[Pr-plan] Public-Root resolution problems and UNIDT (fwd)
Statement of the Official Public-Root Representative September 29, 2005 This communication is published on the Internet at URL: http://www.cynikal.net/~baptista/P-R/2005-09-29%20Memo%20to%20the%20Internet... Memo to the Internet Community Public-Root resolution problems I in my capacity as the Official Public-Root Representative and whistle-blower, asked Peter Dambier to publish to NANOG a notice that the Public-Root had fractured. Namely, the root in Ankara operated by Celep Bahadir who is also the UNIDT (www.unidt.com) representative to Turkey and the Middle East. There was an attempt by UNIDT to start a new root system called the United-Root. Attempts by Ankara to test this root on l.public-root.net at 195.214.191.125 resulted in a fracturing of the public-root network. The Ankara root injected a number of older records into the DNS resulting in false answers to queries. Ankara was also listing as root servers some DNS that pointed back to ICANN data and did not resolve the Public-Root. This was very unprofessional behavior on behalf of UNIDT resulting in a serious violation of their contractual obligations to the Public-Root. I sent several email communications to UNIDT General Manager Mr. Marty van Veluw pointing out the problem. I am pleased to announce the problem is corrected now but no official response was received back from Mr. Van Veluw. The last time Ankara was checked it was found the root server is out of sync with the remaining Public-Root network. This is also very unprofessional. I have sent email messages to Mr. van Veluw pointing out the problem. Unfortunately I consider UNIDT unstable and expect they may intentionally jeopardize the root in order to break their contracts with us. Mr. Martijn Burger the chair of INAIC and Public-Root has advised me Mr. van Veluw may close down the Ankara server in the near future. This would also constitute a violation of the contract between UNIDT and the Public-Root. I continue to maintain my position that any administrator using the public-root should select another root system during this period of reorganization. I also want to take this time to criticize NANOG (North American Network Operators Group) and the inclusive and alternative namespace communities. However, my main concern is NANOG. I find the fact the people of Turkey are being the subject of technical jokes on NANOG appalling. Anyone who understands the importance of root servers also understands the fiduciary responsibilities that go with such an operation. The technical problems with the public-root pale when one reviews the people involved. I regret to say that hackers and criminals are behind the Public-Root. Therefore, this is not a joke, this is a serious issue. The people of Turkey and Tiscali users have been surfing the Internet using a system that can compromise their security and privacy. I hope in future the NANOG and root communities will be more responsive and civil. - 33 - Joe Baptista, Official Public-Root Representative and Lobbyist to the United States Congress and Senate / Tel: +1 (202) 517-1593 Public-Root Disclosure Documents: http://www.cynikal.net/~baptista/P-R/ Public-Root Discussion Forum: http://lair.lionpost.net/mailman/listinfo/pr-plan
On Fri, 30 Sep 2005 15:57:47 +0200, Peter Dambier said:
http://www.cynikal.net/~baptista/P-R/2005-09-29%20Memo%20to%20the%20Internet... 20Community.pdf
There was an attempt by UNIDT to start a new root system called the United-Root. Attempts by Ankara to test this root on l.public-root.net at 195.214.191.125 resulted in a fracturing of the public-root network.
The Ankara root injected a number of older records into the DNS resulting in false answers to queries. Ankara was also listing as root servers some DNS that pointed back to ICANN data and did not resolve the Public-Root. This was very unprofessional behavior on behalf of UNIDT resulting in a serious violation of their contractual obligations to the Public-Root.
I'm not sure whether to say "We told you so" or just "RFC2826".
Peter Dambier wrote:
The Ankara root injected a number of older records into the DNS resulting in false answers to queries. Ankara was also listing as root servers some DNS that pointed back to ICANN data and did not resolve the Public-Root. This was very unprofessional behavior on behalf of UNIDT resulting in a serious violation of their contractual obligations to the Public-Root.
Sounds like chaos. If only there was some way of co-ordinating a central root, managed by a trustworthy, established, stable main player. A bit like an internationally organized, non-profit corporation that has responsibility for Internet Protocol (IP) address space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) Top-Level Domain name system management, and root server system management functions. Has anyone considered this ?
On Fri, Sep 30, 2005 at 04:05:34PM +0100, Andy Davidson <andy@nosignal.org> wrote a message of 19 lines which said:
A bit like an internationally organized, non-profit corporation ... Has anyone considered this ?
Yes, replacing the DoC puppet by an internationally organized corporation would be a good idea.
On Fri, 30 Sep 2005, Peter Dambier wrote:
Statement of the Official Public-Root Representative
Public-Root resolution problems
I in my capacity as the Official Public-Root Representative and whistle-blower, asked Peter Dambier to publish to NANOG a notice that the Public-Root had fractured. Namely, the root in Ankara operated by Celep Bahadir who is also the UNIDT (www.unidt.com) representative to Turkey and the Middle East.
