Why is it that we have to pay the full first class postage rate when we cast our votes by mail?
Congress critters get franking rights (free postage).
Printed books get reduced rates.
And junk mail gets reduced, and arguably subsidized, rates.
37 cents doesn't seem like a lot. But as more and more voters vote by mail the cumulative cost of postage could run into the millions of dollars, all of which is borne by voters.
There should be no postage required for the casting of a vote through the US mails.
It appears that the IPv6 AAAA "glue" records for .com and .net are now in the root zone. This means that for the average name query there will be two fewer IPv4 A "glue" records records than before, in other words about 15% fewer than previously.
It appears that neither NTIA, ICANN, nor IANA has made any inquiry regarding the safety of this change, particularly during the kinds of partial net connectivity situations that occur during natural and human disasters.
The reckless unconcern for net reliability and for the consequences of a change stands in stark contrast to ICANN's use of any exuse, no matter how irrelevant (such as the pronounceability of the name). to block new top level domains (TLDs.)
What makes this more ironic is that many who are testing this new change are finding that the new IPv6 servers are not reachable.
There is no stronger reason to pull the domain name system management role from NTIA, ICANN, and IANA and vest it in the ITU (or similar body) than the simple fact that neither NTIA, ICANN, nor IANA is actually doing that job.
For more background see my prior notes at: Something's Happening But We Don't Know What It Is, Do We Mr. Jones?, Follow-up on my note: An Open Letter to NTIA, ICANN, and IANA, and An Open Letter to NTIA, ICANN, and IANA.
I do not believe in superstition. I believe that society and, in particular, governments, ought to be run in accord with rational processes based on objective and verifiable facts.
Because I believe these things I can not vote for George W. Bush. He is a medieval man who elevates faith above reason and who subordinates facts to personal theology.
I believe in science and the use of the human mind. George W. Bush discounts science and its methods.
I do not want to revive the dark ages; I do not want every thought and every act to be evaluated against theology. Nor do I want the United States to become a state in which fundamentalist religious principles supersede the Constitution and and replace reason with dogma.
The Crusades began in the year 1095. They lasted 250 years. The results were far different than anticipated by those who began them. The United States under the hand of George W. Bush has begun a new crusade. And this new crusade seems as full of ill portents as were its predecessors.
In the United States the people are supposed to be the sovereigns. I want a president who speaks to the citizens of the country and listens to what they say. I am unwilling to follow a President who fancies that he speaks to some god and elevates that unaccountable and unverifiable voice above that of the citizens.
For these reasons I will not be voting for George W. Bush in the coming election.
There are other reasons as well: The diminishment of Constitutional rights, the evisceration of the Microsoft case, the appointment of a religious zealot to the head of the Justice Department, inattention to environmental matters, the bumbling into a ceaseless and apparently unnecessary war, and the institution of a policy of national xenophobia in an increasingly interdependent world.
In this election my choice is motivated largely by repulsion from Bush rather than attraction to Senator Kerry. However, Senator Kerry does have many positive aspects, most particularly his adherence to the classical notion of a liberal, constitutional system of government best described by President Lincoln in his Gettysburg Address as a "government of the people, by the people".
Again following up on my previous items regarding the removal of certain IPv4 information from certain root, .net and .com DNS responses (See Follow-up on my note: An Open Letter to NTIA, ICANN, and IANA and An Open Letter to NTIA, ICANN, and IANA.)
It is now early in the morning (California time) of October 21. Those changes to the DNS root zone and the .com and .net zones that were to have occurred on October 19 apparently have not been made.
What has happened? Did someone say "no"? If so, who said it and what is going to happen next?
Hopefully someone at NTIA, ICANN, or IANA decided that it would be useful to fully comprehend the ramifications of the pending change during times of smooth net operation and also during transitional periods such as during disaster recovery situations.
However, we do not know whether rational and conservative decision-making is taking place or whether something entirely different has transpired.
There is no reason for silence and secrecy, but apparently, in keeping with the NTIA/ICANN way of doing things, silence and secrecy prevail.
The machinery of internet governance as practiced by NTIA and ICANN should be open, transparent, and accountable. This is a great opportunity for NTIA and ICANN to break with the past cult of the opaque and demonstrate that NTIA and ICANN are capable of openly making a rational and principled decision on a matter of concern to the technical stability of the internet.
