Fascinating interview with Verisign CEO
On Oct 17, 2003, at 4:17 AM, Hank Nussbacher wrote:
http://news.com.com/2008-7347-5092590.html
-Hank
This has to be the most unbelievable propaganda I have ever read. What needs to be done to take the GTLD service away from these crooks? Voting with my dollar, I'm happy to say I never have, and now, never will get a SSL cert from verisign. -P
Actually, if ISPs and engineering folks at ISPs are so pissed off at VeriSign they can easily kill the entire Sitefinder scam by simply routing its traffic to a bit bucket. And by rerouting the .COM and .NET to the boxes having the sanitized versions of zones. It does not say anywhere that providers are oblidged to carry all DNS traffic directly to the original nameservers. If VeriSign tries to do more of their monopolistic tricks, it may be a very good idea to give them taste of their own medicine. This can even be defensible from the legal point of view as protection of business assets (i.e. working Internet connectivity) from being tampered with by an unauthorized party. No different than shutting off a script kiddie. "Not doing business" with VeriSign can easily mean "not routing". --vadim
On Fri, Oct 17, 2003 at 01:40:00AM -0700, Vadim Antonov wrote:
Actually, if ISPs and engineering folks at ISPs are so pissed off at VeriSign they can easily kill the entire Sitefinder scam by simply routing its traffic to a bit bucket. And by rerouting the .COM and .NET to the boxes having the sanitized versions of zones. It does not say anywhere that providers are oblidged to carry all DNS traffic directly to the original nameservers.
Yes, but, part of what pissed off many folk was that someone was messing about with data near the top of the DNS tree which they thought were inviolable. Reconfiguring nameservers to ask for .COM and .NET details from somewhere else or to give RCODE 3 when it wasn't what was received feels like joining the anarchy rather than being the right solution. Having said that, the right solution might be a while in coming. A 'just good enough' solution should suffice for now. -- Andrew Bangs andrewb@demon.net
--On Friday, October 17, 2003 11:02 AM +0100 Andrew Bangs <andrewb@demon.net> wrote:
Yes, but, part of what pissed off many folk was that someone was messing about with data near the top of the DNS tree which they thought were inviolable. Reconfiguring nameservers to ask for .COM and .NET details from somewhere else or to give RCODE 3 when it wasn't what was received feels like joining the anarchy rather than being the right solution.
It's not so much joining the anarchy for myself as it's that I'd have to start screwing with and kludging good, working production level systems into something that looks like a mona lisa with gaffer tape strapping it to the wall. It takes time to get it done, and it's just going to fall down every time you turn around. I hesitate to speak for anyone else on the list, but I'd be willing to bet that many of 'us' in the community don't have time for something like that having plates that are already much too full. VeriSign though is forcing this to happen with a unilateral decision they have no political and legal right to make. Just my, possibly valueless, opinion.
Having said that, the right solution might be a while in coming. A 'just good enough' solution should suffice for now.
-- Andrew Bangs andrewb@demon.net
-- Undocumented Features quote of the moment... "It's not the one bullet with your name on it that you have to worry about; it's the twenty thousand-odd rounds labeled `occupant.'" --Murphy's Laws of Combat
At 01:17 AM 10/17/2003, Hank Nussbacher wrote:
"Sclavos also says it's time to transfer the responsibility for operating the root servers from volunteers to the commercial sector. " No, it's time for ICANN to transfer the responsibility for operating the root servers away from a commercial company that is trying to profit off of this *public trust*, and entrust the responsibility to an entity that understands its rights and responsibilities on this matter. Verisign has clearly demonstrated that they DO NOT UNDERSTAND that the data in the root server is not theirs to use, change at will, or profit on. When will ICANN demonstrate that they understand their responsibility to the Internet users who have entrusted them to manage these public resources and do their job to stop Verisign's power grab over these public records? Do we have to recall ICANN now? jc - in California, where we will now have Governor Arnold because Governor Gray couldn't get his head wrapped around the idea that he was *entrusted* to run the state in a responsible manner.
