Wacky Weekend: The '.secure' gTLD
Eric Brunner-Williams
brunner at nic-naa.net
Mon Jun 4 18:49:37 UTC 2012
On 6/4/12 12:30 AM, Keith Medcalf wrote:
> The greatest advantage of .SECURE is that it will help ensure that all the high-value targets are easy to find.
one of the rationalizations for imposing a dnssec mandatory to
implement requirement (by icann staff driven by dnssec evangelists) is
that all slds are benefit equally from the semantic.
restated, the value of protecting some bank.tld is indistinguishable
from protecting some junk.tld.
re-restated, no new tlds will offer no economic, or political,
incentives to attack mitigated by dnssec.
i differed from staff-and-dnssec-evangelists, and obviously lost.
see also all possible locations for registries already have native v6,
or can tunnel via avian carrier, another staff driven by ipv6
evangelists, who couldn't defer the v6 mandatory to implement
requirement until availability was no longer hypothetical, or
scheduled, for which difference again availed naught.
as a marketing message, sld use of .secure as a tld may be sufficient
to ensure that a sufficient density of high-value targets are indeed
slds of that tld. staff has not discovered a stability and security
requirement which is contra-indicated by such a common fate / point of
failure.
note also that the requirements for new tlds are significantly greater
than for the existing set, so whatever the .com operator does, it is
not driven by the contract compliance regime which contains either the
dnssec or v6 manditory upon delegation bogies.
-e
p.s. the usual -sec and -6 evangelicals can ... assert their inerrant
correctness as a matter of faith -- faith based policy seems to be the
norm.
More information about the NANOG
mailing list