(By-the-way: My open letter, which was sent to ICANN and to which ICANN's President replied, has not managed to make it to ICANN's correspondence web page. Plus ca change, plus c'est la meme chose.)
This is a follow-up to my previous posting: An Open Letter to NTIA, ICANN, and IANA
In a few days Verisign will remove approximately 15% of the IPv4 address information that the domain name system (DNS) provides when DNS resolvers try to find the set of root servers and the .com and .net top level domains.
The apparent motivation is to promote IPv6, which is used by approximately 0% of the community of internet users, at the expense of IPv4, which is used by approximately 100% of the community of internet users.
Yes, innovation is important, and IPv6 is a useful innovation. But just because something is useful does not mean that we should blindly deploy it. Is there word on this issue from those who's job is to oversee the stable, reliable, accurate, and efficient operation of the upper layers of the DNS? In particular, has either NTIA, ICANN, or IANA presented a convincing proof, or even any proof, that this change is safe and warranted at this time?
No.
Perhaps those whose job it is to ensure the safety and stability of the net are sleeping or off playing some other game?
I have received a communication from ICANN that simply tried to tell me that "[m]any of the issues you raise are not as dire as you fear." However that assertion was not accompanied by any supporting evidence or rationale. There is no reason to believe that such supporting evidence or rationale exists.
Some people have asked me to further elaborate my concerns. This I will do here.
I am personally not very fearful that the net will be harmed immediately as the result of the change being made by Verisign. I am concerned, rather, with the longer term impact.
In particular, I suspect that the absence of a few IPv4 address records will most likely not cause any ill effects on resolvers that already have nicely filled caches and probably already have learned the address information that Verisign will be eliding. Nor do I believe that resolvers that can reach most of the constellation of root and .com and .net TLD servers will have difficulty obtaining the soon-to-be missing server address information except perhaps at the cost of a few more startup packet exchanges than previously.
My concern is more for resolvers that are coming online after an outage due to a natural or human disaster.
In particular, I am concerned that during a time of trouble, a time when the constellations of root and TLD servers may not be fully reachable, a freshly started DNS resolver may find that the absence of sufficient IPv4 records in responses may result in that resolver not being able to reach fully operational status.
During halcyon times the internet is quite robust. But we are not living in an untroubled age. We know that the DNS root servers are under continuous attack 24x7x365. And we know that there are a lot of ill minded and evil people out there who do have the capacity to add more stress to our systems. And mother nature has her own agenda.
Is it silly or wrong to ask that those bodies who's job it is to ensure that the internet works actually demonstrate that a proposed change will be safe?
There is no exigent circumstance that requires that IPv4 address records be removed this week and be replaced by IPv6 address records. There is no reason we can not pause so that we can understand the issues and make informed choices.
There are those who have said that IPv6 needs to move forward. I agree. But it should not move forward by imposing an unknown risk onto who depend on the existing internet and IPv4.
The deeper issue remains - neither NTIA, ICANN, nor IANA seem to be willing to exercise technical oversight. These bodies seem pervaded by the ghost of Dr. Pangloss and have inherited his inability, or unwillingness, to perceive danger or risk and to consider the status quo to be the "best of all possible worlds."
The internet is a complex system; we do not well understand how it fails or degrades. Nor do we comprehend its increasing interdependency with other systems such as the electrical grid, air-traffic-control, emergency services, and voice telephone systems.
In most engineering disciplines a deployed system that has become a utility, as the internet is becoming, is not changed on a whim. Rather, change is viewed with suspicion and implemented only after careful analysis of the change and its benefits and risks.
NTIA, ICANN, and IANA operate not on principle and conservative rules but on the basis of political expediency. This ad hoc-racy is forming a kind of rust on the internet. Rust does not cause immediate failures. Rather it accumulates and manifests itself at the worst of times. Failure to paint a ship today does not cause it to sink tomorrow. But lack of painting can result in a hatch cover failing during a storm or a lifeboat davit jamming during an emergency. An NTIA, ICANN, IANA choice to allow the removal of IPv4 address records may not be noticed next week, but it might result in preventable name resolution failures next time a hurricane crosses the Caribbean or some awful event disrupts internet connectivity.
ICANN and NTIA (along with much of the US Government) have taken the position that oversight of the internet's DNS belongs in the hands of ICANN and not the International Telecommunications Union (ITU). However it is very difficult to give much credit to that position given the apparent incapacity of ICANN and the NTIA to actually oversee the DNS.
