At 15:25 30/08/2008, Patrick Vande Walle wrote:
In this context, the one who will sign the root is important, because it will be the "trusted" third party. The whole point is that this party should inspire trust to all the parties (ie cc and gTLDS) below, and further to domain name registrants.
Patrick, you know this is politically and technically not possible. This is why Lutz tries the DLVs. The problem we have as users is to get a solution that works for us - DLV or others for the reasons you give - but which other?. This is up to us. This is why the WSIS acknowledged our legitimacy as Civil Society and, de facto, as part of the ill defined and technology moving Internet Community. This is why it has foressen to extend the IGF mandate to emergent new items. The question we face is therefore: is the DNSSEC adapted to the world as it really is? This reality is that there is no more a single root file. However , everyone, but ICANN, agrees to protect a single virtual root file. What is the solution that we (users) must retain in 2008, and possibly devise, while ICANN and IETF are enjoying themselves in a 1983 context. Is it our interest to try to wake them up, or do we forget about them for now, in the hope they join back later on? The real threat on the DNS is the incertitude on the intents of Paul Twomey and Chris Disspain after the NTIA publication and the current delirium about DN auctionning possibility. This only lead to State Protected DNS Public Services like in China. jfc