On 11/4/16 5:48 PM, Evan Leibovitch
wrote:
Yeah, I know. TM lawyers, like most lawyers, are trained to live in
the past. Innovation is not something that is favored in the legal
profession.
It could be. It is done by our web browsers, often hundreds of
times a minute, when they track up certificate chains on HTTPS
websites and post those little colored security status symbols (or
complain of self-signed certs.)
Yes, walking chains of references is mind numbing, but it what web
browsers do all the time (as I mentioned, often hundreds of times a
minute for each separate user's web browser) and also what DNSSEC
user software can do within milliseconds.
End users, even newcomers, need not deal with this - except to
notice warning indicators. This stuff gets built into the software
of browsers and DNS resolvers.
Far too often that last step of checking is left out - it is a
weakness of DNSSEC that few users (or the code they use) actually
bother to take a look at the validity information that the DNSSEC
deployment makes available. That's not ICANN's problem; rather it
is an example of the old notion of bringing the camel to the water
but not being able to make it drink.
Over the stage at Royce Hall (UCLA) is this saying: "“Education is learning to use the tools which
the race has found indispensable."
We ought to recognize that in these modern days, public key
systems have become one of those tools that we have found to be
indispensable - and we ought to use those tools when they are
appropriate. And when others demand that we use weaker,
inadequate tools we should say "no".
IGO name protection is not a DNS issue; it ought to be far outside
ICANN's scope. To conclude otherwise is to make ICANN the protector
of all names, for everyone who expresses a desire for protection -
in other words the worldwide name cop. That's would be a massive
expansion of an already bloated scope.
--karl--