<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] ICANN's DNSSEC Proposal
- To: dannyyounger@xxxxxxxxx, At-Large Worldwide <at-large@xxxxxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [ga] ICANN's DNSSEC Proposal
- From: JFC Morfin <jefsey@xxxxxxxxxxxxxxxx>
- Date: Thu, 09 Oct 2008 12:16:41 +0200
At 02:45 09/10/2008, Danny Younger wrote:
In an article at wired.com a pointer is provided to ICANN's
unpublished DNSSEC proposal (and if you recall, the DOC put a gag
order on ICANN not to discuss this proposal)...
The pointer is
here:
http://blog.wired.com/27bstroke6/files/DRAFT-ICANN_DNSSEC_proposal_20080915.pdf
The wired.com article is
here: http://blog.wired.com/27bstroke6/2008/10/feds-take-step.html
The gag order is
here: http://www.icann.org/correspondence/baker-to-twomey-09sep08.pdf
Danny,
we had a discussion on the Euralo list about DNSSEC technopolitical
issues. If there is a chance to establish the necessary trust between
the DNS securisation system manager and the users:
1) this systems is to convince Internet lead users that is has more
technical pros than cons, the same for political issues.
2) ALAC, as its concerned representative, has the first role to play
on behalf of the user community.
jfc
Note: some @large recent debates show that several systems should be
deployed in parallel, at least for testing purposes (intertest).
- DNS (as it is today)
- DNSSEC
- DNSCurve
- IPv6 DNS
and that possibly the real interest of DNSSEC would be to use the DNS
as a bad but secured alternative for missing DDDS. IMHO network
security is the missing element and the need is for more work there
for secure presentation/session layers.
This belongs to the "Internet Plus" concept being under discussion
and the presentation location is under discussion with IETF and IAB
through my ongoing appeals and work through the ATLARGE structure I
had to revive due to the on-going attitude of Staff. PLUS stands for
"parallel layers users' systems", where there can be a diversity of
interoperable solutions being used at any layer (extended to
infrastructure and usage), the Legacy Internet solution being the
default, except for Internet missing layers. Presentation and session
layers may be implemented along various architectural approaches
(hopefully better than the user application layer). Please remember
that the ML-DNS (as introduced at the IETF WG-IDNABIS and IPPv6 as
discussed with the IPv6 TF and others) are part of this attempt to
consolidate a more efficient, stable and secure usage if the as is
old internet.
Please note that the WG-DNSEXT is the place where to get real serious
info on DNSSEC and WG-IDNABIS on IDNA. ICANNDNASSEC is the same kind
of technopoliticalegalogy as gTLDs. It only shows that when sales,
lawyers, and politics without the users make very poor buyers.
jfc
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|