The whole alternate-root ${STATE}horse (was Re: Enable BIND cache server to resolve chinese domain name?)

• Previous message (by thread): The whole alternate-root ${STATE}horse (was Re: Enable BIND cache server to resolve chinese domain name?)
• Next message (by thread): The whole alternate-root ${STATE}horse (was Re: Enable BIND cache server to resolve chinese domain name?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 7:37 PM -0400 2005-07-05, Jay R. Ashworth wrote:

>  Hmmm...  again, absent TLD collisions, I don't see that writing a
>  recursive-only server that can coalesce the TLD namespace from multiple
>  roots ought to be *that* hard... but then I'm not Cricket, neither.

	In theory, it should be trivial.  In practice, I believe that it 
is quite non-trivial.  I believe that we can look around and pretty 
easily find at least a few examples that demonstrate how difficult it 
is to get this right.

	The history of BIND alone is quite instructive, I believe.  The 
fact that everyone and their brother seems to create 
authoritative-only servers as their 6th grade science project, but 
there are still relatively few caching-only servers, is another data 
point.

>  And my perception is that the cat is *out* of the bag, and fretting
>  about how bad it would be were the cat to get out of the bag (which is
>  my perception of most people's view of this issue) isn't especially
>  productive; the solution is to figure out how to manage the problem.

	I'm not sure, but I think we're at the stage where we might just 
be able to put the genie back in the bottle, if we act fast and we 
can get suitable alternative mechanisms in place through the existing 
official IETF/ICANN process.

	But if we don't get this fixed soon, I fear that we'll never be 
able to do that.  At that point, we've got our private parts hanging 
out in the wind, and we're depending on the good nature of people not 
to come along and whack them with baseball bats, and we're depending 
on good fortune keeping harsh weather away that might result in 
lightning strikes.


	There's not much we can do to stop the alternate roots.  They 
already exist, and at least two are currently in operation.  However, 
I think we can look at what it is that they're offering in terms of 
i18n and see what we can do to address those issues from inside the 
system.

	IMO, i18n is the only potentially legitimate thing that alternate 
roots are capable of providing, and the only thing we need to worry 
about resolving within the system.  Outside of i18n, I don't give a 
flying flip what the alternate roots do or what services they claim 
to offer.


	And that, I believe, is operationally relevant because the 
outcome will affect us all.  If nothing else, code will have to be 
adapted to match whatever is specified as a result of the IETF/ICANN 
political process.  And we'll all have to update our servers.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.

• Previous message (by thread): The whole alternate-root ${STATE}horse (was Re: Enable BIND cache server to resolve chinese domain name?)
• Next message (by thread): The whole alternate-root ${STATE}horse (was Re: Enable BIND cache server to resolve chinese domain name?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]