Patrick, There are issues raised by the author of this comment that can only reasonably be assessed by other competent engineers (and I am not an engineer), so I am not looking for an assessment as to whether this engineer is a troll or not, but to know if his comments are reasonable when evaluated as engineering concerns by other engineers. The comments made under the heading “DNSSEC Suicide” could be viewed by most laymen as more than somewhat disconcerting. Is there merit in his argument, or not? regards, Danny
In the scale of trolls, I think he is close to Jeffrey Williams, except people have met him. ----- Original Message ----- From: "Danny Younger" <dannyyounger@yahoo.com> To: patrick@vande-walle.eu Cc: "At-Large Worldwide" <at-large@atlarge-lists.icann.org> Sent: Wednesday, 26 November, 2008 1:44:33 PM GMT -08:00 US/Canada Pacific Subject: [At-Large] (No so) Serious Allegations Patrick, There are issues raised by the author of this comment that can only reasonably be assessed by other competent engineers (and I am not an engineer), so I am not looking for an assessment as to whether this engineer is a troll or not, but to know if his comments are reasonable when evaluated as engineering concerns by other engineers. The comments made under the heading “DNSSEC Suicide” could be viewed by most laymen as more than somewhat disconcerting. Is there merit in his argument, or not? regards, Danny _______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann... At-Large Official Site: http://atlarge.icann.org
Troll or not (thank you Frank). It seems that the author forgot that (as Patrick said) not every body can follow the content ot the article because it is too technical; not engineering. Engineers describe and explain technical issue in a language that can be understood by the target audience. Simple language works magic! In that case I wish to suggest that the article was not meant for all of us - it might have been menat for technicians? Can someone please help my giving a summary of the "threats" and "danger" we are facing? I am copying this to my colleagues in e-ThinkTank Group since this issue concerns everybody.. YMshana> Date: Wed, 26 Nov 2008 14:05:48 -0800> From: franck.martin@gmail.com> To: at-large@atlarge-lists.icann.org> Subject: Re: [At-Large] (No so) Serious Allegations> > In the scale of trolls, I think he is close to Jeffrey Williams, except people have met him. > > ----- Original Message ----- > From: "Danny Younger" <dannyyounger@yahoo.com> > To: patrick@vande-walle.eu > Cc: "At-Large Worldwide" <at-large@atlarge-lists.icann.org> > Sent: Wednesday, 26 November, 2008 1:44:33 PM GMT -08:00 US/Canada Pacific > Subject: [At-Large] (No so) Serious Allegations > > Patrick, > > There are issues raised by the author of this comment that can only reasonably be assessed by other competent engineers (and I am not an engineer), so I am not looking for an assessment as to whether this engineer is a troll or not, but to know if his comments are reasonable when evaluated as engineering concerns by other engineers. > > The comments made under the heading “DNSSEC Suicide” could be viewed by most laymen as more than somewhat disconcerting. Is there merit in his argument, or not? > > regards, > Danny > > > > > _______________________________________________ > At-Large mailing list > At-Large@atlarge-lists.icann.org > http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann... > > At-Large Official Site: http://atlarge.icann.org> _______________________________________________> At-Large mailing list> At-Large@atlarge-lists.icann.org> http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann...> > At-Large Official Site: http://atlarge.icann.org _________________________________________________________________ News, entertainment and everything you care about at Live.com. Get it now! http://www.live.com/getstarted.aspx
Simple, subscribe to the www.ietf.org mailing list and ask there an assessment of his posting. ----- Original Message ----- From: "Yassin Mshana" <ymshana2003@hotmail.com> To: "At-Large Worldwide" <at-large@atlarge-lists.icann.org>, ethinktanktz@yahoogroups.com Sent: Thursday, 27 November, 2008 4:32:29 AM GMT -08:00 US/Canada Pacific Subject: Re: [At-Large] (No so) Serious Allegations Troll or not (thank you Frank). It seems that the author forgot that (as Patrick said) not every body can follow the content ot the article because it is too technical; not engineering. Engineers describe and explain technical issue in a language that can be understood by the target audience. Simple language works magic! In that case I wish to suggest that the article was not meant for all of us - it might have been menat for technicians? Can someone please help my giving a summary of the "threats" and "danger" we are facing? I am copying this to my colleagues in e-ThinkTank Group since this issue concerns everybody..
