I'm sitting here in the heat of the Mandalay Bay Convention Center in Las Vegas getting ready to do battle with SIP based VOIP devices here at the iLabs
It's always amusing to me to see the great banners describing how this Po-Bah CEO or that is going to reveal how the internet is going to evolve. What Palantirs do they have in their corporate towers? Or are they simply reflecting some marketing hype that is as grounded in reality as the "science" of geo-phrenology.
For several decades I've been getting down and dirty with internet technology, often here at the show. And our work here is not easily characterized as trivial - relatively few enterprises have a larger or more involved, or technically advanced, infrastructure. Nor are there many networks that go forth and intentionally try to push beyond common practice and push multi-vendor and multi-protocol interoperability.
When I engage in discussions of internet governance I find that the majority of the people involved have, at best, a tenuous grasp of the technology they are trying to regulate.
Which makes me wonder how many of our conceptions of internet governance are filled with as much ungrounded techno-fantasy as the trade-show keynote speech predictions of corporate CEOs.
I was just playing around today and came across the gone, but not forgotten, ICANN Movie (in which I have a starring role):
Maybe these ought to go into the ICANNWiki?
I noticed that on one of my Fedora Core 4 machines that has dual interfaces (onto separate subnets, but not acting as a router) that the ypserv daemon was not starting. The logs contained messages of the form:
ypserv: unable to register (YPPROG, YPVERS, tcp)
connect from 127.0.0.1 to set(ypserv): request from unprivileged port
Here's how I fixed it:
I simply moved the priority of the startup script so that ypserv was launched rather later when entering the runlevel.
1. Edit /etc/init.d/ypserv to change
# chkconfig: - 26 74
to be:
# chkconfig: - 81 74
(I pulled the 81 number out of my hat - I just wanted something that would come
late when entering the runlevel.)
2. Then re-establish the startup symlinks::
cd /etc/init.d
chkconfig --del ypserv
chkconfig --add ypserv
chkconfig ypserv on
Grumble, grumble. I have wasted too many hours on yp/NIS! Hopefully this helps a few folks out there on the net.
It's good that ICANN's GNSO has adopted a definition of the purpose of Whois that construes the purpose of the database as being merely for the limited purpose of making technical adjustments to the net. This may redound onto NTIA (part of the US Dep't of Commerce) with regard to NTIA's obligations under the Privacy Act of 1974 (5 USC 552a) with regard to NTIA's privacy-busting regulations over the .us ccTLD. You see, now that NTIA dictates policy for .us it's going to be rather hard for NTIA to continue to pretend that the Whois information of .us is not a system of records under the Act. And the act does require the agency (NTIA) to conform the use of the information to the purposes for which the information is needed to fulfill an agency mission.
Way, way, way back in another era I was offered a position as an attorney in the office of the counsel to NTIA. During that time NTIA was a strong proponent of computer and network privacy. It is amazing how completely NTIA has flipped over the intervening years from an advocate of privacy protection into an agency that now works with considerable zeal to destroy privacy on the internet.
Changing the subject - I just drove back from Phoenix to Santa Cruz and we took the detour to see the wildflowers (especially California poppies) between Lancaster and Gorman (California highway 138, Lancaster Road). It's a late wildflower season but it looks like its going to be a spectacular one. Right now the patches range from a few acres to several hundred acres. But I expect that between now and the end of April that the flowers will overshadow the scenes from Wizard of Oz. If you are in the vicinity of LA you should consider taking a look. I'm probably going to detour back through the area on my way to Las Vegas for Interop at the end of April.
Interop - yes, once again (as I've done nearly every year since 1987) I'll be working behind the scenes. This year I'll be at the iLabs running network impairment systems (my Maxwell product) to evaluate and demonstrate the susceptibility of VOIP systems to various kinds of network conditions ranging from simple packet loss and jitter to actively hostile conditions. Even with good network conditions I don't think VOIP call quality would have been acceptable unless cell phones had so badly reduced our expectations regarding voice quality and transmission delay. And with predatory providers operating under the euphemism of "network neutrality" and with increasing levels of internet congestion at exchange points (driven by net services such as entertainment grade video), we may have VOIP users longing for the "toll grade" quality of Ma Bell's network of 1990.
That is, I hope to be in Las Vegas. A note to myself: Next time I decide to paint a bathroom to surprise my wife I'll get somebody else to pick up and reseat the toilet. The amount of pain that can come from a scrunched back, and the time it takes to heal, are amazing. It's really put a crimp on my activities, particularly things like air travel. I'm forced to walk like Quasimodo in slow motion. Even relatively simple tasks - like standing in the kitchen while preparing a dinner for a dozen people (something I really enjoy doing) have become excursions through a world of pain that I never knew existed.
