ICANN/DNSO
DNSO Mailling lists archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] We can't be against it?


Marilyn and all assembly members,

  Agreed here Marilyn!  Well done.  As I and many other mentioned
some 10 months ago, escrow is only one of several DNS security issues
and concerns that were discussed and put forward.  Yet it seems at the time
should you care to re-check the relative archives, that the than comprised
ICANN BOD and staff, most especially Mike Roberts, did not seem
to be overly concerned about most of those issues.  Suddenly following
the Sept.11th terrorist attack they have become more important to
Mr. Roberts (No pun intended).  SOme of the issues than discussed,
and recommendations made are the following:

  1.) Implementation or DNSSEC for all Root server's
  2.) Backup and recovery procedures for Root servers.
  3.) IPSEC implementation
  4.) Registry RRP database security ( note: this is in a deplorable state)
  5.) SRS data escrow and Dbase security implemented.

Cade,Marilyn S - LGA wrote:

> sorry, I think you  missed the mention of "security" in my post.  Data
> escrow is only a part of the issues needing priority attention in ensuring
> stability, security, and integrity in threat situations.
>
> Marilyn
> -----Original Message-----
> From: Jefsey Morfin [mailto:jefsey@wanadoo.fr]
> Sent: Saturday, September 29, 2001 6:13 AM
> To: ga@dnso.org
> Subject: RE: [ga] We can't be against it?
>
> On 03:12 29/09/01, Cade,Marilyn S - LGA said:
> >hmm, so some don't consider business registrants/others
> >a constituency?  We think we are represented by one of the ICANN DNSO
> >constituencies. And the non commercial registrants are engaged through the
> >N-C Constituency.
> >
> >...and that security and data escrow are a priority, and should become even
> >more so.
>
> Sure, domain name protection is of the essence.
>
> But is the escrow of bugged systems and tables the only system to protect
> us. I doubt it. Let be clear: would NSI be blown up, burnt or flooded, what
> would you make with the 24,000,000 DN data they have or not in a vault? You
> would need their system to be rebuilt in the same way, in the very hour.
> - millions of DN on hold? It would be worst that starting it anew? It would
> be thousands USRPs...
> - do you know that to register a name server IP you have to send a fax
> (anyone can fake) and wait for a week? Rebuilding the NSI Sytem would asj
> for months. As Roberto explained it, it would never happen as NSI or the
> world would have gone down before.
>
> The best escrow is a title you can hold and show and a smart card you can
> use on every registry system. May be large businesses with legal staff and
> business enough may accept other solutions. May be individual or NonCom may
> accept temporary patches or loss of access. SMEs cannot: our live depends
> more an more on a tiny something undefined, not protected, not... this not
> ... that, costing $9. Makes the life of our entreprises worth less than a
> pizza. This is not serious.
>
> Jefsey
>
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 118k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number:  972-447-1800 x1894 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>