If ICANN or NTIA want us to believe that the job should remain in ICANN's hands then it seems only right and proper that ICANN actually begins to do the job. Otherwise we should fire ICANN and get somebody else to ensure the stable operation of the DNS.
I sent the following note to ICANN, IANA, and NTIA:
Concern about inadequately evaluated and tested change to DNS root and major TLDs
I am writing this note in order to express my concern about an impending change in the root of the Domain Name System (DNS) and two of the largest Top Level Domains (TLDs). I am concerned that there is a risk of disruption to the net that has not been adequately evaluated and I am concerned that this change is being deployed without adequate monitoring or safeguards.
ICANN, IANA, and NTIA are the bodies that are responsible for the stable, continuous, reliable, and accurate operation of the top tier of the internet Domain Name system. Whether through positive choice or not ICANN, IANA, and NTIA are about to allow a change to occur to the top tier of the DNS system.
This change may endanger the stability of the internet.
Neither ICANN, IANA, nor NTIA has investigated this change. No evaluation has been made to determine whether this change is safe. No contingency plans have been put into place to reverse the change should adverse side effects occur.
The risks of this change may be small or they may be large - the problem is that no one has studied the issue sufficiently to know the risks.
This situation is troubling. But what is even more troubling is that neither ICANN, IANA, nor NTIA have procedures through which this, and future changes to the internet's Domain Name System can be evaluated. Nor are there procedures through which such a change, if felt to be safe, may be deployed in a way that ill effects can be measured and the change be backed-out if those ill-effects are unacceptably large.
On September 20 the following was posted to the NANOG mailing list:
Date: Mon, 20 Sep 2004 16:58:49 -0400 From: Matt Larson <mlarson@verisign.com> To: nanog@merit.edu Subject: IPv6 support for com/net zones on October 19, 2004 VeriSign will add support for accessing the com/net zones using IPv6 transport on October 19, 2004. On that day, AAAA records for a.gtld-servers.net and b.gtld-servers.net will be added to the root and gtld-servers.net zones. We do not anticipate any problems resulting from this change, but because these zones are widely used and closely watched, we want to let the Internet community know about the changes in advance. Matt -- Matt Larson <mlarson@verisign.com> VeriSign Naming and Directory Services
Despite the assurance contained in that announcement this change does contain aspects that could engender increased traffic loads, increased name resolution delays, and even result in loss of Domain Name System (DNS) services to users under some circumstances.
This change was announced by Verisign, not by ICANN, IANA, or NTIA. Yet the tone of the announcement expresses a sense that there are no contingencies and that this change will occur without any further action on the part of ICANN. IANA, or NTIA.
Neither ICANN, IANA, nor NTIA has presented any analysis that enumerates the risks or benefits of this change.
The only documents that exist are an internet draft (http://www.ietf.org/internet-drafts/draft-ietf-dnsop-respsize-01.txt) and a research paper (http://www.nlnetlabs.nl/ipv6/publications/v6rootglue.pdf). Both of these papers examine only the effect of this change on root servers and do not deal with the effects on other parts of the internet. The internet draft is a thought-piece that lacks empirical substantiation of its claims and reaches its conclusions without showing the rationale behind those conclusions. That draft reaches the conclusion that the degree of risk is acceptable without ever explaining how it determines what constitutes an acceptable level of risk. The research paper does come to the conclusion that operational changes are required, a conclusion that appears to be ignored by the announced change.
Small scale versions of the October 19 change were deployed in some country-code TLDs. However, because those deployments were performed without any monitoring there is no information available regarding the side effects of that change on internet users, ISPs, or the DNS resolvers they use.
Neither ICANN, IANA, nor NTIA has presented any plan to monitor the deployment of this change to ascertain whether any unexpected or unacceptable side effects occur. Nor has ICANN, IANA, or NTIA presented any plan to roll-back the change should that become necessary.
Since its inception ICANN has adopted the position that any changes to the DNS must be justified by massive need and be proved to contain virtually no element of risk That conservative approach has been the expressed reason why ICANN has spent so much time on the question of new top level domains (TLDs).
The change proposed by the Verisign announcement presents at least as much risk of ill side effects as the addition of new TLDs. In fact, to my mind as an internet technologist, the risk inherent in this proposed change is qualitatively greater than it is for new TLDs.