There was an attempt by UNIDT to start a new root system called the United-Root. Attempts by Ankara to test this root on l.public-root.net at 195.214.191.125 resulted in a fracturing of the public-root network.
The Ankara root injected a number of older records into the DNS resulting in false answers to queries. Ankara was also listing as root servers some DNS that pointed back to ICANN data and did not resolve the Public-Root. This was very unprofessional behavior on behalf of UNIDT resulting in a serious violation of their contractual obligations to the Public-Root.
From Life of Brian, scene 7.
BRIAN: Are you the Judean People's Front? REG: Fuck off! BRIAN: What? REG: Judean People's Front. We're the People's Front of Judea! Judean People's Front. Cawk. FRANCIS: Wankers. BRIAN: Can I... join your group? REG: No. Piss off. BRIAN: I didn't want to sell this stuff. It's only a job. I hate the Romans as much as anybody. PEOPLE'S FRONT OF JUDEA: Shhhh. Shhhh. Shhh. Shh. Shhhh. REG: Schtum. JUDITH: Are you sure? BRIAN: Oh, dead sure. I hate the Romans already. REG: Listen. If you really wanted to join the P.F.J., you'd have to really hate the Romans. BRIAN: I do! REG: Oh, yeah? How much? BRIAN: A lot! REG: Right. You're in. Listen. The only people we hate more than the Romans are the fucking Judean People's Front. P.F.J.: Yeah... JUDITH: Splitters. P.F.J.: Splitters... FRANCIS: And the Judean Popular People's Front. P.F.J.: Yeah. Oh, yeah. Splitters. Splitters... LORETTA: And the People's Front of Judea. P.F.J.: Yeah. Splitters. Splitters... REG: What? LORETTA: The People's Front of Judea. Splitters. REG: We're the People's Front of Judea! LORETTA: Oh. I thought we were the Popular Front. REG: People's Front! C-huh. FRANCIS: Whatever happened to the Popular Front, Reg? REG: He's over there. P.F.J.: Splitter! GOLIATH: [pant pant pant] Ooh. Ooh. I-- I think I'm about to have a... cardiac arrest. Ooh. Ooh. SPECTATOR: Absolutely dreadful. Hmm. CROWD: [cheering] REG: Yes, brother! Ha ha. What's your name? BRIAN: Brian. Brian Cohen. REG: We may have a little job for you, Brian. Roy
On Fri, 30 Sep 2005, Peter Dambier wrote:
I also want to take this time to criticize NANOG (North American Network Operators Group) and the inclusive and alternative namespace communities. However, my main concern is NANOG. I find the fact the people of Turkey are being the subject of technical jokes on NANOG appalling.
Not jokes, my dear Mr. Baptista, what we've been saying is "We told you so" in about 200 different forms. Chaos is not unexpected from an alternate root system, though we more expected the problems to start with technical barriers, before financial or personal ones flared up. The problem with alternate roots carrying non-universal data was documented in several RFCs with very sound technical merit, going all the way back to the Jim Fleming/AlterNIC/PacRoot heyday of alternate root servers. After all this time has passed, you willfully ignore established technical and operational facts about how global reachability is compromised by the snake oil you're peddling. Just the term "inclusive namespace" is a political PR spin term that is misleading at best, and coupled with the name "Public-Root", downright deceptive in practice. (I have to hand it to you, though; that kind of word play could earn you an official position in Washington. Oh, I see you have a "lobbyist" title already. Oy vey. 8-) And based on the previous paragraph, I can only conclude that Public-Root is not meant to take away ICANN's stranglehold -- rather, it's meant to line the Public-Root group's pockets. Unlike ORSN, which is currently being discussed on NANOG as well, Public-Root is actually *selling something*, not simply acting benevolently in the best interest of the Internet. Public-Root may be operating DNS servers that serve up a root zone, but it is not operating an "inclusive namespace", nor "Internet" root DNS servers. In reality, the term "Internet" itself was coined to identify a network of *globally universal* protocols and their trimmings (which came to include the DNS). Now, the Public-Root is actively working to reduce global reachability. That's not "inclusive"; it's *exclusive*. I'm probably taking to a brick wall here, but here I have tried to appeal to your sense of technical sanity to drop the facade and work to do the Right Thing, not the profitable thing. (Note: All this comes from someone who actually used AlterNIC's roots for about 13 months back in "the day" -- and finally realized what a bunch of crap the whole situation was. I don't necessarily expect you to come to the same realization, but I can still try to echo a common sentiment directly to you, rather than through a third party such as Mr. Dambier.) -- -- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>
participants (6)
-
Andy Davidson
-
Peter Dambier
-
Roy Arends
-
Stephane Bortzmeyer
-
Todd Vierling
-
Valdis.Kletnieks@vt.edu