On Fri, 17 Oct 2003, Hank Nussbacher wrote:
Are you looking to monetize DNS lookups? "No." ... "But it would be commercially unreasonable for anyone to suggest that we shouldn't be allowed to build incremental services on top of that if they deliver value." Who is speaking out of both sides of the mouth? Gerald
Gerald wrote:
Are you looking to monetize DNS lookups? "No." ... "But it would be commercially unreasonable for anyone to suggest that we shouldn't be allowed to build incremental services on top of that if they deliver value."
Who is speaking out of both sides of the mouth?
They would just like to load a wildcard to the root zone, nothing more, nothing less. Pete
Gerald wrote:
Are you looking to monetize DNS lookups? "No." ... "But it would be commercially unreasonable for anyone to suggest that we shouldn't be allowed to build incremental services on top of that if they deliver value."
Who is speaking out of both sides of the mouth?
They would just like to load a wildcard to the root zone, nothing more, nothing less.
Pete
Thats not a verisign idea, that one is -mine- --bill
on 10/17/2003 3:17 AM Hank Nussbacher wrote:
First reaction is that this guy *really* needs some schooling in the value of having public-interest bodies facilitate and regulate interstate commerce in a federated system. Second reaction is that "commercializing the infrastructure" is a fairly dumb way to frame the debate, since we're not talking about the entire infrastructure but instead are talking about a couple of zones. Third reaction is that his opinion of what the Internet "needs" is not only wrong, but even if it were correct it would not give him the authority to usurp control over those zones. What next, all domains below the root have to pay a tax to the new emporer? -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
At 10:59 AM -0500 10/17/03, Eric A. Hall wrote:
on 10/17/2003 3:17 AM Hank Nussbacher wrote:
First reaction is that this guy *really* needs some schooling in the value of having public-interest bodies facilitate and regulate interstate commerce in a federated system. Second reaction is that "commercializing the infrastructure" is a fairly dumb way to frame the debate, since we're not talking about the entire infrastructure but instead are talking about a couple of zones. Third reaction is that his opinion of what the Internet "needs" is not only wrong, but even if it were correct it would not give him the authority to usurp control over those zones. What next, all domains below the root have to pay a tax to the new emporer?
A subtlety often lost in this discussion is that while we might want to get government out of the process, privatization does not necessarily mean commercialization. On one hand, privatization can go to a not-for-profit. Another alternative is to commercialize, but to treat the commercial enterprise as a regulated utility. Verisign is operating as a totally free entity.
on 10/17/2003 12:05 PM Howard C. Berkowitz wrote:
At 10:59 AM -0500 10/17/03, Eric A. Hall wrote:
on 10/17/2003 3:17 AM Hank Nussbacher wrote:
First reaction is that this guy *really* needs some schooling in the value of having public-interest bodies facilitate and regulate interstate commerce in a federated system. Second reaction is that "commercializing the infrastructure" is a fairly dumb way to frame the debate, since we're not talking about the entire infrastructure but instead are talking about a couple of zones. Third reaction is that his opinion of what the Internet "needs" is not only wrong, but even if it were correct it would not give him the authority to usurp control over those zones. What next, all domains below the root have to pay a tax to the new emporer?
A subtlety often lost in this discussion is that while we might want to get government out of the process, privatization does not necessarily mean commercialization. On one hand, privatization can go to a not-for-profit. Another alternative is to commercialize, but to treat the commercial enterprise as a regulated utility. Verisign is operating as a totally free entity.
Regulated commercial activity is what we have now, and it has (mostly) been working pretty well up to now. What the interview illustrates (or rather, what the provided quotations illustrate, which may be out-of-context or erroneously summarized), is that he wants to eliminate the regulatory oversight part. He also seems unapolegitic in the inference that the unilateral wildcarding of the public zones are a natural first step down that path. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
participants (11)
-
Andrew Bangs
-
bmanning@karoshi.com
-
Eric A. Hall
-
Gerald
-
Hank Nussbacher
-
Howard C. Berkowitz
-
JC Dill
-
Michael Loftis
-
Petri Helenius
-
Phil Rosenthal
-
Vadim Antonov