ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] Registries & Security Safeguards


Danny Younger wrote:

"An expert report released today concluded that in proposals for the
.com, .biz, .info and .org registries, the Internet Corporation for
Assigned Names and Numbers (ICANN) has failed to ensure adequate
security safeguards."

On my very first day on the ICANN board in late 2000 I proposed that ICANN establish a fairly simple early-warning monitoring system to check that DNS queries were being properly transformed into accurate responses. (There was even a possibility of hosting this relatively simple and lightweight system on Keynote's world wide array of measurement servers.)


But did ICANN care whether DNS actually worked?

No.

Even today detection and reporting of DNS failures tends to be anecdotal, often via queries on Nanog. That's a sorry state of affairs as ICANN's budget ranges into the tens of millions of dollars and its staff numbers start to resemble that of the ITU.

Much of what this report recommends is pretty straightforward stuff that TLDs probably do already. And the recent IANA query about what ought they to do to validate that a TLD has a viable array of servers also covers some of the same ground.

There is still the threshold question whether ICANN even ought to be a consumer protection agency at all? In other words, except for caretaker TLDs like .net/.org/.com/.edu why should ICANN intercede if a TLD business shoots itself in the foot?

		--karl--



<<< Chronological Index >>>    <<< Thread Index >>>