It is incumbent on ICANN, IANA, and NTIA to justify to the community of internet users that a proposed change to DNS is safe and that its deployment will be carefully monitored and that there are contingency plans should the unexpected happen.
There are those who will argue that the risks associated with the proposed change are small and of a negligible degree. They may be the right. However we do not have the research, experimentation, and analysis to know.
Given the centrality of the DNS to the reliable and continuous operation of the internet and the fact that his change is being made to the largest of all of the top level domains it is not prudent to rely on mere assurances, particularly when those assurances are not backed by solid research and objective experimental validation.
It is reckless to deploy such changes without appropriate monitoring, backed by pre-change baseline measurements, to evaluate whether the change, once deployed, should be allowed to remain in place or the status quo ante be restored.
I call upon ICANN, IANA, and NTIA to suspend the change announced in Verisign's email of September 20 until such time that ICANN, IANA, or NTIA can publish an objective and detailed proof, backed by verifiable and repeatable experimental measurements, that the change is safe not only to root servers but that it will also not cause ill effects to ISPs or internet users. This proof should make explicit the means by which it determines what degree of effects are acceptable and what degrees of risk are not acceptable.
In addition I call upon ICANN, IANA, and NTIA to not deploy any such change without adequate monitoring of the effects and a complete roll-back action plan.
Because DNS and the internet are still evolving, further changes will certainly be proposed. ICANN, IANA, and NTIA ought to establish a clear mechanism to publish notice of such changes, to scientifically inquire into the effects of such changes, and to safely deploy such changes.
The National Telecommunications and Information Administration (NTIA), because it retains ultimate control of the root zone of the domain name system, should require that ICANN and IANA demonstrate the safety of changes to the DNS before such changes are deployed. In the absence of such demonstrations, NTIA must step forward and refuse to allow the changes.
Karl Auerbach
Former (and only) Director of ICANN elected from North America
Henry C. Yuen Fellow of Law and Technology at the California Institute of Technology
and Loyola Law School
Norbert Wiener Award
Member of the Community of Internet Users since 1973.
ICANN missed the deadline for creating a plan for new TLDs.
Instead ICANN issued an empty document that merely re-expressed what we already well know: that ICANN intends to continue to act as the reincarnation of a Soviet-era centralized planning bureau that, without any justification based on technical need, imposes its own judgment of what the domain name marketplace should be rather than allowing free competition and innovation.
But there is another matter that the empty document fails to address: the fate of the roughly $2,000,000 in fees paid by TLD applicants in year 2000. There are about forty applicants who paid $50,000 each and whose applications have not been rejected and are still pending.
ICANN should either repay that money or should process the applications. Otherwise it is simply expropriation, or worse.
Boards of Directors of US corporations seem to have an average IQ somewhat above that of a cobblestone and somewhat below that of a roasted chicken.
Take, for example, the Board of Directors of Peoplesoft. They seem to have suddenly realized enough about their CEO to abruptly change his title from "CEO" to "ex-CEO".
A person's past behavior often suggests what his future behavior might be. And in the case of Peoplesoft's now ex-CEO, there is a body of past behavior that, in the opinion of some observers, might be construed as suggesting that he might bring unhappiness to the corporation, its shareholders, its employees, and its customers.
Was Peoplesoft's Board less than adequately diligent when it hired its now ex-CEO? Did they even bother to make a critical inquiry into his past performance? Or did the Directors of Peoplesoft do what so many Directors of US corporations do - moo loudly and mindlessly follow the leader without even a hint of independent inquiry or judgment?
Even after Enron, Worldcom, and other failures of corporate responsibility, and even after Sarbanes-Oxley the Directors of US corporations seem unaware or uncaring of the nature and extent of their duties and obligations. Shareholders, corporate regulators, and prosecutors should build fires under Directors by making them feel the personal consequences that can come when a Director ignores his or her responsibilities.
If Peoplesoft's shareholders feel harmed by the events of the last few years they might consider whether the scapegoating of their ex-CEO is the end of the road or merely the start. The shareholders might decide that Peoplesoft's Directors have spent too much time with their heads in the sand rather than actually doing their jobs. It might send a much needed signal if a few lax Directors of corporations, who have done so much to destroy corporate value through their inattention and failure to perform even the most minimal of their obligations, were to be financially ruined by shareholder lawsuits.