From owner-netizens-digest@columbia.edu Wed Apr 11 20:41:09 2001 Return-Path: Received: from maillist1.cc.columbia.edu (maillist1.cc.columbia.edu [128.59.35.140]) by mail3.panix.com (Postfix) with ESMTP id 0F4B6985B5 for ; Wed, 11 Apr 2001 20:41:09 -0400 (EDT) Received: (from majordom@localhost) by maillist1.cc.columbia.edu (8.9.3/8.9.3) id UAA00910 for netizens-digest-outgoing; Wed, 11 Apr 2001 20:33:04 -0400 (EDT) Date: Wed, 11 Apr 2001 20:33:04 -0400 (EDT) Message-Id: <200104120033.UAA00910@maillist1.cc.columbia.edu> From: owner-netizens-digest@columbia.edu (Netizens-Digest) To: netizens-digest@columbia.edu Subject: Netizens-Digest V1 #380 Reply-To: netizens@columbia.edu Sender: owner-netizens-digest@columbia.edu Errors-To: owner-netizens-digest@columbia.edu Precedence: bulk Status: RO Netizens-Digest Wednesday, April 11 2001 Volume 01 : Number 380 Netizens Association Discussion List Digest In this issue: Re: [netz] comments submitted to the NAS on their committee appointments [netz] Number three is up, and it's the best one [netz] went to Monday's NAS DNS study committee meeting [netz] Re: Monday Open Meeting of the Committee Re: [netz] There is a need for online discussion of new DNS NAS Commmittee Re: [netz] There is a need for online discussion of new DNS NAS Commmittee Re: [netz] There is a need for online discussion of new DNS NAS Commmittee Re: [netz] There is a need for online discussion of new DNS NAS Commmittee ---------------------------------------------------------------------- Date: Fri, 6 Apr 2001 00:46:16 -0400 From: "Howard C. Berkowitz" Subject: Re: [netz] comments submitted to the NAS on their committee appointments >Thanks for the response to the draft comments I sent to this list. > >Following are the comments I submitted in time for the April 5 deadline > >Ronda Silly, but you gave me a laugh with a flashback... > > Barry M. Leiner. Vinton G. Cerf, David D. > Clark, Robert E. Kahn, Leonard Kleinrock, > Daniel C. Lynch, Jon Postel, Larry G. > Roberts, and Stephen Wolff > A Brief History of the Internet, pg. 4. > http://www.isoc.org/internet/history/brief.html Contrary to popular belief about junk food, most of the Internet pioneers I know are gourmets. Some, especially Vint Cerf, believe that fine wines are an excellent paradigm for budgeting and scalability. But you remind me of the time that some colleagues and I introduced Dan Lynch (see above) to Ethiopian food. He loved in, especially the soft, moist injera pancakes with which one eats the food. He loved the food so much that he attempted to finish up the leftovers. Unfortunately, he mistook an extra napkin for a leftover pancake. Fortunately, we were able to save him from choking as he chewed harder and harder on the napkin, wondering why it wasn't up to the taste standards of the earlier injera. ------------------------------ Date: Sun, 8 Apr 2001 16:33:43 EDT From: Nmherman@aol.com Subject: [netz] Number three is up, and it's the best one ++ http://www.geocities.com/genius-2000/Satire3.JPG (caps for the JPG I guess is how it works) Note the autograph on the Genius 2000 ticket. It's the drummer for Steven Malkmus and the Jicks, and he used to drum for Pavement. I told him after the show that the Video First Edition was "Green Party type shit" and he was very impressed. If anyone knows his email, or his name, let me know per favore. The bassist, a very impressive one, also accepted a ticket from me and vowed to at least consider checking it out. Max Herman Satire Swords The Genius 2000 Network http://www.geocities.com/genius-2000/Satire1.JPG http://www.geocities.com/genius-2000/Satire2.JPG http://www.geocities.com/genius-2000/Satire3.JPG ++ ------------------------------ Date: Wed, 11 Apr 2001 11:06:10 -0400 (EDT) From: ronda@panix.com Subject: [netz] went to Monday's NAS DNS study committee meeting I went to observe the meeting in Washington on Monday at the National Academy of the new Committee on Internet Searching and the Domain Name System: Technical Alternatives and Policy Implications. An early part of the meeting was reports by government officials about the background of the problem with the domain name system and what they hoped the committee would accomplish. This was the most interesting and useful part of the meeting. I want to report on the meeting for the netizens list and will begin to do so as soon as I finish somethat else that I have to work on for a deadline tomorrow evening. Ronda ronda@panix.com ------------------------------ Date: Wed, 11 Apr 2001 11:27:05 -0400 From: "Howard C. Berkowitz" Subject: [netz] Re: Monday Open Meeting of the Committee Ronda and I were discussing some of the DNS issues, and felt it might be worth reminding people that the DNS is many things. There's some tendency, in the public policy area, to focus on the content of the Domain Name System -- the issues that hit intellectual property -- and forget there is a large set of technologies below them. There is the original architecture, protocol, and server-level operations guide discussed in RFC 1033-1035. There are protocol operational issues. For example, the DNS specifications allowed a DNS server to specify