An update on my previous message and reply to Adam: It seems the Autonomica-controlled instance of the root in China was serving the IANA zone untouched, but that the reply packets were altered along the way, most probably by the Great Firewall of China. This should not have leaked outside the country, but somehow did anyway. Hence, the root operator is not at fault here. On Mon, 29 Mar 2010 12:56:03 +0900, Adam Peake <ajp@glocom.ac.jp> wrote:
ICANN "Coordinates the operation and evolution of the DNS root name server system". To my mind any contractual framework along the lines of registry agreements would be a large bit of mission creep.
Why should the agreement be with ICANN rather than between the root server operators themselves to operate under/meet certain standards and criteria? The ICANN community should have a role in advising on any such framework, but I don't think ICANN should run it. The root operators are presented as independent entities and that's been an important part of the global governance discussion.
I am well aware that the independence of the rootops has long been presented as a guarantee that they can resist to pressure to censor the root zone. However, I still question the real independence they have, given 3 are direct USG agencies (NASA, 2 US Army sites) and 4 have contracts with, or are partially funded by USG money (VeriSign, ICANN, UMD, USC-ISI).Add to that the IANA contract (USG/ICANN) and the root zone Managemnt contract (USG/VRSGN). IMHO, there is quite some hypocrisy in this so-called independence. I do not see how a framework between equals is going to work. Who will decide when to terminate a root zone operator in case of misbehaviour or underperformance ? Who will select a replacement operator ? Who will enforce Service Level Agreements on these operators ? On a practical matter: say I am a large company and my e-commerce web site's domain name did not resolve for several minutes because of the unavailability of root zone. Who should I take to court ? The rootops could say they provide a free service on a best effort basis. That was fine as long as the Internet was an academic network. Now that it can make or break a business, I don't think "best effort" is good enough.
After all, the Internet users deserve the same level of service from the root that they get from gTLD operators. I am not saying that the rootops have done a bad job. Quite the contrary. They have done an outstanding volunteer job. However, there should be a mechanism to replace a root operator that fails for whatever reason.
Yes, but should (could) ICANN take on that role? Would we trust it?
Right now, for lack of a better forum, ICANN seems to be the only place to address that. Patrick