ICANN/DNSO
DNSO Mailling lists archives

[ga-full]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] Cyberspace Security and the Root(s)


Allan and all assembly members,

Allan Liska wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: MD5
>
> Hello Jeff,
>
> Thursday, September 19, 2002, 9:28:23 PM, you wrote:
>
> JW>   They have.  Except that as stated above the huge difference is that
> JW> ICANN only wants one set of 13 root servers, and that is from
> JW> a security and functionality stand point dangerous and irresponsible...
>
> I know one should never argue with a troll, but it is painfully
> obvious that you have no concept of good network security practices,
> and I feel the need to point that out.

  I am afraid I do not understand you label of me and you compulsion
of name calling as relevant to making a good argument that could or should
be considered valid in the slightest way..

>
>
> The situation you describe would mean one of two things:
>
> 1. The multiple roots would have to pull their information from the
> primary root.

  Not correct necessarily.  However your scenario is one of several
that MIGHT be the situation depending on a number of factors.
The pull could be in both directions.  The shared databases could
also link similar but not exact zone files. These are just two of the
number of factors.

> Which is the same situation that exists now...so you
> are not providing any benefits.

  No, you are making a declaratory statement here that is not
a fact but based on fairly old technology, which has advanced
far an away now...  This is commonly called the "Old Party Line"
argument tactic that those with half a brain know better than to
accept on face value...

>  Remember, each of the current root
> nameservers is maintained by a separate organization -- and not
> controlled by ICANN.

  Now this is a problem to a degree given multiple or SROOTS
(Shared Roots) vs a single root structure.  This is why there ought
or needs to be a set of standards by which all registries must adhear to.
However, it is not necessary that ICANN rummage through each
and every zone file to accomplish good integrity as they seem to
wish to sell everyone.  In fact, such a practice if implemented will
lead to more security problems than it could ever hope to solve.
With ICANN's trust factor at a very low ebb and going lower,
such an approach will never be successful or viable...

>
>
> 2. Alternatively, each root would maintain a primary database of their
> own, which leads to the possibility that one set of root servers would
> have different information than the other set of root servers.  Which
> lowers the integrity of the information, and is, by definition,
> insecure.

  Just because two different databases supposedly containing the same
information or should be, does not necessarily mean that the security
is lessened.  If you really believe such a blanket statement as that
which you made, please explain in detail how or why that is so.
In fact it depends on what the information is, how it is organized to
a degree, and how aged both sets of data are.

>
>
> Also, consider that these alternate roots could possibly be maintained
> by people like yourself who obviously have no concept of the meaning
> of information security, therefore could be a massive security threat.

  ROFLMAO.  Well I see that again you revert back to a name calling
argument to support your position.  Bad idea.  Competitive root structures
data presently in their zones is more current than the USG/Legacy's is
or has been for sometime now.  That is a FACT.

>
>
> As an aside, my understanding of the purpose of this list is that it
> is a forum for domain name holders to voice their opinions on ICANN
> policy etc (I may be wrong about that, if so I apologize).  Since Jeff
> Williams does not have a domain name, should he be allowed to
> participate on this list?

  I have several Domain names...  Checkout Whois yourself..

>
>
> Just a thought
>
> allan
> - --
> Allan Liska
> allan@allan.org
> http://www.allan.org
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6
>
> iQCVAwUAPYpvtn+n87oa5a9VAQHDowP9G6BlHqwagikNQuaC5cmI46HmMrNqqCXh
> XYlNVY2b/gq8cmv5x2kdj2/ZExP00coHLQ4aRFLhIAL9MEQE6I/yW4knUgOV6/m0
> iWqzK8dDoagiSfqkE8xh6VJDUCqph+YAKrgdad9hCpVAcLVxtyOnTEtPOPyXnv6h
> KuR5kuzX364=
> =kGkZ
> -----END PGP SIGNATURE-----
>
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 127k members/stakeholders strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number: 214-244-4827 or 972-244-3801
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>