[Top] [All Lists]

Re: new DNS classes or anything else

2017-07-04 20:47:31
some people have said to me that "put it in the DNS" was funny until
DNSSEC was cooked, at which point it becomes the giant
single-point-of-failure we all depend on, to provide a single unitary
TA over attested things, testable.

it's possible the unitary namespace value is now more about "I can
prove <x>" than its about the simple unique label question.


On Wed, Jul 5, 2017 at 11:39 AM, John Levine <johnl(_at_)taugh(_dot_)com> wrote:
In article <7DCA3DAF1993A2E66915D0DD(_at_)JcK-HP5(_dot_)jck(_dot_)com> you 
Having enough of the world get aggravated enough at ICANN (or
some other entity of one's choice) to make general adoption of
an alternate root plausible is another matter and I don't think
we are there, at least yet.

Here in the IETF we are so close to ICANN that we suffer from sample
bias.  To the extent the outside world is even aware of ICANN, they
see that .com, .org, .net, and the large ccTLDs all work, registering
in them is straightforward and not too expensive, and everything else
is noise.  One advantage of ICANN's turgid bureaucratic processes is
that it makes it unlikely that they will do anything seriously
destructive because it would be too hard.

We all know how to run our own roots if that's what we want to do, but
I continue to observe approximately none of us doing it.