[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [idn] IAB letter on IDNs and VeriSign

To: Dave Crocker <dhc@dcrocker.net>,Soobok Lee <lsb@postel.co.kr>,John C Klensin <klensin@jck.com>,idn@ops.ietf.org,Paul Hoffman / IMC <phoffman@imc.org>
Subject: Re: [idn] IAB letter on IDNs and VeriSign
From: "JFC (Jefsey) Morfin" <jefsey@jefsey.com>
Date: Thu, 30 Jan 2003 13:05:44 +0100
In-reply-to: <190445286778.20030129110951@brandenburg.com>
References: <Pine.LNX.4.10.10301280925110.2089-100000@spitfire.law.miami.edu><Pine.LNX.4.10.10301280925110.2089-100000@spitfire.law.miami.edu>

On 20:09 29/01/03, Dave Crocker said:

Michael,
"Defeatist" implies a battle about the DNS administrative model.

If you can point to a credible technical proposal for a DNS
administrative model that does not hinge on a centralized, core
authority over the namespace, please feel free to produce it. After this
many years of debate, it is noteworthy that none has been forthcoming.

Without even quoting the way all this was created, I can do that without any problem: ICP-3.
I quote : "it [does not] preclude the ultimate introduction of new architectures that may ultimately obviate the need for a unique, authoritative root."

Please, let not confuse the management of the Postel Legacy "interneted" system with specific targets and rules (which worked well) and the management of the world e-network system "cataneted" into a single "netcontinuity" (we will come back on these key words below). There is no opposition, just work to carry in common.

ps.  "credible" means that the specification is thorough, has been
subject to extensive technical review, and has garnered significant
support within the Internet technical and administration communities.

"credible" certainly means such an extensive technical review but most of all it requires the "responsible experimentation [which] is essential to the vitality of the Internet" (ICP-3). This is why "to ensure that community-based policies take precedence [.] ICANN encourages responsible experimentation designed to further advance the Internet as a useful, stable, and accessible medium for the public good." (final sentence of the ICP-3 document).

The point you make well is that the Internet *administration* community must approve it. This means that the experimentation must also be societal (all what we commonly name "mission creep") and political (the governance of the name space, GAC, etc), "within a community-based framework (such as the IETF)" (ICP-3). This is the purpose of the dot-root project: to set-up and propose a well identified real life test bed for the global community (anyone welcome to join and help) to test possible progresses in the global DNS management area. Because the IETF alone is not equipped to address layers 8 and above. This is why we keep informing the IETF (an informative draft author would be welcome) as no technical solution can become a consensus outside of the IETF.

The two dangers we face are obviously:

- the confusion of the "Internet administration community" with ICANN (may be renaming ICANN after Internet Community for Administration of Names and Numbers would help). The current americanism of ICANN is a layer 9/10 issue: it should not result into the layer violations we experiment (under the subtle form of pressures to protect us against ... such possible violations).

- the other one is to confuse the international and the legacy namespaces rules too fast. Since 1984 (when Internet entered the International namespace through the RFC 920, which in turns legitimates ICP-3, [cf ICP-3.1 para 4]) things have stayed the same ("status quo") on the Internet side, while they changed outside and the whole world's e-network distribution changed with the web application. This means that aggregation cannot be carried only in resuming the initial arrangements: but it may certainly take advantage,
a) from the initial experience, from a good analysis and understanding of the Postel's system
b) from a seriously engaged testing by the largest number,
c) including people not familiar with IETF (developing countries which have particular needs, specialized community (could be TLDs) SLDs, etc.

There are basically two directions. Status quo and a slow and progressive enlargement of the number of TLDs. This will not go very far since the only model ICANN knows is the current TLD contracted/yearly subscribed DN model imposed on the Internet by accident, rather than planed, to address a closed private interconnected environment (what Vint referred to as "internetting").

