ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: our pals at ICANN, was Circle of Fifths

2009-11-13 06:41:32
from [Bill Manning] [Permanent Link] 
On Mon, Nov 09, 2009 at 01:16:37PM -0800, David Conrad wrote:

On Nov 6, 2009, at 9:30 AM, Phillip Hallam-Baker wrote:

Clearly the root operators are responsible to and accountable to the 
Internet community.


Err, no.

First, the root server operators are all independent actors performing a 
service for the Internet community for their own reasons.  They are formally 
responsible and accountable to different communities, e.g., the folks who run 
"C" are responsible to their share holders and the folks who run A and J do 
so under a cooperative agreement with the US government.


        well A is certainly run under agreement with the DoC.  J on the other 
hand...



Secondly, there are no formal terms of responsibilities nor accountability to 
the Internet community.  In the past, specific root servers have been 
operated abysmally poorly and there was nothing that could be done by the 
"Internet community" to force root server operators to change the way they do 
things.  With one arguable exception (that of VeriSign) there are no service 
level agreements, no penalties for failure to perform, and no formal 
commitments whatsoever.


        There is some intimation that L might be covered under a similar type 
of instrument.
        But I have no real time to investigate further.



How exactly is that being "accountable to the Internet community"?


        I'm pretty sure you have the right direction here, that the operators 
are accountable to
        their communities.  I've a tough time with a workable definition of 
"Internet Community"
        though.




DNSSEC with a single root of trust would transform it from constitutional 
monarch to absolute monarch.


I have no idea what this means.  As I'm sure you are aware, DNSSEC merely 
allows folks to validate data hasn't been modified between the point in which 
the data is signed and the validator.  If folks don't want to trust the 
ICANN/IANA KSK and/or VeriSign ZSK, they're free to import the individual 
trust anchors however they choose.  There is no magic here.

Regards,
-drc

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf


-- 
--bill

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Jabber, ... at IETF Plenary Discussions (Re: IETF Plenary Discussions), Alexandru Petrescu
Next by Date:  RFC levels and I-D "levels", Yaron Sheffer
Previous by Thread:  Re: our pals at ICANN, was Circle of Fifths, Peter Saint-Andre
Next by Thread:  Re: our pals at ICANN, was Circle of Fifths, Mark Andrews
Indexes:  [Date] [Thread] [Top] [All Lists]