[icann-eu] Re: [icann-europe] Good Old Entropy

[Jefsey Morfin <jefsey@wanadoo.fr>]

Dear Griffini,
I certainly share your point of view about the alt.root, but probably not 
about what is the alt.root. If you think yourself a pure technician, I 
would like you to be a real pure one, i.e. forgetting all the politics 
introduced by the IAB, etc...

What is the case? Internet is a consensus by communicating owners to use 
the TCP/IP protocol set under an addressing plan (IP addresses plus CNAMEs) 
simplified by the use of an aliasing system with an easy to memorize 
semantic. Do you object to that? I guess not.

Now who is the boss? In a consensus everyone is the boss: people vote a 
consensus with their feet. I am the boss on my machine. I decide the 
protocol, I decide who to call, I decide what I say, I decide who I filter 
out/in, etc... and I decide about my name and what it means in terms of 
aliasing - ie which IP, which CNAME will be reached. Do you object to that? 
I guess not.

The naming service asked for a more sophisticated support than Host.txt and 
respecting my free naming decision rights. This system has not only been 
devised, but it works and seem to be able to cope with many new 
development. It is a hierarchical database distributed on basically three 
layers instead of being on a single computer root-server, zone-server, 
name-server.

Why distributed? Only for one and single reason: to respect my authority on 
my name.

I have headed the International operations of Tymnet in the 80s. We 
interfaced Italcable as well as KDD, MCI, TeleGlobe, BT, Telefonica and 
France Telecom, etc... We had a DNS like system: the Supervisor, it would 
have had no problem in supporting billions of DNs. But we did not allow the 
users to modify the Network routing information so we could for many good 
reasons (robustness, security, speed, network organization, accounting, 
cost, etc... ) have it virtually centralized (several distributed machines 
for the generation to come when I left) and mirrored on four to six real 
time systems polling each others and taking over in a few minutes in case 
of failure of the current master. Very impressive. Such a system was far 
better than the DNS .... but it did not permitted ME, the user, to decide 
about my naming privileges and to change it.

Now, how does any hierarchical database work? It is a tree with a root. By 
nature such a root permits to access everything in the database. We are 
technical here, not religious. So it means that if I want to have the name 
bush.clinton.core I should be able to put it the base. And the DNS is 
perfectly doing its job: I can do it and associate it with 
jefsey.bush.clinton.gore and griffini.bush.clinton.gore.

Now what are the problems we purely technically face:

1) the database is by nature inclusive (includes everything in it). But it 
just reports real life and real life is not perfect. In real life people do 
mistakes or have conflicts. When they enter them in the database, the 
database accepts them - its job - but the programs using the database may 
fail. This prevents me to trust the database: I need to check its data. I 
can do it myself, or I can trust someone to do it for me. The person or the 
group of persons I trust becomes - in my opinion - "authoritative" (this is 
the meaning of the word: its knowledge makes authority, not to be confused 
with my authority on my machine. The only authority on the net is mine, the 
one of the users).

How do you become authoritative on a matter: in learning, working and 
clearing conflicts. It means that an authoritative version of the DNS has 
filtered out conflicts for me. So it is absurd to say in real world there 
is a single authoritative root. There is a single root. There are several 
possible authoritative versions of it. This is true for zone files and 
local files as well. As you may recall the DNS is recursive: this concept 
is fully supported in the Bind 9 views (you may decide to see only a 
portion of the name space or have it different).  A "single authoritative 
root" is possible only on an empty system or in a divine system, not in an 
human system.

2) the second problem we face is the desire of powers of some people or 
their love for money. The DNS is important for them as they have understood 
that in controlling by fashion, intellectual terrorism, mis-education, law, 
etc... the nodes of the DNS tree they could control the system. The 
Directory issue you talk about.

Obviously the most interesting one is the initial node: the root level. For 
historical reasons the USCANN received initially most of it and decided to 
believe it was their property. It could have worked should have them said 
"we own the inclusive root. Everyone welcome: here are the Root and TLD 
Best Practices, let go".

There would be no problem today as there will be no problem when we will 
have forgotten about them. But, Mike Roberts decided he wanted to make some 
small money out of it and to protect the bigger VeriSign money (he wanted 
actually protect the network stability, but did not see that he imperiled 
it) . He preferred to set-up the USG Root as an alternative to the 
inclusive root in being authoritative only on the zones the TLD Manager had 
contracted with him according to a TLD e-legal model of Louis Touton 
devised. In doing so he purposedly blocked innovation and business 
development to the exclusive advantage of VeriSign. RT/BP have been written 
by us and will develop in parallel until they take over.

The next interesting node is the TLD level. Protected by the USCANN and the 
TLD "owners" (they call themselves the business owner" while Jon Postel 
clearly spelled out it is a service to the people who chose that TLD label 
to differentiate heir name). And you see them carnying a rewading business 
over a non existing good such as the DN in cooperation with the money added 
value brought by TM people and UDRP.

But the most interesting node is the user level as it is the User Level and 
from there you can bypass the orthes. Don't ask yourself why the default 
root address is not an a Windows init file. Do you think that a 
c:\windows\dns.ini file would not have been simpler to implement?


In such an environment, the is today a single alternative roots (plural), 
there are several authoritative roots trying to be as much as possible 
inclusive/or value added and discriminating among potentially colliding 
TLDs on clear TLD recognition criteria.

The alternative discriminative root is by the USCANN which is the only Root 
Administrator with Name.Space to refuse to enter into a technical dialog 
over a common effort to make the root more inclusive and to bring added 
value to the users they serve.

I do hope that the jeopartization of the DNS will cease soon. As apure 
technician you know that this is just to copy my root file into the USCANN 
controlled machines. It would take three minutes and would certainly not 
change anything to any user, except to make them free and fully 
authoritative again.

Jefsey



On 01:09 07/07/01, Griffini Giorgio said:
>Hi all,
>The discussion which is currently being held about ICANN / DOC / ALT
>ROOTS   changes nothing about dynamics on how we (the 'pure'
>technicians, with many excuses to real technicians)  always would like to
>have the DNS problem solved (which is not the alt roots way).
>Would anyone like to be unable to reach anyone ? Or in other words... how
>many people would like being limited to see and reach just a limited (with
>limits as big as you like) subset of the whole ?
>The jeopardization of pseudo-root servers will simply and finally give way to
>the 'directory' era and this will finally close the technical abuse of DNS 
>when
>used to reach the goal of 'visibility (in the marketing sense of the word) on
>the net'.
>Probably would be better to migrate in a more coordinate and planned way in
>order to not disrupt or confuse who use / will use the Internet in the 
>next near
>future... but such delicate option will sound like to try to mix a glass 
>of cool
>water into a glass of hot water and desire that temperature simply drop
>instantly into each cubic inch of the resulting 'bowl'...
>Ah... entropy... good old entropy...
>
>BTW, the next battle will be on who will control 'directories'  so the toy 
>for
>political/commercial plays will remain ... but almost, technically speaking,
>we'll get a result... the heavvy and hard way... probably...
>
>Sorry for the emphasis...
>
>Best regards
>Giorgio Griffini
>
>
>--
>To unsubscribe, e-mail: icann-europe-unsubscribe@lists.fitug.de
>For additional commands, e-mail: icann-europe-help@lists.fitug.de