the panix hijacking and icann's transfer policy

Milton Mueller mueller at SYR.EDU
Wed Jan 19 00:26:57 CET 2005


Ideally, (i.e., the way things should work according to our charter)
NCUC's policy committee, which consists of our elected GNSO Council
members, should take the initiative here. If they can draft something -
even just a list of bullet points - and send it to the list the rest of
us can take it from there.

>>> Frannie Wellings <wellings at EPIC.ORG> 1/18/2005 4:43:35 PM >>>
I understand Marc is hesitant, but I really think NCUC should issue a
statement/submit comments about this.  ICANN is requesting comments
on the transfer policy due February 1.  See:
http://www.icann.org/announcements/announcement-12jan05.htm

How do we want to go about this?

Best,

Frannie

At 4:18 PM -0500 1/18/05, Milton Mueller wrote:
>Marc:
>Not quite sure whether a TLD wouild have helped panix yet, but I do
>know that your analysis of Verisign and DNSSEC is not correct. The
>reason DNSSEC cannot be implemented for .com is because there are so
>many (tens of millions) of domain names in it. The processing
>requirements of DNSSEC applied to that scale is a major problem.
>
>But the root zone, which contains TLD, does not now and never will
>contain millions of records.
>
>>>>  Marc Schneiders <marc at schneiders.org> 1/18/2005 2:29:29 PM >>>
>On Tue, 18 Jan 2005, at 12:04 [=GMT-0500], Milton Mueller wrote:
>
>>  This incident underscores one of the reasons why ICANN should have
a
>>  policy of regularly adding TLDs to make them available for those
who
>>  need and can operate them.
>
>Though I agree about adding more TLDs, I don't see how it helps in
>hijacking domains.
>
>>  Businesses and noncommercial services that depend entirely on a
>domain
>>  name may want to have the option of owning, rather than "renting,"
>their
>>  domain in order to increase security.
>
>Maybe we can learn something from the trade mark people here as
>regards ownership of something that can also become defunct, if you
>don't use it?
>
>>  According to my imperfect
>>  understanding, it is easier to implement DNSSEC at the TLD level
than
>at
>>  the SLD level.
>
>I have little understanding of DNSSEC too. I do understand enough
>about it, I think, to know that it would not have helped panix.com.
>Also the implementation is most difficult precisely at the TLD level.
>An engineer from VeriSign is the one who has time and again pointed
>out (on IETF mailing lists, when I still had time to read them) that
>the present protocol is impossible for a zone the size of .com. It
>would take ages and a very, very powerful machine to sign it.
>
>Marc Schneiders


--

~~~
Frannie Wellings
Policy Fellow, the Electronic Privacy Information Center   ~
http://www.epic.org
Director, The Public Voice    ~   http://www.thepublicvoice.org

1718 Connecticut Ave. N.W., Suite 200
Washington, D.C.  20009
USA

wellings at epic.org

+1 202 483 1140 x 107 (telephone)
+1 202 483 1248 (fax)
~~~


More information about the Ncuc-discuss mailing list