However, there is more generality to my question ... I need a quick
rundown of the latest thinking (RFCs, ID's, IESG & IAB directives, IRTF
experiments) regarding:
1) distributed multiple roots
I would certainly be interested in any scientific and technical papers
about this issue. This is a very interesting and challenging problem.
But I think that we can safely say that you canNOT have multiple roots
IF you want to keep the present semantics of the DNS. (For instance,
the current semantics is "If I send an email to
sales@xxxxxxxxxxxxxxxx, it will arrive in the same malibox,
irrespective of my current email provider". See
http://www.finee.com/travel_tld.htm.)
Wouldn't you be able to resolve to a primary-ness state for a given TLD
(domain names is just an example of the name resource you could resolve
to), through a trust relationship.
I would for example not trust .travel from new.net if ICANN had assumed
control over .travel ... I should be able to pick this from a PKI-based
P2P trust chain, would I not?
It is not a limit of the current protocols. It is a limit forced upon
us by the requirments: if you want the above semantics for
sales@xxxxxxxxxxxxxxxx, you canNOT have multiple roots, because
something (the root) will have to decide who manages
".travel". Otherwise, you will not arrive in Paris for the next IETF
:-)
It would not be the root, it would be the trust chain you build in your
resolver...
[You can compare with distributed file systems or distributed
databases: you typically have to give in some requirments.]
I have not seem trust chain management in any type of DFS... but I am not
a specialist in DFS... though I cannot wait to see the day that Ethernet
interfaces start to ship for SATA drives...
-=Francois=-
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf