[discuss] Real world Impact of multiple roots
mg at telepresse.com
Mon Jan 27 22:41:18 UTC 2014
At 07:55 27/01/2014, Ben fuller wrote:
>Does anyone out there know of studies on the economic impact that
>having two or more root zones. I've been wondering what might happen
>to Namibia where we have mining, tourism, financial and fishing
>sectors all of which are very important to our economy if the
>country were to switch over to another Internet with another route.
>When I think about it I can only come up with very bad scenarios and
>it would be nice to see if I am missing something.
>Also, what are the mechanics of switching to another root? I'm
>thinking of questions like; How do you program routers? Can undersea
>cables carry both types of traffic? Could BIND handle two roots? Etc.
The most authoritative analysis and conclusions in this controverted
area is certainly the ICANN ICP-3 document. This Internet
Coordination Policy is the statement of the ICANN positions and
policy currently followed in administering the authoritative root of
the Domain Name System.
This document promotes testing, lists the constraints of such a
testing (operational and technical), and openly considers the
possibility of an Internet with several authoritative roots.
It clarifies that the internet already counts a very large number of
private root files. This document does not however underlines two
points that are obvious to experts but that the public often confuses:
- "DNS" has many meanings: as a system, a service, a syntax, a
protocol, an industry, etc
- the notion of "root file" and of "top zone data". Data belong to
history and ISO 3166, the file is owned by the NTIA. The same the
root servers system is a voluntary cooperation. The sponsoring by the
USA and other Govs can be completed/replaced by everyone.
Technically the only problem several *root files* might create is in
using different data. This would result in a pollution of the name
servers' buffers that might degenerate in a global DNS denial.
What one should remember is that several root server systems would
first mean a loss of data for the NSA, since root servers logs would
be scattered among several systems. Correlation of the root servers
log dig data is a source of rel time information on the world's and
different national's lifes.
Without a the use of a single file, the top zone data could not be
tempered with by the USA when they decide to block a site in the root.
The best way to protect oneself against the DNS risks and control,
and loss of privacy, is to maintain its own root file. Various
technical and social issues plead in favor of such a practice (in
particular response time, protection against advertizing, etc.).
Standard DNS tool can be used, but there is no very easy/advertaized
Bind installation tool. This is not really complex:
The development of an open source Personal DNS Master with a Windows
version, would most probably totally change the picture of the
so-called "IG". The difficulty in this development is the lack of a
precise, compact and exhaustive documentation of the DNS by the IETF
over 30 years.
I understand such a system is planned as part of the InterPLUS
project.and that several works have been engaged in that direction
with the priority to support IDNA2008. The US WCIT attitude was
against a politically coordinated development of such efforts. It is
likely that an open-code effort should be more productive.
More information about the discuss