a zero cache time on a name-to-address translation it provided (i.e., forget this translation as soon as you use it). For quite some time, however, BIND would retain that translation (for efficiency reasons) for a minimum of 5 minutes. While these efficiency reasons decrease both bandwidth and processing load, they also tend to defeat fault-tolerance and load-distribution schemes in which the DNS server wants the opportunity to make a fresh decision for each request. A similar issue is that DNS can respond with multiple addresses for a given host name. A query for www.microsoft.com, for example, might return 10.0.1.1, 10.0.1.2, and 10.0.1.3. The intention was that if the first was down (or if a message sent to it timed out, suggesting congestion), the next would be tried, and so forth in round-robin order. Early Microsoft implementations of the client side of DNS, however, tried only the first and gave up. Another aspect of the DNS big picture is well-known implementations, either directly ported to new computers or used as a reference implementation against which new implementations are validated, such as BIND (see below) There is the distributed content of the Domain Name System. In particular, there are the authoritative root servers, that define the very top of the tree and are used to define all top level domains. Remember that the domain foo.com really is foo.com. ^ the trailing, most significant "dot" is "silent" Root servers point to the authoritative tops of .com, etc. Kashpureff hijacked the root. New.net introduced top-level domains (TLD) that were not in the contents of the root servers. Above this, there is the legal, etc., machinery involved in approving new TLDs and determining ownership of lower-level domain names. This machinery rubs against the desire to use DNS as a user-friendly resource-locating directory, which was never a design goal. Yet another issue is that people are, not unreasonably, starting to use the DNS system to contain security information for Public Key Infrastructure (PKI), and add security to the DNS itself. >This was very interesting. I appreciate your sending it to me. > >I have been talking about the Domain Name System but its helpful >to remember there is a protocol as well. And that the DNS protocol >is an agreement that it is important to recognize and understand. > > >>However, the product name is protected. "MultiBind" may be an infringement >>of ISC's rights to the BIND product name. In any case, this derivative of >>ISC's work is not sanctioned or approved by ISC in any way, and in fact >>ISC's long-held position is that any proposal involving "multiple root >>networks" is nothing short of domain piracy and also violates the DNS >>protocol. >> >>In addition, the possibly infringing product "MultiBind" from American >>Webmasters directly contravenes the IETF IAB's position as laid out in RFC >>2826(*1). ISC *strongly* recommends that the comments in RFC 2826 be >>heeded by the Internet community, and that the extensions described above >>for the infringing product "MultiBind" *not* be used by anyone connected to >>the Internet(*2). >> >>(*1) See ftp://ftp.ietf.org/rfc/rfc2826.txt. >> >Also this definition was very interesting. > >>(*2) Q: But what IS the Internet? >> A: "It's the largest equivalence class in the reflexive, transitive, >> symmetric, closure of the relationship 'can be reached by an IP packet >> from'". Seth Breidbart And you've been complaining there's no science? :-) ------------------------------ Date: Wed, 11 Apr 2001 13:18:19 -0700 (PDT) From: Greg Skinner Subject: Re: [netz] There is a need for online discussion of new DNS NAS Commmittee Some time back, "Howard C. Berkowitz" wrote: > I would hope, however, there isn't a desire to include people who > actively oppose the current structure that, with all its flaws, > works. Eugene Kashpureff (sp?), I believe, is not available since > he's in jail for hijacking the DNS root. The marketeers at new.net > also have taken unilateral actions that jeopardize a working system, > in the interest of pure profit. Out of curiosity, why do you believe the people at new.net are acting in the interest of pure profit? It's been over a year since I've been able to study/comment on matters relating to ICANN, but from briefly looking over new.net's web site, it seems they are using a method that is touted by the ORSC (Open Root Server Consortium) for accessing non-legacy root servers. While I have had my differences of opinion with ORSC people, I don't believe all of them are motivated by pure profit. I think at least some of them believe that what they are doing is the appropriate thing to do, in order to provide more "useful" names, and to provide an alternative to NSI and the other ICANN-approved registrars. - --gregbo ------------------------------ Date: Wed, 11 Apr 2001 16:39:25 -0400 From: "Howard C. Berkowitz" Subject: Re: [netz] There is a need for online discussion of new DNS NAS Commmittee >Some time back, "Howard C. Berkowitz" wrote: > >> I would hope, however, there isn't a desire to include people who >> actively oppose the current structure that, with all its flaws, >> works. Eugene