On 8October2013Tuesday, at 6:19, Phillip Hallam-Baker wrote:
>
>
>
> On Tue, Oct 8, 2013 at 8:53 AM, manning bill <bmann...@isi.edu> wrote:
> >
> >
> > I think the US executive branch would be better rid of the control before
> > the vandals work out how to use it for mischief. But better would be to
> > ensure that no such leverage exists. There is no reason for the apex of the
> > DNS to be a single root, it could be signed by a quorum of signers (in
> > addition to the key splitting which I am fully familiar with). And every
> > government should be assigned a sovereign reserve of IPv6 addresses to
> > prevent a scarcity being used as leverage.
> >
> > --
> > Website: http://hallambaker.com/
>
> Quorum signing with split keys was already built and tested in a
> root server operator testbed (the OTDR testbed) from 1998-2005. It was
> considered more fragile than the current system.
>
> Considered more fragile by whom?
>
> By the members of the $250m/yr NSA mole program?
>
>
> Very few people in DNS land recognize the class of attack as being realistic.
> Even when they have prime ministers and members of the GRU visiting them to
> tell them how important the issue is to their country.
>
> We already have one example of lobbyists attempting this type of attack (see
> Martin's post). So it is far from unrealistic.
>
>
> At present ICANN's power over the DNS is entirely discretionary. Attempting
> to drop Palestine out of the routing tables would simply be the end of the
> ICANN root zone. ICANN could continue to manage .com but their influence over
> the rest of the system would end completely.
>
> But DNSSEC changes the balance of power. With the root signed and embedded
> infrastructure verifying DNSSEC trust chains, the cost of a switchover rises
> remarkably. And when I tried to mention the fact I tended to get nasty
> threats.
>
> The third question of power is 'how do we get rid of you'. The answer in the
> case of DNSSEC is that you can't.
>
>
> Fortunately the issue is quite easily fixed, just as the problem of using
> IPv6 or BGP allocations for leverage is fixable. Governments don't need to
> wait on ICANN or the IETF to develop a quorum signing model for the DNS apex,
> they could and should institute one themselves and tell their infrastructure
> providers to chain to the quorum roots rather than the monolithic apex root.
>
>
Been there, done that, outgrew the teeshirt.
Interestingly, the perceived value of a common, global namespace is
_MUCH_ higher than the value of a controlled, boundary constrained namespace…
At least by nearly every government to date.
The fragile vectors could be classed in two buckets, Human Factors &
Timing.
/bill
