On 2008-10-10 18:39, Thierry Moreau wrote: > > > Brian E Carpenter wrote, to multiple mailing lists of which > ietf@xxxxxxxx is the only relevant as far as I am individually concerned: > >> On 2008-10-10 03:50, Olaf Kolkman wrote: >> >>>> There are links to a number of process flow diagrams that may interest >>>> you. >>> >>> For easy accessibility of those links see: >>> http://www.ntia.doc.gov/DNS/DNSSEC.html >> >> >> I don't think we should endorse in any way the implication that >> the NTIA or any other part of the US (or any other) government >> gets to decide about this. So I suggest that any formal reponse >> from the IAB or IESG should be very clear that this is a decision >> for the community to take and implement. >> > > Wow, that's a late wake up call! The legaleese that binds ICANN to the > US government has been around since ICANN inception. Many people objected to it strongly from the start, and said so. This is hardly a new point. > ...It's this very > legaleese that makes the US government the ultimate "permission" gate > needed for DNSSEC root deployment. If ICANN had been set up in another country, as many people proposed at the time, this argument would certainly have failed. > >> That being said, it's obviously a very desirable thing to do, >> and government encouragement seems welcome. I can't comment >> on which of the detailed proposals is technically best. >> > > This inability makes sense to me, because the IETF (if I'm correct, your > contributions are mainly supportive of the IETF-IESG "progress" - i.e. > effectiveness, influence, assertions of legitimacy and > representativeness, and why not, power) didn't challenge the ICANN-US > governemnt-Verising position in DNS operational issues. That's true; the IETF is not in the business of operating the Internet. But that doesn't preclude the IETF, or its participants, having a *technical* opinion about the mechanics of signing the root. My message was asking that we don't endorse the "political" situation while making technical comments. > ...In other words, > the IETF has not been concerned (beyond relatively minor activity in > dnsop wg) with the ICANN mission, which is multi-faceted. See Stephane's response. Also, the IAB has communicated with NTIA on various occasions about ICANN's mission. > > Like it or not, civil servants somewhere in an office called NTIA are > faced with the task of deciding about these (boring but required) DNSSEC > KSK scenarios. Actually they have another option, which is to leave ICANN alone to take the technical decisions for technical reasons, including getting advice from the IETF if they want. Brian _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf