familiar with the data.

> or read my story which translates it into the non-technical john and jane
> bit.
> 
> > > The problem I see with this method of protest, Joe, is that we
> > > Internet users want the Internet to be stable, reliable and
> > > accessible to everyone. If we 1,000 took your advice and not
> > > only used that URL ourselves but encouraged all our friends and
> > > relations to do so, we'd be causing a "technical disaster" with
> > > an effect opposite to what we want.
> >
> > No technical disaster, people who use these systems simply bypass
> > ICANN controlled infrastructure.
> 
> but what about those who have not bypassed - the majority.  what about
> those clicks.  every click is a question to the isp dns resolvers which
> gets in turn passed on to the roots which return an NXDOMAIN.  granted
> this only happens once within any nameserver cycle - but it's enough to
> swamp the results on the usg root servers - where 3,000 hits is
> respectable for a tld.
> 

Crappy implemenations and mis-configured systems result in bad queries
traveling through the system - as well as someone typing .con instead of
.com into their browser address bar by mistake. I don't think this is in
dispute.

What was suprising was the ratio of junk to legitimate queries.  


> > > There is also no guarantee that the official response to the
> > > disaster would be anything other than lumping us in with the vandals
> > > and terrorists: that is, finding ways to arrest and prosecute us for
> > > malicious attacks on the Internet. And somehow I doubt that this
> > > kind of "voting" would count with the technical community as
> > > anything but another problem.
> >
> > Again, I am very curious as to how you got the impression that not
> > using the ICANN domain name system infrastructure could be considered
> > vandalism or a malicious attack on the Internet.
> 
> i dont think it's in any way malicious.  it will simply be noticed at the
> usg root level.  incidentally - paul and i - paul vixie who provided the
> stats were arguing over - i hope you have looked them up by now - is
> refusing to provide any supporting evidence.  he's just told caida in
> private email that they are banned from providing or making any of their
> data public.
> 
> apparently paul is claiming privacy etc and a commercial interest in the
> data itself.  i agree with him - it's valuable data.

Other than to satisfy curiousity, I don't think it is important for root
server operators to analyze the junk, what's important is to efficiently
discard it.

Given that focus, I don't think even a deliberate effort to flood the
root servers with bogus queries would be noticed, it simply wouldn't
stand out from the rest of the 'noise'. 

Now that the F root server is being 'cloned' using anycast technologies,
even the denial of service attacks that *do get the root server operators
attention will be less effective.


Cheers -

David Schutt



> 
> > > I'd like to see this group start by articulating exactly
> > > what is wrong with the U.S./ICANN model for administration and
> > > governance of the Internet and lobbying against the "crony
> > > capitalism" as well as for improvements in both the technical
> > > underpinnings and the inclusion of Internet users in a more
> > > transparent and democratic process. I think we would need to
> > > do that in layman's language, so that all of our members and
> > > all of the technically-unadept politicians could understand
> > > what we're talking about.
> > >
> >
> > The domain name system is not as mysterious or complex as you
> > might think.
> 
> i don't think that - it's very simple.  the stupidity is in those who even
> still bother to support icann.
> 
> > I agree that it is important to make the concepts accessible to
> > laypeople, and I'd like to help to do that.
> >
> > Please feel free to contact me (privately might be best for now),
> > and I'll do my best to explain the hows and whys of the DNS.
> >
> > If I'm succesfull, perhaps we can distill the results into
> > something that will be usefull for the whole group.
> 
> your always welcomed to call after 6:30 pm est - 705-872-1310 and we can
> chat.
> 
> but read my stuff first and examine page 31 of the caida report to nanog.
> 
> that basically answers all your questions where i derived the methodology.
> which is basically based on faith the data from caida is real.  i do have
> faith thats the case i just suspect they hide it because it show real
> damage and is the best argument that the usg root can't ignore inclusive
> namespace without suffering damage in return.
> 
> 
> cheers
> joe
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de