also do a google search: dean anderson ietf Most interesting. This is the whole issues with having the non-government organisations sitting at the table: Who do you represent? ICANN has been asked to clarify that for each member in each constituency. ----- Original Message ----- From: "Yassin Mshana" <ymshana2003@hotmail.com> To: "At-Large Worldwide" <at-large@atlarge-lists.icann.org>, ethinktanktz@yahoogroups.com Sent: Thursday, 27 November, 2008 4:32:29 AM GMT -08:00 US/Canada Pacific Subject: Re: [At-Large] (No so) Serious Allegations Troll or not (thank you Frank). It seems that the author forgot that (as Patrick said) not every body can follow the content ot the article because it is too technical; not engineering. Engineers describe and explain technical issue in a language that can be understood by the target audience. Simple language works magic! In that case I wish to suggest that the article was not meant for all of us - it might have been menat for technicians? Can someone please help my giving a summary of the "threats" and "danger" we are facing? I am copying this to my colleagues in e-ThinkTank Group since this issue concerns everybody..
Indeed?
This is the whole issues with having the non-government organisations sitting at the table: Who do you represent? I am a no-body-much-in-business nor represent apart from being a User (automatically belong to At-Large constituency)who depends on tdo I he Internet. If you google me (Yassin Mshana) you will find that I was a Nominated ccNSO Council Member for Africa Region (2004/05). I belong to the e-ThinkTank Group-Tanzania and have passion to see that the Internet brings benefits to all -equitably!
Thanks for the pointer Yassin
Date: Thu, 27 Nov 2008 04:47:10 -0800> From: franck.martin@gmail.com> To: at-large@atlarge-lists.icann.org> CC: ethinktanktz@yahoogroups.com> Subject: Re: [At-Large] (No so) Serious Allegations> > also do a google search: dean anderson ietf > > Most interesting. > > This is the whole issues with having the non-government organisations sitting at the table: Who do you represent? > > ICANN has been asked to clarify that for each member in each constituency. > > ----- Original Message ----- > From: "Yassin Mshana" <ymshana2003@hotmail.com> > To: "At-Large Worldwide" <at-large@atlarge-lists.icann.org>, ethinktanktz@yahoogroups.com > Sent: Thursday, 27 November, 2008 4:32:29 AM GMT -08:00 US/Canada Pacific > Subject: Re: [At-Large] (No so) Serious Allegations > > > Troll or not (thank you Frank). It seems that the author forgot that (as Patrick said) not every body can follow the content ot the article because it is too technical; not engineering. Engineers describe and explain technical issue in a language that can be understood by the target audience. Simple language works magic! > > In that case I wish to suggest that the article was not meant for all of us - it might have been menat for technicians? > > Can someone please help my giving a summary of the "threats" and "danger" we are facing? > > I am copying this to my colleagues in e-ThinkTank Group since this issue concerns everybody.. > > > _______________________________________________> At-Large mailing list> At-Large@atlarge-lists.icann.org> http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann...> > At-Large Official Site: http://atlarge.icann.org
Connect to the next generation of MSN Messenger http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=w...
On Nov 27, 2008, at 7:47 AM, Franck Martin wrote:
This is the whole issues with having the non-government organisations
The table belongs to the users, engineers and network operators. Governments, and pretty much everyone else, are the latecomers. Scaling the discussion is a very important issue, but I certainly don't hope that your implication is that our beloved governments can solve this problem for us. /r
On Thu, 27 Nov 2008 09:38:04 -0500, Ross Rader <ross@tucows.com> wrote:
The table belongs to the users, engineers and network operators. Governments, and pretty much everyone else, are the latecomers. Scaling the discussion is a very important issue, but I certainly don't hope that your implication is that our beloved governments can solve this problem for us.
