Posted on 09/30/2016 11:08:42 PM PDT by Ultra Sonic 007
Ok, folks, I've had enough of Ted Cruz and a handful of others trying to fundraise on the back of the Internet handover issue.
First, this is not a surprise nor something Obama cooked up in the dead of night. The expiration of the existing arrangement has been known for literal years and the timing of same has been known for the same amount of time. If the US Congress wanted to intervene it has had years to do so and has intentionally not done so. So to Ted Cruz and others (Jim DeMint anyone?) who is now claiming "emergency", go perform an anatomically-impossible act; if you were more-focused on policy and less on your own horse**** you would have dealt with this months or even years ago.
Second, on to the technical side: There are two rough components to Internet "governance." The first is handled through domain name registration. Originally this was all handled under government contract by a government-dished out monopoly. During that time domains were $50/year plus whatever the ISP that registered them for you and ran your DNS charged, and it often took days (instead of seconds now) to get a domain registered. These were COM/NET/ORG/MIL/GOV/EDU and the country code domains; in the US that was .US. This changed through a quite-contentious (and, IMHO, a rather cronyism and lie-laced) process into what we have now with many TLDs. I will note that the so-called cognoscenti of the time tried to claim that expanding the TLD list on a material basis was not going to work for technical reasons. Those people, who happened to include some of the self-claimed "brightest minds" in the Internet space who even today are lauded as "the inventors" and "bright minds" were lying -- not mistaken, lying. I proved this (after much experimentation so I knew I was right) back in the 1990s with a handful of other ISPs when we set up our own private root and started opening up TLDs on a non-collision basis -- it was called eDNS. The project collapsed when one of the participants did a handful of things that were quite-arguably illegal and definitely (from my point of view) anti-social -- but in terms of the technical side of things it was a complete -- 100% -- success.
In short there is utterly no technical reason to limit top-level domains with any rational number of suffixes (that is, the right-most part of the name before the first dot proceeding left.) "Rational" has an upper limit somewhere, but it's in the thousands if not tens of thousands.
Note that running an actual root nameserver is a quite-low overhead thing. The reason is that the top-level zone names change infrequently, so the "time to live" field is set long on them. This means they're queried infrequently; a new host coming up on the Internet that provides name resolution for users must ask at least one of those root servers on a "time to live" basis for the nameserver for each top-level domain it wishes to resolve (so it knows where to send the query.) But once you have the nameserver list for .COM you have it, no matter how many .COM domains you then resolve -- until the time-to-live comes up. Because this data is infrequently changed data and the request is only for the place to ask for the next level down the bandwidth and CPU requirements are extremely modest, even with a very large TLD list.
The bigger and more-silent issue in terms of public attention is the allocation of IP addresses. These are the actual numbers that denote the address of a site. Legacy addresses are called IpV4, which are in the form x.x.x.x, with each of the "x"s being between 0 - 255 (8 bits.) All zeros and all ones are reserved (for local network broadcast) and there are some other specials as well (127.x.x.x being a notable one.) This used to be strictly delineated by the prefix (the first digit) into classes but by the mid 1990s a specification called CIDR made that more-or-less obsolete. There were, and probably still are, quite nasty practices, all political and arguably in many cases anti-competitive, that revolve around allocations of addresses. Part of the problem stems from the fact that a handful of extremely large firms got ridiculously large allocations (16 million addresses, for example) that they'd never need uniquely-visible from the outside yet they considered them an "asset" (think places like IBM and AT&T) and with only 4 billion possible addresses there was a very real issue with running out -- especially when some people were only using a fraction of a percent of what they had been allocated!
This was "solved" years ago with the introduction of IpV6 (or IPng), which contains eight octets instead of four. This allows what amounts to an effectively-inexhaustible resource since you could have (for example) 4 billion internet providers (in the left 4 octets) each of which with 4 billion end addresses (in the right 4.) A customer who moved from one to another would not have to change any of the right side addresses at all because he could change the prefix instead. In practice it doesn't work quite this way, but that's the essence of it.
IPng also can, with properly management, make the Internet routing table (much) simpler and smaller. Right now there is a huge problem with route table bloat and it has been a problem since the early 1990s! In fact in the early days of the Internet it literally forced obsolescence of $100,000+ routers at a large number of ISPs, including mine, because their architecture did not support adding any more RAM and the table got big enough to run them out of room, causing them to crash. The nature of fragmented address assignment in IPv4 makes for a serious problem because a given ISP might have dozens of address assignments each of which requires a route table entry; under IPv6, reasonably managed, this drops to one.
