DNS Scaling issues

Jorge Amodio jmamodio at GMAIL.COM
Mon Oct 26 07:52:33 CET 2009


On Mon, Oct 26, 2009 at 1:14 AM, Milton L Mueller <mueller at syr.edu> wrote:
> ________________________________________
>>The main takeaway from the root scaling study report for me was that
>>the proposed changes to the root are multiplicative in nature, and not
>>simply additive, so do the big one first:
>
> One problem with that position, McTim, is that it is by no means a foregone
> conclusion that the root should (or will) be signed.

The root must be signed.

Lets talk for a min about priorities, and I'll try to resist the temptation to
inject my personal opinion about the necessity of new gTLDs.

There are two clocks that are ticking. One, the latest "patch" to DNS to
deal with the exploit reported by Kaminski but many years ago made
public by Bellovin, it's just a temporary measure to make attacks of
that nature to the DNS infrastructure more difficult, it is not a fix.

While DNSSEC is not perfect and there has been a lot of discussion in the
technical community about its merits, issues, yada, yada, it's the only
tool we have right now ready to deploy.

It wont take too long as technology and techniques catch up with the
current patch and the only means we have to increase the security and
stability of DNS is DNSSEC, even when it's not a perfect solution.

The other clock that is ticking is the exhaustion of the IPv4 address
space, latest studies indicate that IANA will run out of IPv4 space for
assignment some time in 2011, while regional registries may still
have some space "in stock", DNS is ready to support IPv6 and
addition of IPv6 RRs will increase dramatically in the next few years.

Now gTLDs, the Internet has been running and will still run without
them, there are no limits within the current technology and architecture
to have the name space growing within the existing xTLDs, but if
we don't tackle DNSSEC and IPv6, the new gTLDs will have no
Internet to get money from.

I understand the pressure/anxiety and many other arguments in
favor of gTLDs, unfortunately IHMO the whole gTLD program started
upside down and we should have done all these studies and
preparatory work way before we wrote the first line of the applicant
guide.

My .02
Jorge


More information about the Ncuc-discuss mailing list