Kashpureff (sp?), I believe, is not available since >> he's in jail for hijacking the DNS root. The marketeers at new.net >> also have taken unilateral actions that jeopardize a working system, >> in the interest of pure profit. > >Out of curiosity, why do you believe the people at new.net are acting >in the interest of pure profit? Well, to start with, their own publicity indicates they are venture capital funded and looking for new business opportunities. Second, I object to new.net for the same reasons that I don't like legislation that mandates local governments do something, but doesn't fund it. Caveat: I'm not a DNS specialist, but I do have substantial experience in ISP operations. To quote from ORSC's FAQ, "ORSC is a nexus for people interested in grass-roots development of new top level domains." That's nice, I suppose. /*sarcasm mode on*/ We need, I suppose, people interested in grass-roots alternatives to 911 as the accepted US emergency services phone number. We need, I suppose, people interested in grass-roots alternatives to brain surgery done in hospital rooms. /*sarcasm mode off*/ There's a working Internet out there, although it might not be as "friendly" as ORSC would want it to be. But every time someone brings out a new capability and throws it into the general Internet, it isn't going to work everywhere, and ISPs are going to be stuck with responding to customer complaints about it. They may say they don't support it, but they still spend resources responding to the calls. I'm annoyed enough that I have to spend 20 minutes on hold to my ISP to tell them my DSL is down; I don't want that to go to 30 because the same help desk is busy responding to calls about "grass roots" solutions. There is no general consensus in the IETF, etc., that there should be "more useful" names. That isn't what DNS was designed to do, although there's no question there are enormous commercial interests in doing so. Any time a non-consensus technique is introduced (mind you, Microsoft, etc., are just as guilty of this, but they do a lot more testing than new.net), the support workload of ISPs go up. They have to train their first- and second-line people, at the very least, to say XXX isn't supported. > >It's been over a year since I've been able to study/comment on matters >relating to ICANN, but from briefly looking over new.net's web site, it seems >they are using a method that is touted by the ORSC (Open Root Server >Consortium) for accessing non-legacy root servers. Legacy? I'd hesitate to use that word, at least in a deprecating sense. ICANN, by no means is a panacea. But we have a certain degree of confidence that the existing DNS works, because changes to it are made cautiously. >While I have had >my differences of opinion with ORSC people, I don't believe all of them >are motivated by pure profit. I think at least some of them believe that >what they are doing is the appropriate thing to do, in order to provide >more "useful" names, and to provide an alternative to NSI and the other >ICANN-approved registrars. I don't think you will find real-world Internet operations people expressing a view that more useful names are needed. You will find a lot of commercial interests, with no operational responsibility, expressing such a belief. ------------------------------ Date: Wed, 11 Apr 2001 16:39:21 -0700 (PDT) From: Greg Skinner Subject: Re: [netz] There is a need for online discussion of new DNS NAS Commmittee Unfortunately, I don't have much time to debate issues related to ICANN, so I apologize in advance if my responses seem terse, or if you don't hear back from me for a while. "Howard C. Berkowitz" wrote: > Greg Skinner wrote: > > > >Out of curiosity, why do you believe the people at new.net are acting > >in the interest of pure profit? > > Well, to start with, their own publicity indicates they are venture > capital funded and looking for new business opportunities. Is this a problem? This describes most businesses, even businesses that are not on the net. > Second, I object to new.net for the same reasons that I don't like > legislation that mandates local governments do something, but doesn't > fund it. Caveat: I'm not a DNS specialist, but I do have > substantial experience in ISP operations. I don't understand the point you're trying to make here. Are you trying to argue that what new.net is doing is requiring other parties (e.g. ISPs) to do something, but new.net is not funding them to do it? > To quote from ORSC's FAQ, "ORSC is a nexus for people interested in > grass-roots development of new top level domains." > That's nice, I suppose. /*sarcasm mode on*/ We need, I suppose, > people interested in grass-roots alternatives to 911 as the accepted > US emergency services phone number. We need, I suppose, people > interested in grass-roots alternatives to brain surgery done in > hospital rooms. /*sarcasm mode off*/ I don't think useful comparisons can be made between DNS service (as it is currently practiced) and 911 service. 