Being latecomers does not mean they are irrelevant. Some things governments are actually useful for in this context are: - Consumer protection laws (domain name registrants vs registries and registrars are an example) - Data privacy laws - Market regulation (anti-trust, etc) - Fund research - ... Patrick
On Nov 27, 2008, at 10:33 AM, Patrick Vande Walle wrote:
things governments are actually useful for
In each case, I think the internet ends up in a better place if the solutions come from the users. Using governments as a proxy for strong policy internationalizes the internet. It is inherently global, and we lose if it de-aggregates in this way.
At 16:53 27/11/2008, Ross Rader wrote:
On Nov 27, 2008, at 10:33 AM, Patrick Vande Walle wrote:
things governments are actually useful for
In each case, I think the internet ends up in a better place if the solutions come from the users. Using governments as a proxy for strong policy internationalizes the internet. It is inherently global, and we lose if it de-aggregates in this way.
Ross, "global" means opposite things in American ("unique") and in other languages ("all together"), including English. This results in a strong real life misunderstanding that affects all the international Internet Governance debate. It is between the unilateral US globality and the multilateral globality. In French "globalization" (in American with a "z") and its "internationalization" strategy opposes "mondialisation" [which is globalisation with an "s"]). For example, this translates in the GNI a(nti)-government unilateralism: this opposes the fundamental subisidiarity and proportionality principles most of the people believes the world and the Internet are built upon. In terms of Internet architecture this creates the opposition between the ICANN (de?)centralized vision and the distributed nature of the Internet. Today we have an ongoing discussion at the IETF (BEHAVE) where the question is about NAT66 (an IPv6:IPv6 NAT version - the Internet Draft is being introduced by very serious IETF leaders, in order to try to control what NAT could do under IPv6). The debate shows that NAT66 will not only be built and deploy, their features be much more developped than the IETF proposition, but that they will support a large diversity of IPv6 Realms - hence a large diversity of DNS roots. Most of the IETF old members hope this will not go that way. Because ICANN and the USA will not control the network anymore (this goes with the debate on DNSSEC, which is for many only a political attempt [unworkable rusty technical proposition] to protect the IANA - that Paul Twomey and Vint Cerf introduced some years ago [in Luxembourg] in the ICANN strategic plan). It is very odd that in a democratic country like the USA you tend to think that your Government is your first ennemy. Or do we think the same, when we think that our Governements are our best protection against your Government? jfc
On Nov 27, 2008, at 11:31 AM, JFC Morfin wrote:
"global" means opposite things in American ("unique") and in other languages ("all together")
I am neither American, nor unaware of what "global" means. The internet is a joining of networks, by users and network operators. International implies "between nations" and I am not willing to give up my freedom to connect "between networks" and "between people" in favor of a model that requires me to first check in with my government in accordance with a treaty it has with your government. /ross
At 17:35 27/11/2008, Ross Rader wrote:
On Nov 27, 2008, at 11:31 AM, JFC Morfin wrote:
"global" means opposite things in American ("unique") and in other languages ("all together")
I am neither American, nor unaware of what "global" means.
The internet is a joining of networks, by users and network operators. International implies "between nations" and I am not willing to give up my freedom to connect "between networks" and "between people" in favor of a model that requires me to first check in with my government in accordance with a treaty it has with your government.
