Scientific Linux Forum.org



  Reply to this topicStart new topicStart Poll

> Verisign domain takedown proposal very worrisome
redman
 Posted: Oct 13 2011, 11:21 AM
Quote Post


SLF Admin
********

Group: Admins
Posts: 1402
Member No.: 2
Joined: 8-April 11









Ok, it is not entirely related to Enterprise Linux,
but still this might be serious news.

QUOTE
Under a proposed Verisign initiative, all .COM/.NET domains exist at the pleasure of the United States government.

Verisign just released an overview of their proposed "Anti-Abuse Domain Use Policy" Under ICANN's Registry Services Evaluation Process.
The program's chief aim is to provide a takedown mechanism of malicious websites distributing malware.
In itself, not a bad thing, considering some registrars are unresponsive toward abuse or network stability issues.


The whole article can be read here.

The bottomline is that it should be possible for Verisign to take down any .com, .net or .name website based on any formal request (WITHOUT any interaction from court of law). Reason is that it would help fight crime/abuse.

If you want to respond, let them know you do not agree, you can send your comments to this proposal to ICANN by mail using this address: registryservice at icann.org


--------------------
What is SL? - Forum Rules - Info on 3rd Party Repos

Desktop: ASUS P5QPL-AM, Intel Dual-Core E6500, 4GB DDR2, ASUS GeForce GT 430 1GB, SL6.6 x86_64
Build server: HP Proliant ML350 G5, 1x Intel Xeon Quad-Core E5410, 9GB ECC DDR2 FB-DIMM, ASUS GeForce GT 730 1GB, SL6.6 x86_64
PM
^
Jcink
 Posted: Oct 15 2011, 08:33 AM
Quote Post


SLF IRC Team
****

Group: Members
Posts: 166
Member No.: 15
Joined: 10-April 11









Malware sounds like more of an excuse to deal with pressure from the feds in regard to copyright related takedown requests.

I don't know if you are aware but it probably doesn't even matter if this goes through or not. In the last year ICE has seized numerous .net and .com domain names. Many of them like mooo.com were seized innocently because of one website that was hosted on the DNS doing wrong.

They think seizing domain names actually gets rid of the content when the pirate sites are back up in an hour. http://www.htmlcenter.nl/images/smilies/facepalm2.gif

Meanwhile, we have sloppy take down requests that everyone has to bear the brunt of. This especially concerns someone like me who hosts a lot of people off my .com and .net domains. Sometimes I fear that one day I'll wake up to find it seized because one of my customers did something stupid.

The domain crap needs to stop.
PMUsers Website
^
redman
 Posted: Oct 15 2011, 02:54 PM
Quote Post


SLF Admin
********

Group: Admins
Posts: 1402
Member No.: 2
Joined: 8-April 11









First of all, it would be a good thing if ICANN becomes an internation organisation instead of being US based. Generic domains do not "belong" to a specific country. They are internationally used.

Then the control would be global instead of at the hands of some American (sorry, no offence).
Laws in one country shouldn't be seen as "obvious" for other countries... I own several domains (including .com, .net, .info and .org) and they are hosted on Dutch server. So Dutch law applies.


--------------------
What is SL? - Forum Rules - Info on 3rd Party Repos

Desktop: ASUS P5QPL-AM, Intel Dual-Core E6500, 4GB DDR2, ASUS GeForce GT 430 1GB, SL6.6 x86_64
Build server: HP Proliant ML350 G5, 1x Intel Xeon Quad-Core E5410, 9GB ECC DDR2 FB-DIMM, ASUS GeForce GT 730 1GB, SL6.6 x86_64
PM
^
redman
 Posted: Oct 15 2011, 06:49 PM
Quote Post


SLF Admin
********

Group: Admins
Posts: 1402
Member No.: 2
Joined: 8-April 11









By the way, the proposal has been withdrawn.
So for now we're in the clear cool.gif


--------------------
What is SL? - Forum Rules - Info on 3rd Party Repos

Desktop: ASUS P5QPL-AM, Intel Dual-Core E6500, 4GB DDR2, ASUS GeForce GT 430 1GB, SL6.6 x86_64
Build server: HP Proliant ML350 G5, 1x Intel Xeon Quad-Core E5410, 9GB ECC DDR2 FB-DIMM, ASUS GeForce GT 730 1GB, SL6.6 x86_64
PM
^
Jcink
 Posted: Oct 15 2011, 07:56 PM
Quote Post


SLF IRC Team
****

Group: Members
Posts: 166
Member No.: 15
Joined: 10-April 11









QUOTE (redman @ Oct 15 2011, 10:54 AM)
Then the control would be global instead of at the hands of some American (sorry, no offence).

As an American, I agree.

For now the problem exists because the root DNS servers for .com, .net, etc exist within the US I believe. I don't know how to solve that. Probably need to get them off of US soil or have us sign an agreement not to touch them.
PMUsers Website
^
redman
 Posted: Oct 16 2011, 09:36 AM
Quote Post


SLF Admin
********

Group: Admins
Posts: 1402
Member No.: 2
Joined: 8-April 11









QUOTE (Jcink @ Oct 15 2011, 09:56 PM)
Probably need to get them off of US soil or have us sign an agreement not to touch them.


Transfer the controls over to the United Nations.
All servers can remain where they are and nothing else needs to be changed.


