Re: Re[3]: national security

Dear John,
thank you for your comment even if it does not discuss the "internet 
national survival kit". I am afraid it continues a qui pro quo where we 
often say the same thing but from different points of view (not vision). 
Where you look from inside your technology, and me from a user's point of 
view, from outside and global (English/French meaning) putting Internet in 
competition with other alternatives (existing or possible).
I respond here. Because some who read could keep a strange idea of my 
positions (I did not even alluded to). Also because John is always 
interesting. Even when wrong about me, the topics are of interest. I will 
try to keep it technical, but it responds John who did not addressed the 
thread.
jfc



<- John and interested Members only - Thx ->

Dear John,
I appreciate much that you know to stay technical while caring about 
societal and political aspects (this is why you were IMHO a very good 
choice for the BoD).
But this is NOT the matter here.

At 17:47 29/11/03, John C Klensin wrote:
> You should also entertain the hypothesis that no one has commented on 
> those issues/suggestions because they are have been discussed too many 
> times before and are inconsistent with the visions that drive the 
> Internet.   Some of them have even been the subject of fairly careful 
> evaluation and associated statements, e.g., RFC 2826 on the unique DNS 
> root issue (often summarized as "which part of 'unique' are you having 
> trouble understanding?").
Please ... this is not the matter but I will respond as usual "the part you 
make it to play wrong". BTW your unique root is two different accesses 
which can be hacked differently. First risk.
The question is not the suggestions but "are there better reponses? would 
they they reduce or increase the death toll". In the cases described by the 
White House, the comparable cases in other countries contexts, the cases 
created by the White House strategy and the cases created by the other 
countries comparable strategies?
I understand no one wants to commit. We are not discussing development, 
architecture, etc. But technical aspects of Best Practices for national 
survival (economy, administration, transport, health, schools, banks, 
airlines, power, etc. etc.) in front of a large Internet failure resulting 
from an internal collapse, a international situation, an external 
catastrophe. Real - not intellectual - world stuff.
> I think, as we have discussed in the past, that your vision of
> the Internet and its future differs from mine and that of many,
> probably most, of the people on this list.  I would characterize
> your picture, I hope not too inaccurately, as one in which
> connectivity and the flow of information are driven (not unlike
> the PSTN) by bilateral agreements between countries.  In that
> sort of world, different countries may reasonably establish
> different views of the DNS and different address spaces, with
> inter-country communications occurring through gateways that,
> among other things, can keep those views and address spaces
> separate.
This description is totally inaccurate. Even opposite (even it should 
support that scheme as a possible scheme and that I accept every consistent 
scheme). As you know my model is a cylinder where the Internet 4 layers are 
just a slice, as the OSI is and others.
You quote the DNS, please refer to the Universal Naming System 
(uniname/universal name). That is information society, computers, IP 
rights, culture, dictionaries, automatic translation, etc.). This is where 
national/religious/community, etc. etc. cultures belong and are to be 
defended. Not the IETF cup of tea.
As part of the UNS, the brainware (people) and the software (applications, 
encryption, etc.) identify network related names. This is the GNS 
(egenalized) which must eventually permit a harmonized communication 
support. When I send a fax or an MMS or a mail or access a web site I want 
the name to be and behave the same. Even IPv6 wants that (HIP)! I give the 
example of local root ".sos". It will become the unique referent for all 
the alarms, on all the systems, in all the languages - even it may 
translate in many different vernacular ways of scripting (uninames), sounds 
or icons.
As part of the GNS there is the Internet related restriction named the 
"legacy DNS" from the root names allocated in 84 and added in 2000.
All these are different layers and in each layers/languages, ways of 
use/systems. What the user wants is to see them to look the same. The part 
of unique you do not understand is that the world is NOT uniquely Internet. 
If you want to keep thinking hierarchical (which is very restrictive way), 
you should think http://domain.name.dns.gns.uns . If name in "dns.gns.uns" 
are the same and permit DNS usages to look unique (what IPC fights for as 
famous names). But that does not prevent that many other uninames to 
related to a dns name. This is what Keith Moore and Paul Hoffmann are 
actually trying to word out at imaa, from an Internet technology perspective.
I said hierarchy was a very very restrictive way. You must support local 
occurrences, you must support abbreviations. Do you put "USA" at the of 
each letter you send to US people. Do you put your street address on the 
envelope when you drop a letter in the room of your kids. When you write to 
your "beloved wife" do you confuse her with mine because we both use the 
same subscription? All these are however very precise designations of 
unique entities we happen to have used for millenaries. We do not want to 
create confusion in being forced into an "EITF voted reality" to comply 
with a 20 years old program.
It is not simple. But who said life was simple :-)