The second model is a parallel root server deployment, under mutual consistency control. The key issues to work on and test are:

- the root file automated maintenance from the TLD Managers' data (this call for a long testing
permitting to check the accuracy and the stability of the result).

- the meaning and check of what "consistency" technically ,societal and politically means.

This model may obviously take advantage from the initially netcontinuity of the Intl namespace as created and managed by Tymnet for the monopolies under the FCC/ITU rules and with the concerted support of the ISIS (Operators/Large private nets) Clubs. And from of what Louis Pouzin explained about "catenet", catenating the different namespaces - what lead in a way to the OSI. Also from the experience of the global roots.

But the final solution will obviously be a common, commonly tested, commonly approved, commonly used one. Commercial ventures in the namespace such as Verisign and New.net are necessary to keep moving but are post probably not to be the final model (IMHO the final model calls for life-long, free community oriented, legally protected, network pointers of the mnemonics, trade marks, personal names - the way they were created (1977/78) and the way Internet implemented them (1984)). In the respect of the users', markets', states' demands, of the DNS implementation, and of every experiences.

Now, the IDNs should have had no real bearing of this, as they should have been transparent to the DNS. Unfortunately the WG-IDN proposition is not transparent to the DNS both technically (as you know IMHO it introduces a cross left to right hierarchy in the namespace though the ACE label) and administratively (the babel name issue). Also it is not proposed in consistence with the global URL architecture. This leads to the above mentioned necessity of a real life testing and of a plug-in solution.

In having only considered the punycode aspect and not the global problem (market expectation, technicalities, operations, deployment, economical model, user architecture, network architecture, collateral innovation possibilities, real world market habituses, de facto technologies standard, legal and cultural impacts, etc..) it left others such as Walid and MicroSign to work on them. The problem is the ROI of that work. You cannot expect an investor to work everything, for everyone for free. So instead of a community (GPL) solution worked out, experimented and deployed together we have reached the present situation.

What is the way out?

IMHO we have reached a situation where those concerned in real their IP protection, businesses, large non-profit organizations (ccTLDs, specialized SLDs, i-dns, Verisign, Microsoft, Walid, etc. may be with chips manufacturers, GAC, WTO due to the industrial and trade management impact though the impact on the URL) should sort out a practical solution based upon an open/GPL plug-in architecture standard agreement, preserving their innovation and commercial rights but insuring a stable, secure and innovation capable solution.

This will certainly have an impact on the DNS in three ways :

- the ultimate support of Unicode names in the DNS you call for
- the support of network extended services in the DNS area (DNS+) I work on
- the support of many new script TLDs replicating the ASCII TLDs as we see that John's propositions and my clumsy patch cannot go really through without a complete review of the internetting architecture (what is maybe also under way?)

Now, what are the alternatives. All this has to be tested.

- Either it is tested on a local basis (China, Far East) with solutions and experiences staying local to this area plus to a limited number of commercial ventures supporting them,

- Or all these experiences can aggregate into a common project such as dot-root or a super consensus, and solutions, experience and innovation will be open to all. I push for that otherwise we will have a technology split of the nets.

IMHO the whole future of the Internet is at stake and parts of the world industrial development as adressing and human infterfaces are key part of many system/appliances design. The ill presentation of some parts of ICP-3 have screened the most positive parts of the document and lead ICANN orignated delays and confusion, as if Stuart Lynn had not had the time to read it.

jfc

References:
- Re: [idn] IAB letter on IDNs and VeriSign
  - From: "Michael Froomkin - U.Miami School of Law" <froomkin@law.miami.edu>
- Re: [idn] IAB letter on IDNs and VeriSign
  - From: Dave Crocker <dhc@dcrocker.net>

Prev by Date: Re: [idn] IAB letter on IDNs and VeriSign
Next by Date: Re: [idn] IAB letter on IDNs and VeriSign
Previous by thread: Re: [idn] IAB letter on IDNs and VeriSign
Next by thread: Re: [idn] IAB letter on IDNs and VeriSign
Index(es):
- Date
- Thread