Re: Root Server Operators (Re: What *are* they smoking?)
i don't think so. verisign is on public record as saying that the reason they implemented the wildcard was to enhance the services offered to the internet's eyeball population, who has apparently been clamouring for this.
My question is, if this was to serve some need of internet users, why does port 25 work and not port 80?
i wouldn't speak for verisign on that point even if i knew the facts (which i don't) but i'm guessing that the internet today has mostly just got web browsers on it, and verisign is principally concerned with those people.
So, I'm curious as to your opinion about the bigger issue. Maybe it has been stated somewhere else, and if it has, please direct me to it. I've read all of your posts about this on nanog, and you do an excellent job of staying neutral. You point out that what Verisign is doing is technically valid and therefore shouldn't be addressed with a technical "solution", but you also release a patch for Bind to accomodate obvious demand (and to save users the hassle of implementing half-assed patches with hardcoded A records). However, you do so without actually stating whether or not you think the wildcards are a (policy) problem or not.
let me be clear on that point, then. i've now heard some people from icann's various committees and boards say that they either were not consulted, or that they were consulted and they advised against this, and they feel rather strongly that these wildcards should not have been put in. so, there is a policy problem, which is that folks don't agree as to whether verisign is the owner or the steward for .com and .net, and folks don't agree on whose permission is needed for what. i would like to see that policy problem resolved, but i have no part in it, and i don't actually care which way it's resolved, so long as it is resolved. we all need to know whether verisign is the owner or steward, and we all need to know whose permission is needed for what, and we all need to know what to expect. resolving the policy problems will give us all those things. so, i hope that someone (else) resolves those policy problems. (if y'all need me i'll be out washing my cat.)
You point out that there is high-level ambiguity about the relationship between DOC, ICANN, and Verisign, and about whether or not Verisign should have the public's interest in mind.
speaking as an individual, and not as a party to policy discussions between the people who need to set and follow policies in this arena, i can say:
Do you think they should have the public's interest in mind?
yes. because any tld who does not do this gives ammo to the kooks who want to set up their own alternative namespace. that would be bad for the public since it would be even more chaotic than what we have now, and chaos is expensive and painful.
And do you think the wildcards are in the public's interest?
no. i liked it better when vix.com's parent domain (com) had no wildcard, so that if someone mistyped my domain name they got a hard dns error rather than a verisign search page or mail error.
I can certainly empathize with wanting to stay neutral, but I think we need somebody who carries substantial influence in the name resolution community to have strong opinions about such a poor policy decision.
i sure hope you find her (or him). good luck with that. see you all in san diego (usenix) next month, when i shall joyously lampoon all of this bitrot during my invited talk on the subject of internet governance.
participants (1)
-
Paul Vixie