> In my world, direct, end-to-end global connectivity,
> interoperability, and integrity of DNS and URI references are
> very important -- for interpersonal communication, for commerce,
> for intellectual development and dissemination, and perhaps even
> as a religious principle.  That belief has caused me to spend
> most of my time in the last few years on internationalization
> issues, not to empower governments, but to permit better
> communication among people (and, indeed, to reduce the belief by
> governments that they need to "solve" the problem, probably in
> some xenophobic way).
Spent much time, pains and 100s of thousands of miles at the begining, 
explaining Govs it would be nice that they put they network data and 
information in my unique file. Took years but eventually worked and was 
copied. The part about that uniqueness is it can be copied and stay unique.
What you fail to see right now is that the system you support is Babel. 
Please reread the Babel tower story. What men were confronted to was to 
build the tower with stones of sand and tar. What figured they were 
prisonners from a unique language and thinking. God never punished them !! 
He freed them - through many languages - and like sand of the sea, the sand 
of the people could flow. Read Church Fathers about that. Very interesting 
to understand the DNS and networks. I am sure that you are one of those who 
may really be interested.
Communication among people is NOT to make them use an unique language, with 
a unique thinking and an unique vision and an unique gov. It is to find 
acceptable ways to bridge there differences (languages, cultures, 
history...) without reducing them for them to inter-relate. Far, far more 
complex.
A reasonable accepted way is to use numbers. For years I support that we 
may use numbers from 0 to Z and "-" is a convenient thing. We added "@" 
recently. I suppose we should also use "#". And this is what is being done 
in many technologies now (and in URLs). But (see above) this is DNS or GNS. 
Some acceptable common trade-off to be able to relate together.
> With regard to ICANN and its processes, I don't much like the
> way a good deal of that has turned out, even while I believe
> that things are gradually getting better. I lament the set of
> decisions that led to the US Govt deciding that it needed to be
> actively involved and to some of the risks, delays, and socially
> undesirable statements that situation has created.  At the same
> time, all of the alternatives continue to strike me as much
> worse, including moving the technical/administrative issues into
> forums in which variations on the theme of "we don't like
> reality, so we will vote it to be different, regardless of what
> they might do to the Internet or human communications in
> general".
This is not technical. But I am in partial agreement.

Partial because the nature of ICANN as a de facto US agency and an 
international coordinating  body will never permit to be a multinational 
concertation (documented that in a previous mail) hub it has to be.
>   So, while ICANN, IMO, continues to need careful
> watching -- most importantly to be sure that it does not expand
> into "governance" issues that are outside its rational scope-- I
> don't see "give it to XXX" or "everyone runs off in his own
> direction" as viable alternatives.
Fundamental difference in our use of the word "governance". In my local 
idiom "governance" (since XIIIth century) means more or less what - you - 
you would like it to be. But the ICANN people are tied by their common 
native understanding of the word, which is much more directive. This is 
technical. Nothing political. Human languages are like computer languages. 
You depend on the language you use to think and work together. If your 
common references are not what you think they should be you meet problems. 
A brainware bug.
> On the other hand, one of the nice things about the network as
> it is now constituted is that anyone has the option of
> opting-out: disconnecting, setting up a private DNS and a
> private addressing system, and communicating, if at all, through
> a restrictive, address-and-protocol-translating gateway.
This is absurd. Only ICANN does that. Voting its own reality. What is 
unique is reality. Also what is unique is the incredible way ICANN wants to 
decide about reality. I had for long a slogan for ICANN Esther used for a 
lecture or a book "let get real".
>  We
> even know how to run IP over X.25 and X.75, and that option is
> available as well.
Happily, in here the Customs and part of the Army runs X.25 under IP. 
Protects us.
> The question of who will miss anyone who takes that opt-out option is an 
> interesting one sociologically, but the Internet has sufficient critical 
> mass at this point, and is sufficiently important commercially in most of 
> the world, that "opportunity to shoot yourself in the foot" might figure 
> into such an analysis.
This is an incredible thing to say when we are precisely confronted to Govs 
representing 3/4 of the humanity saying "No! you will not appropriate our 
common network!". Or have you already opted-out 80 of the mankind?
Anyway, this NOT the matter, John. The mater is to help these 80% survive 
the Internet until the world fixes a new generation network fulfilling your 
hopes better, more securely, etc.
> If you are convinced of the viability of your ideas, by all means go off 
> and try them: just be sure that your namespaces and addresses don't leak 
> into the real network.
Which ideas???

I have listed a survival kit. From different propositions. By different 
groups. For different purposes. That I certainly find acceptable and 
coherent. And I say "please say what is wrong with them before having them 
enforced or describe a replacement". I doubt that this was discussed beofre 
orplase povide the URL.
This follows a study of an ICP-3 conformant test bed. BTW I note there is 
only one thing I disagree with your ICANN there, is when it says this may 
lead to the unique authoritative root concept to be deprecacted. Absurd, as 
saying that in the future there could be several colors to the sun . But 
which sun are we talking about.
Take care.
jfc