--------------------
What is SL? - Forum Rules - Info on 3rd Party Repos

Desktop: ASUS P5QPL-AM, Intel Dual-Core E6500, 4GB DDR2, ASUS GeForce GT 430 1GB, SL6.6 x86_64
Build server: HP Proliant ML350 G5, 1x Intel Xeon Quad-Core E5410, 9GB ECC DDR2 FB-DIMM, ASUS GeForce GT 730 1GB, SL6.6 x86_64
PM
^
zxq9
 Posted: Oct 21 2011, 12:09 AM
Quote Post


SLF Geek
****

Group: Members
Posts: 345
Member No.: 611
Joined: 5-August 11









I have to disagree with anything that involves the United Nations. It is a joke organization and is funded almost exclusively by the US anyway -- and if at any point the UN ceases to be a reasonable vehicle of American foreign policy, we will just pull our funding.

And this is how things should work in geopolitics. If you try to change that at your national level, your country will lose, and this is the simple rule of geopolitical Darwinism and futile to rail against.

But the internet is not geopolitics. The internet, and web in particular is not a public resource, it is a paid resource that started as a research project.

There are a few aspects to this issue.

One is that as long as the internet is good for business and promotes free trade the Americans will do their best to ensure that VeriSign never screws with anyone in any way that generates a public panic about "internet freedom". Its too important. The American policy has always been (and is likely to forever be) that missing a few bad guys here and there is better than trying to create a Russian-style security environment which would stifle business. The only thing that makes faith in American policy possible is that maintaining as little control over the public as possible (and this extends to international publics wherever applicable) is almost always in the long term interest of the US -- so the Americans will continue to generally not permit the Dicking of John Doe. (This is an area I happen to know quite a bit about and have been directly involved in for many years.)

Another is that DNS is just DNS. DNS can be run in any number of ways. The problem with DNS is that it is a tree, and trees necessarily have a main trunk somewhere, and that means that no matter what we try to do power over that tree will always be concentrated at the root. OpenNIC and a few other communities are trying to make this a distributed task, but it is futile. Go get involved in OpenNIC for a few days and let me know how solid you think their decision making process is. Without centralization over DNS we will quickly start having problems like multiple values for each important domain name and domain name subterfuge which will just undermine the entire web. In short, we need central control in some form, but nobody is sure what the "safe" way to do that is just yet -- because of the power DNS control indirectly weilds over most internet-related services.

So something else is needed, if this is indeed an issue at all. DNS is a reasonably solid system -- and considering that it is the single largest directory system in the world and also experiences the largest directory query load in the world and doesn't break we're lucky to have it. But what if we diversify from simply having DNS as the universal naming scheme for all IP addressing and create a parallel naming system that is not based on domains at all? The details of such a system are technical and not worthy of discussion here, but the basic idea is to permit IP addresses to have something other than just a DNS label. If such a scheme were universal enough and (critically) scalable enough to survive universal internet use then we would at least have two methods of accessing a site, one through DNS and another through a different, but similarly centralized naming system.

But that would potentially mean that to register your website you would need to now register a DNS domain and a extra, whatever type name as well. And nobody currently considers VeriSign dangerous enough to give such ideas serious thought -- though it is a lot of fun to make drama about it.

I don't like VeriSign much either, and the way that VeriSign and all of IANA invented government jobs for themselves makes me sick -- but in reality this is a fringe issue in comparison to the other thread on this board about UEFI. Unfortunately because nearly everyone under the age of 40 knows what DNS is but very few of any age understand how CLM schemes work (yes, already using the term... wink.gif ) the VeriSign issue is the one getting all the media time, though it is the lesser of the two issues.

Meh.
PMEmail PosterUsers Website
^
redman
 Posted: Oct 21 2011, 10:28 AM
Quote Post


SLF Admin
********

Group: Admins
Posts: 1402
Member No.: 2
Joined: 8-April 11









QUOTE (zxq9 @ Oct 21 2011, 02:09 AM)
I have to disagree with anything that involves the United Nations. It is a joke organization and is funded almost exclusively by the US anyway -- and if at any point the UN ceases to be a reasonable vehicle of American foreign policy, we will just pull our funding.

I don't care who would/should control the servers/policy on servers. As an example I named the UN. Which organisation it should be is not important right now, as long as it isn't exclusive to one country. The fact that the USA has the power to shut down the biggest part of the internet is a bad situation.


--------------------
What is SL? - Forum Rules - Info on 3rd Party Repos

Desktop: ASUS P5QPL-AM, Intel Dual-Core E6500, 4GB DDR2, ASUS GeForce GT 430 1GB, SL6.6 x86_64
Build server: HP Proliant ML350 G5, 1x Intel Xeon Quad-Core E5410, 9GB ECC DDR2 FB-DIMM, ASUS GeForce GT 730 1GB, SL6.6 x86_64
PM
^
Jcink
 Posted: Oct 21 2011, 10:36 PM
Quote Post


SLF IRC Team
****

Group: Members
Posts: 166
Member No.: 15
Joined: 10-April 11









zxq9's point though is that there really is no place to go. The US signing an agreement with the UN to not touch the root servers is a dream. It just can't be THAT easy you know. ph34r.gif

I'm not saying the US is the best country in the world, but every other country has problems as well. They might as well stay where they are. It was doing just fine as well until they started seizing domains.
PMUsers Website
^
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:

Topic Options Reply to this topicStart new topicStart Poll