Maybe its like the saying "when all you have is a hammer, everything looks like a nail". The global funds transfer system (SWIFT) used for transferring billions of dollars an hour had a security scare and fell back to an almost manual system for a few days. It worked fine functionally (slightly slower than the automated one), and left clerks all over the world exhausted from overtime, using codebooks instead of programs. But they got thru the security problem without serious incidents at all. With basically a near no technology solution. I mean, Napolean would recognize a one time pad codebook solution! IETF is going to have its babies taken away one at a time by a political process which serves no ones interests well. Unless you are in the (World War) WW x (x=fill in the blank) fan club, for instance. And, its a bad thing, for everyone, and since nobody got a huge moral and functional head start to stop it, it's inevitable as (acid) rain. Worrying about the trouble resolution schemes is a feel good excercise comparing to worrying about the intention of the people involved. More of the next masters care about which polititian overrules which domain name more then whether the thing works. First cannonball over the deck is some massive, extended argument over whether the disputed territories between: Taiwan / R.O.C. Russia / Japan Israel / Palestine The Koreas is which. And the 'solution' to what is a non-problem functionally, will be blockades, hyjacking, etc of the DNS to disempower one side or the other. It seems to me my preferred solution is no official solution, but some techno fire drills with all parties welcome. Under the upcoming envionment, the best possible is complete distributed responsibility. Of course the bad thing is inevitably different DNS servers will serve up different Ip's for some controversial DNS zones. Which is the worse of the two worse cases... that, or having political processes delete unpopular viewpoints. When polititians find out they can squelch opinion by something as simple as a court order to delete a DNS entry, it won't take a week before instances of it are common. The only reason they haven't is they don't understand technology enough to know exactly how well this would work. They will. >As has been pointed out on this list, the actual rate of changes >in the root zone is on the order of a few per week. >Statistically, that means your 24 hour rollback might, often, >have zero effect. Now compare this to the change rate in some >very large ccTLD or gTLD, which is, I would assume, measured in >the thousands per day range. > john Dan Kolis - Lindsay Electronics Ltd dank@xxxxxxxxxxxxxxxxxx 50 Mary Street West, Lindsay Ontario Canada K9V 2S7 (705) 324-2196 X272 (705) 324-5474 Fax An ISO 9001 Company; /Document end