NCSG-DISCUSS Archives

NCSG-Discuss

NCSG-DISCUSS@LISTSERV.SYR.EDU

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Condense Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Sender:
NCSG-Discuss <[log in to unmask]>
X-To:
Avri Doria <[log in to unmask]>
Date:
Mon, 11 Mar 2013 14:58:41 -0400
Reply-To:
Timothe Litt <[log in to unmask]>
Subject:
From:
Timothe Litt <[log in to unmask]>
Message-ID:
In-Reply-To:
Content-Type:
multipart/signed; protocol="application/pkcs7-signature"; micalg=sha1; boundary="------------ms020303020802020006040305"
MIME-Version:
1.0
Parts/Attachments:
text/plain (5 kB) , smime.p7s (5 kB)
> As a mental exercise, what are the technical implications and risks of private/restricted TLDs other than the addition of EPP functionality for confirming when a registration is allowed?

I don't see any *technical* reason that a private TLD owner has to use 
EPP.  DNS would be happy if she wants to accept registrations by carrier 
pigeons and activate them with punched paper tape.

The risks are to the TLD holder and to those who register names under 
that TLD - and if you accept private TLDs, that's a private contractual 
matter between the TLD holder and the registrants. Why should ICANN 
care?  All ICANN needs to worry about is that the nameservers that the 
root refers that TLD to behave - obey the protocol, are up, redundant, 
cache, answer requests, don't generate specious/malicious referrals, 
etc.  And that WHOIS data for the TLD and its registrants is timely and 
correct - to the extent that the domain names issued cover public IP 
addresses/resources.  (If an owner registers only private 
[non-routable]  IP addresses/resources, ICANN/external network operators 
have no technical need to contact the owners.)

Beyond that basic hygiene, it seems to me that the service provided by a 
private TLD is subject only to the SLA (service level agreement) between 
the holder and those who do business with it.

There are things that we'd like to see - like DNSSEC, disaster tolerant 
data storage, etc - but if a private domain is forged/lost, that doesn't 
hurt the larger community.

If the TLD holder subcontracts operation of its servers to some other 
provider, that provider may - as a private contractual matter - impose 
constraints for technical reasons (or to preserve its reputation.)  But 
that's not, strictly speaking, an ICANN issue.

All the other arguments are non-technical - consistency, consumer 
protection, the TLD name is a scare resource that 'shouldn't' be given 
to an irresponsible operator, any IP in the name, 'better uses', and so on.

With respect to restricted TLDs - the argument is essentially the same.  
It's a matter between the community defined by those who operate the TLD 
and those who register under it.   The gray area is if that community is 
sufficiently large, it might be identical to an ICANN group.  (Say, 
Evil.Empire LLC registers .ncom, restricted to non-commerical users - 
some here might think that NCUC should have a say...)

Truly irresponsible behavior should be discouraged by the outrageously 
high cost of entry - though that perspective doesn't work for an entity 
with sufficiently deep pockets and a plan to monetize that behavior.  
Or, a captive audience (say, employees of .megacorp).  But the 
market-driven model says the audience will free itself if the behavior 
costs it enough.

The real question - which is non-technical - is to what extent ICANN and 
it's subdivisions is chartered to represent the consumers of domain 
names under private/restricted TLDs.  When there were few TLDs, ICANN 
had to represent the consumers.  (Or another organization would have 
formed to serve that purpose.) With TLDs handed out for 
private/restricted community use, it seems to me that ICANN need not be 
the venue for protecting consumers.

 From the point of view of an end user (jane smith who just wants to 
send an e-mail,  browse a web page, or use software that gets something 
from the DNS), there are a lot of things that argue for much stricter 
technical standards.  BUT ICANN doesn't (and never has) represented end 
users, except by accident - when their interests happen to match those 
of registrants'.

The private TLD argument is laissez-faire - the market will sort out the 
good operators from the bad.  So, as much as I personally would LIKE to 
see consistent, reasonably high technical standards - under the 
laissez-faire philosophy, I think we can only REQUIRE that operators not 
damage the DNS infrastructure that servers the other TLDs.

ICANN can OFFER to provide such standards and a consistent experience, 
and I suppose could provide a rating of what standards a domain meets, 
resulting in a public reliability/trustworthiness rating - but so could 
other independent auditors.  And watch operators find ways to game the 
system... (Market rules, right?)

Ah, for simpler times...(They really were simpler.)

Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.

This communication may not represent my employer's views,
if any, on the matters discussed.

On 11-Mar-13 13:56, Avri Doria wrote:
> Hi,
>
> As a mental exercise, what are the technical implications and risks of private/restricted TLDs other than the addition of EPP functionality for confirming when a registration is allowed?
>
> avri
>
> EPP:  Extensible Provisioning Protocol  RFC 3730 et al.
>
> On 11 Mar 2013, at 13:38, McTim wrote:
>
>> On Mon, Mar 11, 2013 at 11:49 AM, Carlos A. Afonso <[log in to unmask]> wrote:
>>> And this is something that several people in the so-called "technical
>>> community" find beyond their understanding
>> I think this is incorrect.  If a good case were made that a closed TLD
>> restricted competion, I for one would be happy to agree with it.
>>
>> Just asserting the fact without evidence doesn't make it so.
>>
>>
>>
>> -- 
>> Cheers,
>>
>> McTim
>> "A name indicates what we seek. An address indicates where it is. A
>> route indicates how we get there."  Jon Postel
>>




ATOM RSS1 RSS2