[ncdnhc-discuss] WG Security motivated proposition

Jefsey Morfin jefsey at wanadoo.fr
Fri Sep 28 16:33:28 CEST 2001 

Gentlemen,
I agree that the priority given to security by who ever may direct the 
ICANN only shows the poor management of the ICANN true responsibilities. 
Security should be paramount not only to protect the common interest due to 
the Internet share in the world development, but this is something users 
think they paid for.

However this is mainly a reminder for the future. That whatever we do, 
propose or decide we should consider how it improves security and reduces 
lingual, financial and digital divides. A reflex we must acquire and develop.

But there is no reason to delay *anything* to talk about security. To the 
contrary security is something to be applied everywhere. It is a whole. We 
must think and act "security" when considering TLDs, .org, @large, root 
management, domain name registration, IP block allocation and IPv6 design. 
etc...

So, the most important security break added to hundreds of other security 
breaks in the past, would be to dedicate the MdR meeting to security 
instead of starting applying security to the most urgent matters to be 
dealt with and backward.

---------

We held a joint virtual meeting on the matter gathering several noncoms 
organized by the  w at w  foundation. We voted to formally propose the NonCom 
and the other constituencies to set-up a permanent WG on the security 
issues as listed by their members.

---------

Security is a way of thinking: it must protect et permit to develop liberty 
and autonomy, not to restrict them. Every of us fear different threats: we 
suggest that the WG starts listing them and then propose solutions.

We have prompted some:

- the nature of the society has changed. Existing national legal structures 
for associations, non profits, etc.. are not in phase with the "network 
association" style such as this ML? This translates in complexity and 
inadequacies when trying to incorporate them. The first dangers are 
instability, lack of legal frame, lack of f2f knowledge of the other 
members, cost of the litigations, etc..;

- famous examples have shown the thread of invasion of a ML by few 
organized trolls (interestingly enough they are then qualified of 
"terrorists"). As a religious oriented center the Frax fears this type of 
attack and possible "democratic" or noisy take overs.

- dispersion is a key security factor even every non military one fully 
understands. USG/ICANN have not considered it enough in the past. Most of 
the Root servers are concentrated on the east coast as well as the leading 
gTLDs management. Many organizations, and in particular NGO and non-profits 
oriented towards Internet usage - as is the Frax - and universities, would 
have no problem in sharing into distributed root servers mirroring 
galaxies. They could also - as per the RFC 920 - easily foster a security 
oriented dispersion of TLDs, each of them becoming a far interesting 
military target than .com, .net or even .org. It would probably relieves 
some activist pressure in permitting new forms of communities, mutual 
understanding to develop elsewhere than under the American Flag and some 
cultural/economical development.

- we agreed that the RFC 920 is the true basis for understanding the naming 
issue, as it was globally though and published  (from the experience of the 
10 previous years at international public networks the Internet had 
interconnected) before principles were blurred by the reality of the Bind 
system evolution. We think that one of the major security weakness of the 
Internet is the way the Windows resolver is built. It makes 80% of the 
users to be directly dependent on 13 geographically and culturally 
concentrated computers. The storing of a root file copy or the use of a 
simple init file permitting a quick and simple remote update of the root 
addresses would make the Internet quite 100% terrorist proof.


The Internet is OUR consensus to interconnect OUR computers the way WE 
want. The management  of this consensus of OUR is OUR governance naturally 
organized in two ways, through OUR specialized general interest 
constituencies and OUR individual interests as @large Members of OUR Global 
Internet Community. Such a technical and human architecture should make the 
Internet totally protected from global threads if properly understood and 
served.

However we face two major menaces:
- the centralization of the governance into some dominances - such as the 
ICANN (the solution is to resume dispersion, low profile and cross 
fertilization);
- the architecture of many services (the mail is an example as being a 
virus high-way). The solution  is an application architecture conforming to 
the interconnected nature of the network architecture. This does not 
necessarily require changes in protocols, but it certainly calls for a more 
autonomous conception of the user presence.

Jefsey Morfin
Chair, Frax.

More information about the Ncuc-discuss mailing list