[DT-F] URGENT: Several questions for DT-F

David Conrad david.conrad at icann.org
Fri Apr 17 16:30:58 UTC 2015 

Suzanne,

>There is nothing inherent in the DNS or the root zone that requires
>multiple parties share day-to-day control.

In the DNS, I'd agree: the root zone is a zone mostly like any other
(there is, of course, a bit of policy constraint, e.g., I suspect we won't
be seeing a wildcard in the root anytime soon). However, it is also true
that if you screw up the root zone, you take out the entire DNS, not just
some sub-tree. There is also the detail that the root zone is the one
place that touches on questions of national sovereignty. Like it or not,
the root zone has more sensitivity than any other zone in the DNS.

Given this, I believe it is a valid question whether it should be treated
with greater care than any other zone. I personally think so, thus believe
having a two-party rule for root zone changes is appropriate. But this is,
of course, personal opinion.

>As best I can recall from "back then," there was no such "original
>intent" in the decision to have IANA located in one organization in one
>place and the machines that distributed the root zone located in another
>organization and another place. It was undertaken, IIRC, for roughly the
>same reasons as you'd hire Dyn or Verisign or CloudFlare to do your
>corporate DNS today-- operational (including financial) practicality.
>Rationales having to do with "governance" came later.

True, but "back then", non-trival portions of national economies did not
depend on the Internet.

I think there might be some confusion here.  We do NOT have effective
two-party control in the current system.  What we have is the appearance
of two-party control, but the reality is that since there is no mechanism
by which the change implemented can be compared to the change proposed
prior to publication, an invalid root zone change can be published. Today,
there are contractual obligations that encourage appropriate behavior, but
there is nothing structural that accidental or malicious changes.  Those
contractual obligations are going away. As such, I think it prudent to
move towards a two-party control system that imposes mechanisms that
reduce the risk associated with root zone change.

Regards,
-drc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4673 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/cwg-dtf/attachments/20150417/5df8c1ca/smime.p7s>

More information about the cwg-dtf mailing list