(Since other people are doing it: Music played on the box as I write this: The Duhks, Four Blue Walls; Suzanne Vega, Harbor Song.)
ICANN's "Security and Stability Committee" (SSAC) just issued a report on "alternate roots" [Note: The URL to this report was changed by ICANN since the original publication of the report. Hopefully this new link will remain stable.]
The best word I can think of to describe it is "dud".
Remember ICANN's ICP-3: A Unique, Authoritative Root for the DNS from back in year 2001?
Remember how ICP-3 was filled with hysterical language about how competing DNS roots would cause the internet sky to fall and and DNS caches be polluted?
The new report from the SSAC quietly distances itself from those claims. This is the positive aspect of this new SSAC report.
The report, however, continues the unjustified and undefined claim that only ICANN can publish a DNS that is "authoritative". And the report continues ICANN's historical method of using subjective social and business concerns as justifications for technical restrictions. For example, this report makes the claim that only ICANN authorized top level domains can operate with concern for customer needs and that only ICANN can act in conformity with some never-defined notion of "public interest" (an odd claim given ICANN's ejection of the public from virtually all aspects of ICANN's decision-making machinery.)
In other words, ICANN's Security and Stability Committee, a committee of technical worthies, has authored a report that addresses neither security nor stability, and those matters that it does address are supported by non-technical, conclusory assertions for which the members of the committee possess no particular expertise or experience.
But the most important aspect of the new SSAC report is this:
The SSAC report does not raise any technical reason why as a technical matter there can not safely coexist on the net several different DNS naming spaces - which may or may not be consistent with one another - each dangling from a different DNS root.
The report does say that two people each using a different root might get different answers to the same DNS question. But that is a meaningless observation - it is something we've all known for years: that different DNS hierarchies may, but need not necessarily, yield different answers.
The discussion about competing roots has evolved so that we now ask whether different DNS hierarchies are consistent or inconsistent with one another.
Inconsistency, like a tango, takes two. When two or more roots differ, it is useless to engage in endless, and ultimately dogmatic and religious, debates about which is "authoritative". It is far more useful to ask whether each root serves the needs of the community that has voluntarily chosen to use it.
One of the underlying assertions underlying ICANN's behavior towards competing roots is the implicit belief on the part of ICANN is that ICANN has a duty to suppress DNS heresy and create a single catholic name space that everyone on the internet is required to use. In other words, ICANN does not want communities to have a choice; it's either the ICANN way or naught.
It is impossible to reconcile ICANN's Procrustean stance vis-à-vis competing roots with the idea that every user of the internet should have not only the ability but also the right to shape the way in which he or she uses the internet. This idea of control at the edge is the underlying conception of the end-to-end principle and of my own First Law of the Internet.
Why should ICANN be allowed the power to deny to users of the internet the ability and right to shape the landscape of names that they, and their children, use on the internet?
The biggest hammer this document had to throw was that the authors couldn't conceive why anybody would want to operate a system of root servers.
In other words the report says that because the authors do not have an imagination then nobody else does - which is both absurd and false.
Not long ago I published a note entitled What Could You Do With Your Own Root Server. That note considered the ways in which a root server operator could take advantage of its position for profit or power. It is quite clear that a single root server operator could obtain a significant revenue stream. It is even more clear that an entire system of roots, if it can garner adequate use, could also obtain significant revenue.
Consider, for example, a root system that takes a few cues from Google: Consider a root system that uses data mining to generate a revenue stream and that attracts query sources (users) by giving those users a taste of the action. Suppose you were to receive a check from such a root system that paid you $0.0001 for every DNS name that you (legitimately) resolve using this root system rather than the ICANN/NTIA root.
Consider the opportunities for preferential or optimized name services.
Consider the opportunities for highly filtered views of the DNS landscape. Not everyone considers universal connectivity to be a boon. For instance Motorola recently found that it could create a lucrative line of mobile phones for orthodox Jews in Israel in which the ability to call or be called by certain phone numbers can be restricted by the elders of the sects.
ICANN's SSAC seems to have no more foresight than the business professor who gave the founder of FedEx a low grade because the professor thought the Federal Express business model was silly.
Good thing the FedEx founder had the opportunity to test his idea.
However, in the land of ICANN no idea is permitted unless approved by the ICANN powers.
Yet there are those who still refuse to see that ICANN's methods are nothing less than highly intrusive and destructive regulation plunged into the body of the internet up to the hilt.