ICANN/DNSO
DNSO Mailling lists archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

RE: [ga] DNSO ICANN board member


Roberto,

> >"An Alternative Root is a DNS root zone containing both ICANN
> >administered Top Level Domains and additional non-ICANN
> >administered Top Level Domains."
> >
> >Dave has the concept right. But, in order for the DNS root not
> >to fragment, the ICANN root has to act as the baseline as that
> >is the lowest common denominator. You mileage may vary with
> >time.
>
>How would you call a root that does not use the ICANN root as baseline?

I'd call it a "Private Root" since it does not reflect the publicly 
viewable internet name space (anything less than the ICANN baseline is a 
private name space). It would not be an "Alternative Root" (alt.root) to 
the "IANA/ICANN root" in the publicaly-viewable sense.

>(BTW, I assume that you cannot make sure that an alternate root does not
>  point to different name servers for the TLDs that are also in ICANN's
>root)

While it's possible, what incentive is there at the end user level to use a 
zone missing any TLDs? Maybe an organization can set it's DNS servers up to 
boycott a ccTLD (think about protesting .ZA during Apartheid), but it's 
localized to those organizations end users, and can easily be circumvented 
by anyone knowledgeable.

Thinking about it some more, there's an inherent trust given to all DNS 
server operators by the end users served. There's nothing stopping the glue 
records for any domain name or TLD from being changed on any server 
anywhere on the planet. You can do this at any level - it is not restricted 
to root servers.

We all saw what John Postel and Paul Vixie (at John Gilmore's prompting) 
did a couple of years ago in splitting the root servers up into US 
Gov-controlled and non-USG-controlled groups by changing the 
non-USG-controlled root servers to pull their root zone from an IANA server 
instead of a.root. What they actually did was attempt to create an alt.root 
out of the non-USG-controlled root servers. Had no-one noticed the change 
of root authority then the 7 CORE TLDs would have been added to half the 
root servers and the root would have been fragmented from that point on. As 
a POC member you were supposed to oversee and prevent this from happening. 
Instead the USG intervened.



Best Regards,

Simon

--
I hope you're taking good notes. 'Coz history will be reported differently.

--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>