Then you are by your own. And I am certainly with you. But I feel like if you said "I like planet Earth, but I do not want to tuch continents and islands" (Governement and treaties exist if you like it or not). I do not really see how you want to manage. Because most of the independent people you will relate with will try to make big entities compete and protect them "in between". Big entities are Govs, Google, ICANN, ITU and the like. IMHO the easiest ones to trigger are Governments because they have to be coherent with their one self, so you want to help them stay in a good position enough in your own interest. Google, etc. are more difficult to influence if they do not employ you. ICANN and ITU have to be infiltrated or replaced. Even if you have much money or if you are very clever I do not see how you can obtain the best model for what you want to do, and what is your model. jfc
Ross Rader wrote, On 27/11/08 16:53:
On Nov 27, 2008, at 10:33 AM, Patrick Vande Walle wrote:
things governments are actually useful for
In each case, I think the internet ends up in a better place if the solutions come from the users. Using governments as a proxy for strong policy internationalizes the internet. It is inherently global, and we lose if it de-aggregates in this way. Ross,
Certainly, the solutions would be better if they came from the users. However, after more than 10 years of an Internet managed by the private sector, the results in terms of self regulation have been less than impressive. As a taxpayer, I expect my government to invest as much time and resources on the Internet industry that it does on steel, finance or agriculture and even more so when the players cannot agree on fair rules. One would have hoped for example that the domain name industry and its customers could agree on common standards regarding contracts, privacy, etc and see them deployed and enforced in an identical way in Europe, North America and elsewhere around the globe. The fact remains today that the customer is basically powerless in case of an issue with a registrar or registry located in another country. Until the industry matures, some government presence may be beneficial. The hands off ideology has shown its limits in the financial sector, which is also global in essence. We may not want to reproduce the same mistakes with the Internet sector, as it is now vital to the functioning of the global economy. Patrick
Not at all, nor I was asking credentials of people in this list. But you have to realise for your voice to be heard, either you are making sense, either your representing a significant part of the community. The later is where ICANN has been requested to go. ----- Original Message ----- From: "Ross Rader" <ross@tucows.com> To: "At-Large Worldwide" <at-large@atlarge-lists.icann.org> Sent: Thursday, 27 November, 2008 6:38:04 AM GMT -08:00 US/Canada Pacific Subject: Re: [At-Large] (No so) Serious Allegations On Nov 27, 2008, at 7:47 AM, Franck Martin wrote:
This is the whole issues with having the non-government organisations
The table belongs to the users, engineers and network operators. Governments, and pretty much everyone else, are the latecomers. Scaling the discussion is a very important issue, but I certainly don't hope that your implication is that our beloved governments can solve this problem for us. /r _______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann... At-Large Official Site: http://atlarge.icann.org
On Nov 27, 2008, at 2:11 PM, Franck Martin wrote:
The later is where ICANN has been requested to go.
From what do you draw this conclusion? ICANN itself is a manifestation of the will of the community I described. It was never intended to be an "institution of institutions". I'm quite genuinely interested in understand what causes you to say this. /ross
Danny, On Wed, Nov 26, 2008 at 10:44 PM, Danny Younger <dannyyounger@yahoo.com> wrote:
Patrick,
There are issues raised by the author of this comment that can only reasonably be assessed by other competent engineers (and I am not an engineer), so I am not looking for an assessment as to whether this engineer is a troll or not, but to know if his comments are reasonable when evaluated as engineering concerns by other engineers.
The comments made under the heading "DNSSEC Suicide" could be viewed by most laymen as more than somewhat disconcerting. Is there merit in his argument, or not?
Here are his objections: 1. DNSSEC does not secure DNS services to any reasonable expectation of security, DNSSEC is not a panacea, it only does a specific thing, and only does that thing if all configs are done correctly. It's a specific reaction to a specific set of threats. 2. Deployment of DNSSEC on Root servers enables new DNS Amplification Attacks which cannot be easily mitigated but they can be mitigated, it's a showstopper for him, but seemingly not for the IETF et.al. 3. Trust and confidence in DNSSEC is misplaced because critics have been silenced and many problems have not been addressed. the problems in designing the spec have been many and varied, addressing them has been the main reason it's taken ~10 years for DNSSEC to evolve into it's present form. Is it possible to miscofigure DNSSEC so that your effectively offline..yes, that the design. That doesn't mean it can't or shouldn't be deployed, it just means that care needs to be taken when implementing it DNSSEC is going to be hard to deploy globally...on a similar scale to IPv6. It's not a point and click kind of thing like an Antivirus program. If he has a better plan to provide a layer of security to DNS queries and replies, i haven't heard it. -- Cheers, McTim http://stateoftheinternetin.ug
participants (7)
-
Danny Younger -
Franck Martin -
JFC Morfin -
McTim -
Patrick Vande Walle -
Ross Rader -
Yassin Mshana