Re: our pals at ICANN, was Circle of Fifths

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 09, 2009 at 01:16:37PM -0800, David Conrad wrote:
> On Nov 6, 2009, at 9:30 AM, Phillip Hallam-Baker wrote:
> > Clearly the root operators are responsible to and accountable to the Internet community.
> 
> Err, no.
> 
> First, the root server operators are all independent actors performing a service for the Internet community for their own reasons.  They are formally responsible and accountable to different communities, e.g., the folks who run "C" are responsible to their share holders and the folks who run A and J do so under a cooperative agreement with the US government.

	well A is certainly run under agreement with the DoC.  J on the other hand...

> 
> Secondly, there are no formal terms of responsibilities nor accountability to the Internet community.  In the past, specific root servers have been operated abysmally poorly and there was nothing that could be done by the "Internet community" to force root server operators to change the way they do things.  With one arguable exception (that of VeriSign) there are no service level agreements, no penalties for failure to perform, and no formal commitments whatsoever.

	There is some intimation that L might be covered under a similar type of instrument.
	But I have no real time to investigate further.

> 
> How exactly is that being "accountable to the Internet community"?

	I'm pretty sure you have the right direction here, that the operators are accountable to
	their communities.  I've a tough time with a workable definition of "Internet Community"
	though.

> 
> > DNSSEC with a single root of trust would transform it from constitutional monarch to absolute monarch.
> 
> I have no idea what this means.  As I'm sure you are aware, DNSSEC merely allows folks to validate data hasn't been modified between the point in which the data is signed and the validator.  If folks don't want to trust the ICANN/IANA KSK and/or VeriSign ZSK, they're free to import the individual trust anchors however they choose.  There is no magic here.
> 
> Regards,
> -drc
> 
> _______________________________________________
> Ietf mailing list
> Ietf@xxxxxxxx
> https://www.ietf.org/mailman/listinfo/ietf

-- 
--bill

Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).

_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]