911 service is a legally established public service (at least in the US). (Caveat: I don't know offhand the legal details or obligations of phone companies or providers of emergency services, e.g. hospitals.) On the other hand, there are no laws (at least that I know of) that specify what a DNS provider is obligated to do. Furthermore, there has never been a situation (that I know of) where 911 service was funded through a competitive, virtually exclusive government contract, and then without warning or (imho) due process, the contract was amended to allow the providers to charge for the service. > There's a working Internet out there, although it might not be as > "friendly" as ORSC would want it to be. But every time someone brings > out a new capability and throws it into the general Internet, it > isn't going to work everywhere, and ISPs are going to be stuck with > responding to customer complaints about it. I can certainly sympathize with the concerns of ISPs, having worked in operations at various times during my career, and also having experienced various levels of angst when my ISPs aren't working properly. In general, I am not sure whether or not "alternative" DNS will work; to a certain extent, this depends on how "work" is defined. (Unfortunately, I don't have time to go into this in more detail.) > There is no general consensus in the IETF, etc., that there should be > "more useful" names. That isn't what DNS was designed to do, > although there's no question there are enormous commercial interests > in doing so. True, of course. However, NSI used its position to its own advantage, allowing anyone to register whatever they wanted, without concern for whether this was an appropriate thing to do. We have the situation now where NSI has (imho) an unfair economic advantage. I can't fault the ORSC or new.net for wanting to level the playing field. > >It's been over a year since I've been able to study/comment on matters > >relating to ICANN, but from briefly looking over new.net's web > >site, it seems they are using a method that is touted by the ORSC > > (Open Root Server Consortium) for accessing non-legacy root > > servers. > Legacy? I'd hesitate to use that word, at least in a deprecating > sense. ICANN, by no means is a panacea. But we have a certain degree > of confidence that the existing DNS works, because changes to it are > made cautiously. I wasn't using 'legacy' in a deprecating sense. It's just a word I use when I refer to the IANA root servers. > I don't think you will find real-world Internet operations people > expressing a view that more useful names are needed. You will find a > lot of commercial interests, with no operational responsibility, > expressing such a belief. Well, I have spoken to a few people on the subject. No one's ever said to me that they outright oppose the idea; most are too busy dealing with other problems to have given it a lot of thought. Also, I would argue that at least some of the ORSC people have given some thought to operational responsibility. (Their main obstacle, from what they've told me, is funding, although perhaps now they have enough funding to establish a set of root servers that are as reliable as the legacy root servers.) Furthermore, the ORSC people that I know aren't purely motivated by profit; arguably, they do want to earn money for the work they do. - --gregbo ------------------------------ Date: Wed, 11 Apr 2001 20:32:28 -0400 From: "Howard C. Berkowitz" Subject: Re: [netz] There is a need for online discussion of new DNS NAS Commmittee >Unfortunately, I don't have much time to debate issues related to >ICANN, so I apologize in advance if my responses seem terse, or if you >don't hear back from me for a while. > >"Howard C. Berkowitz" wrote: > >> Greg Skinner wrote: > >> > >> >Out of curiosity, why do you believe the people at new.net are acting >> >in the interest of pure profit? >> >> Well, to start with, their own publicity indicates they are venture >> capital funded and looking for new business opportunities. > >Is this a problem? This describes most businesses, even businesses >that are not on the net. Your question was related to why I thought they were primarily profit oriented. Don't get me wrong -- profit is not evil. But you raised the question of whether they were acting for profit. They are, by their own statements. > >> Second, I object to new.net for the same reasons that I don't like >> legislation that mandates local governments do something, but doesn't >> fund it. Caveat: I'm not a DNS specialist, but I do have >> substantial experience in ISP operations. > >I don't understand the point you're trying to make here. Are you >trying to argue that what new.net is doing is requiring other parties >(e.g. ISPs) to do something, but new.net is not funding them to do it? Exactly. Their profit making activity incurs costs on the part of others who do not share in those profits. > >> To quote from ORSC's FAQ, "ORSC is a nexus for people interested in > > grass-roots development of new top level domains." > > >I don't think useful comparisons can be made between DNS service (as >it is currently practiced) and 911 service. 911 service is a legally >established public service (at least in the US). (Caveat: I don't >know offhand the legal details or obligations of phone companies or >providers of emergency services, e.g. hospitals.) There is a useful comparison, if you accept the idea of cooperation rather than anyone being free to do their own thing. I can have confidence that if I dial 911, I will not be connected to a pizza delivery service. Forget 911 as an emergency service -- consider 411 directory assistance, which is clearly NOT legislated. There is agreement among the telcos what 411 will mean, and it isn't legislated but it is a useful service goal. Fix ICANN, etc. Don't roll your own services unless you KNOW it won't disrupt. >On the other hand, >there are no laws (at least that I know of) that specify what a DNS >provider is obligated to do. I believe the scope of this list suggests there is such a thing as a netizen, or that network participation is participation in a community. There is an unwritten obligation in any community not to disrupt its infrastructure. > >Furthermore, there has never been a situation (that I know of) where >911 service was funded through a competitive, virtually exclusive >government contract, and then without warning or (imho) due process, >the contract was amended to allow the providers to charge for the >service. I don't understand your analogy. In fact, enhanced 911 service is often funded by legislated/utility commission imposed telephone usage charges, putting the cost of 911 not on the overall community it services, but on the subset of telephone users. > >> There's a working Internet out there, although it might not be as >> "friendly" as ORSC would want it to be. But every time someone brings >> out a new capability and throws it into the general Internet, it >> isn't going to work everywhere, and ISPs are going to be stuck with >> responding to customer complaints about it. > >I can certainly sympathize with the concerns of ISPs, having worked in >operations at various times during my career, and also having >experienced various levels of angst when my ISPs aren't working >properly. In general, I am not sure whether or not "alternative" DNS >will work; to a certain extent, this depends on how "work" is >defined. (Unfortunately, I don't have time to go into this in more >detail.) But that's just the point -- the present DNS works. It may not be ideal from the standpoint of level playing fields, competitions, etc. If people want level playing fields, put pressure on the US Justice Department (there's no supranational body with jurisdiction) to take antitrust action against NSI. Don't break the DNS or cause operational disruption because people don't like ICANN, NSI, etc. > >> There is no general consensus in the IETF, etc., that there should be >> "more useful" names. That isn't what DNS was designed to do, >> although there's no question there are enormous commercial interests >> in doing so. > >True, of course. However, NSI used its position to its own advantage, >allowing anyone to register whatever they wanted, without concern for >whether this was an appropriate thing to do. We have the situation >now where NSI has (imho) an unfair economic advantage. I can't fault >the ORSC or new.net for wanting to level the playing field. I don't care if NSI does or does not have an unfair advantage, IF the efforts to "level the playing field" damage innocent bystanders, > >> >It's been over a year since I've been able to study/comment on matters >> >relating to ICANN, but from briefly looking over new.net's web >> >site, it seems they are using a method that is touted by the ORSC >> > (Open Root Server Consortium) for accessing non-legacy root >> > servers. >> Legacy? I'd hesitate to use that word, at least in a deprecating >> sense. ICANN, by no means is a panacea. But we have a certain degree >> of confidence that the existing DNS works, because changes to it are >> made cautiously. > >I wasn't using 'legacy' in a deprecating sense. It's just a word I >use when I refer to the IANA root servers. > >> I don't think you will find real-world Internet operations people >> expressing a view that more useful names are needed. You will find a >> lot of commercial interests, with no operational responsibility, >> expressing such a belief. > >Well, I have spoken to a few people on the subject. No one's ever >said to me that they outright oppose the idea; most are too busy >dealing with other problems to have given it a lot of thought. Well, try bringing up the idea that "useful names are a priority" in an operational forum such as NANOG, and be sure you bring protective clothing. The new.net proposal triggered a major uproar on the NANOG mailing list, to the extent that the list sponsor ended the discussion so other topics could be noticed. Go and check the NANOG archives at www.nanog.org. More than a "few people," and in a reasonably expert context. >Also, >I would argue that at least some of the ORSC people have given some >thought to operational responsibility. They haven't gained consensus in any accepted Internet operations or technical forum. ICANN and NSI, incidentally, tend to be very bad words on NANOG. ------------------------------ End of Netizens-Digest V1 #380 ******************************