10,000 foot view of DNS/Sitefinder/Verisign

Mark Borchers mborchers at igillc.com
Wed Oct 8 17:43:30 UTC 2003


(top posting because I'm citing a fairly lengthy chunk of Howard's
dissertation below)

This is a really good, dispassionate summation, in my personal opinion.
I would like to comment on issue #2...

Granting solely for the sake of argument that there was no legal
obstacle to Verisign's action, it seems that there were at least three
approaches for them to choose from in rolling out the wildcard/
Sitefinder scheme:

1) Although no protocol changes were involved, submit an IETF draft a
'la the RFC process and at least get some working group discussion if
not formal RFC action.  Rationale is that the operational impact of this
type of action at the TLD level is equally as critical to the 
infrastructure as the protocol issues normally dealt with by IETF.

2) Discuss in good faith and in advance with ICANN prior to
implementing.

3) Treat it as a corporate operational policy issue....like when big
Tier 1's have modified peering policy in the past...."people might not
like it but they can't stop us from doing it."

Obviously option 3 is the most aggressive and most unilateral approach.
And just as obviously, there is plenty of precendent and procedure in
favor of options 1 and 2 that would have leapt out as being more
responsible 
to any objective person.


> -----Original Message-----
> 
> After attending the afternoon ICANN Security & Stability Committee
> meeting, I realized that the issues involved fall into several 
> related but independent dimensions.  Shy person that I am *Cough*, I 
> have opinions in all, but I think it's worthwhile simply to be able 
> to explain the Big Picture to media and other folk that aren't 
> immersed in our field.
> 
> 1. Governance issues
> --------------------
> 
> Did Verisign have the right, regardless of technical merit, to do
> what it did without prior warning?  I'm simply saying "did they do 
> anything contractually or otherwise legally forbidden", not "was it 
> strongly counter to the assumptions of the Internet" or "were they 
> mean and nasty."
> 
> The news/political interest here is whether any other group should or
> could have affected this, or if we need new governance mechanisms.
> 
> Has this revealed any conflict of interest issues?  To what extent
> should a registry be able to act unilaterally?  These points are 
> meant to be examined here in the context of law, regulation and 
> governance, as opposed to the less formal points in #2.
> 
> 2. Process (slightly different than governance) issues.
> ------------------------------------------------------
> 
> Moving away from  the letter of their contracts, what should they
> have done (if anything)  about open comment and forming consensus? 
> This is vaguely making me wonder if they had evidence of 
> WMDs....oops, wrong controversy.
> 
> Assume they had no requirement for prior discussion.  What, if any,
> requirements did they have for testing and validating their approach, 
> given that a top-level registry is in a unique connectivity position 
> with special privileges.






More information about the NANOG mailing list