ICANN's technical competence queried by Verisign report A review of the globe's DNS security, stability and resiliency by dot-com registry and root server operator Verisign has called into question the technical competence of domain name overseer ICANN. The 33-page document, seen by The Register and due to be published soon, comes just days after the news emerged that ICANN's staff …
In response, ICANN's CTO David Conrad told The Register his organization had struck a balance between fostering innovation and competition and maintaining the stability and security of the network.
There's that word again: innovation. Since when does "innovation" rank as something that is needed to balance with stability and security?
And Dave Conrad also said:
"And the approach we agreed upon was a reasonable compromise. There is always a risk any time you change things, but no one is arguing that we shouldn't be making those changes."
Actually, quite a lot of people have been arguing since 1998 that it was a mistake to create any new gTLDs at all (except those to support non-English characters, which are clearly of great importance to the language groups concerned).
Security through obscurity?
I thought Verizon was highlighting process and operational issues rather than fundamental security issues. The key exchange process works (based on it being in use for sometime), it's just a little fragile - I suspect because it relies on people rather than automated jobs.
As it was done for private IP address spaces - why nobody thought about reserved private TLDs - say .lan or the like? Some that would never be allowed on the Internet? Or they're now so greedy about the idea of selling new TLDs that reserving some could look like "lost business"?
Um, yes, people did think of it, which is why .local is a reserved name and why .home is on hold. But it's also a risky idea - if you're sitting in the back garden and unintentionally connected to your neighbour's WiFi, printer.local might be the wrong printer.
.localdomain was (yes *was*) a private domain for The Microsoft Network, just like .onion domain for the TOR network.
localhost is the name of the PC/tablet/phone/whetever you are currently working at. If you are using it as a TLD for your whole LAN or private network, please unplug your machine and let the Interenet recover.
.local is the network TLD for private use.
People at ICANN discovered there's a lot of money to be made.
People outside ICANN discovered there's a lot of money to be made. Those people then got themselves inside ICANN for purely self-interest reasons (no matter how they might have dressed it up) and proceeded to bring in various of their cronies and yes-men, instead of people with an interest in keeping things running smoothly and proper technical skills.
The result was that the ICANN we have now is not the ICANN of 1999
The world is right to be resisting ICANN taking over IANA even if the US Govt doesn't want to be responsible for oversight anymore.
The problem is the _other_ groups wanting to take on oversight are as bad or worse than ICANN and significantly worse than the status quo (IANA has stepped in a few times to stop ICANN. I can't see the ITU or UN or other groups doing that. They're all pushing their own distasteful agendas.)
Allowing ICANN to push out alternate gTLDs instead of leaving that to the alternate roots (in several cases rolling out alternate gTLDs that are already in use by alternate roots) has cemented their monopoly on DNS and allowed former board members to line their pockets (take a look which ones are now working for registries and in what roles) at the expense of the Internet as a whole organism.
Monoculture is a very bad thing. The Internet is designed to be robust in the face of failures but it's steadily converging on fragile dependence on a few major players in both routing and DNS.
"Monoculture is a very bad thing. The Internet is designed to be robust in the face of failures but it's steadily converging on fragile dependence on a few major players in both routing and DNS."
The problem is usurpation. Given any group of two or more with authority, there's always the chance of one of that group attempting to usurp. It's hard to guard against usurpation as it's an active agent that can develop ways around safeguards. Also, true altruism is rare as it tends to run against the human condition, so the odds of a usurper are at least passing fair, only increasing with the number of members.
I agree. We all do except people have to understand that internet is about stability and communication at several levels, not just about fancy product and services from top fortune companies. Fortune companies think they are changing the world (all of them do). However, without stability there will be chaos and people have to understand the world changed long time ago thanks to the stability of the internet.
"I think the internet will not allow douche-bags to control him."
As with SMTP, DNS is so ingrained in the way of doing things that we pretty much HAVE already sleptwalked into allowing a bunch of douchbags into getting control (Anyone interested should look at the rather colourful history of the last ICANN chair to get an idea of the kinds of people involved)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