So why isn't "everyone" on IPng? Mostly because there is a lot of equipment and software out there that cannot handle IPv6. There are entire ISPs that even today can't handle it network-wide including some of the large consumer providers such as Cox. While there are potential technical solutions to this in the form of tunnels the political implications between ISPs of ramming that down people's throats has not gained traction.
Ok, enough backstory.
Now to the practical side of things.
It is important to understand that so long as you do not create collisions in the namespace (e.g. DNS) you harm nobody by setting up your own domain service. This means that if, for example, China wishes to "censor" .****china as a top-level domain it can do so, but anyone else does not have to adhere to that and so long as nobody "collides" by defining different ".****china" TLDs in their configuration nothing will break.
In addition it important to note that even under the current, pre-handover paradigm a nation-state has always been able to mandate such censorship and in fact any private entity has been able to enforce same for their users as well! In other words there has never been anything preventing China from (for example) declaring as a matter of law that any ISP inside their nation must use a 'root' server set inside China that omits the declarations for ".****china". An ISP that does not want ".xxx" or ".sex" available can run its own root, enforce that for its clients by refusing to pass port 53 traffic outside of its network for internal clients and omitting it from its own private root. Note that whether those root servers are "official" or not (as declared by ICANN) is immaterial; again, so long as there is no "collision" it has exactly zero impact on the functioning of the Internet, except for "black holing" those "forbidden" spaces.
This is not new; it has been this way literally forever since the dawn of DNS when the Internet transitioned in its earliest days from an /etc/hosts file to DNS.
The other half, that of allocating IP address space, appears to be more serious but again it really isn't. Why? Because the wisest use of the prefix length is to segregate traffic anyway. It's arguable, in fact, that geographic segregation might be the most-efficient (e.g. by country) although that is not necessarily true anymore with so many trans-national firms. Nonetheless the handing out of high-level, that is, large prefixes is not really impacted here and yet it is the only function of ICANN in this regard. It is the regional or national registries beyond that top level that manage address space internal to a given region or nation.
In Europe for IPv4 this has been done by RIPE. In Asia, APNIC, and so on. This hasn't changed and won't. What changes is who hands off blocks to RIPE, APNIC, etc. While there is a very real risk in the IPv4 space of interference due to scarcity such is not realistically a factor for IPng simply due to its size.
What does this all mean in terms of the alleged "handover" and thus what is the risk of "censorship" and similar, beyond what can and does already happen?
Damn little.
With that said I happen to support blocking this move, simply because I'm not convinced that anyone has done the homework to prevent this from turning into yet another multinational boondoggle. UN anyone? UN "peacekeepers" raping and pillaging those they are claiming to help anyone? Yeah, that's a problem, but it's a different class of problem than "oh my God, the Internet will die and be censored if some bad person does X."
Uh, no it won't. But in my opinion corruption has already been an issue when it comes to DNS and IP addresses, and that was with a monopoly contract as we have now, albeit in an earlier form -- 20+ years ago! To potentially enlarge that corruption is bad. To lessen it would be good, but thus far nobody has managed to convince me that this transition would lessen it or even keep it at the present level. For this reason I'm opposed, but note that the current screamfest has exactly nothing to do with corruption and everything to do with imaginary bogeymen that do not exist.
Finally, unlike most of the so-called "pundits" and all of the politicians I actually have plenty of relevant experience in this area and know what I'm talking about.
ICANN Transition Even Endangers ‘.gov’ and ‘.mil’
http://www.freerepublic.com/focus/f-news/3469586/posts
http://www.judiciary.senate.gov/download/09-14-16-rosenzweig-testimony.
ICANN transition insider Paul Rosenzweig warns:
1. Foreign powers will “indisputably have increased influence”.
2. Transition a “leap in the dark”.
3. ICANN planning to move overseas.
4. ‘.gov’ and ‘.mil’ “not assured by any enforeable mechanism”.
Quite a bit late for all they’re doing now to try and stop this..which indicates most are likely supporting as evidenced by leaving it to the last moments to object.....
ping
I’d like to keep up with this. Thx
Thank you for the helpful answer, Palmer, I appreciate it. Hoping we can nail this down with the new administration and shut down any attempts to diminish our freedoms.
bkmk
Thanks for the ping.
I really think we’re so close to the Rapture that it’s scary (for those left behind).
Maranatha!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.