Comments on the scope of the proposed mechanism

[Eric Brunner-Williams <ebw@xxxxxxxxxxxxxxxxxxxx>]

Howdy,

A standard reliable mechanism necessary for the implementation of policy 
common to two or more instances of delegated registries, independent of 
whether the instances share a common point of direct delegation from the 
unique DNS root, or from direct and secondary, or secondary only, 
delegations, and also independent of whether the instances share a 
common policy framework, or from two or more policy frameworks, is prudent.
Such a mechanism was formed recently in response to information that a 
distributed system, the C variant of the Conficker worm, attempted to 
use significant numbers of domains in a significant number of name 
spaces operated by a significant number independent registry operators, 
both directly and secondarily delegated from the unique DNS root. State 
information necessary to coordinate multi-registry action, meta data 
necessary to monitor resolution activity by the worm, and worm 
resolution data were all mandatory to implement to prevent an 
anticipated highly adverse outcome, and to measure the actual state of 
the worm. The response was sufficient, but only just.
Clearly, the depth and breadth of the .C variant attempt to exploit the 
DNS to synchronize a distributed system for plainly criminal purposes 
was novel, and there will be follow-on efforts by its authors and other 
authors of criminal economic enterprises exploiting the DNS to 
synchronize distributed systems.
There are other use cases for inter-registry state, metadata, and data 
communications, in addition to forming the state necessary to conduct a 
distributed denial of service to a distributed system exploiting two or 
more registries for rendezvous points, e.g., consistent variant tables 
for non-ASCII scripts, and, as we pointed out at the First Mile Workshop 
[1] at the Paris meeting six months ago, cooperative, coherent, and 
locally correct approaches to the "rights of others" ordering and 
evaluation problems.
The IRT contains an instance of a such a mechanism, and reasonably 
enough considering the interests of its authors, significant details to 
implement a set of specific policy goals critical to its authors 
dependent upon such a mechanism. Local correctness appears to have been 
sacrificed. This is unfortunate.
The concern I wish to share with the authors is that the communication 
between the policy pre-disposed persons and the platform or 
implementation pre-disposed persons could improve the respective work 
products of each, and in particular, the IRT's work product. This view 
was expressed informally at Mexico City  with Paul McGrady and Fabricio 
Vayra and subsequently with Paul and Fabricio as well as Steve Metalitz 
and J. Scott Evans. It is repeated here.
Specification of a general purpose mechanism for internet registry to 
internet registry communication of state, meta-data, and data will be 
benefited by the detail of the IRT work product.
A unique authoritative source of policy data operated by a party not 
familiar with the operational issues of operators of DNS registries is a 
peculiar choice, and presents several areas of possible concern.
A source of policy data which on the order of 200 registry operators 
consider non-operational presents additional areas of possible concern.
A source of policy data which the legacy registry operators consider 
non-operational presents additional areas of possible concern.
A mandatory-to-implement mechanism which is special-case limited, 
providing common access to a single policy, only for new gTLD operators, 
will consume resources needed to socialize, implement, and 
operationalize a necessary-to-implement general purpose mechanism 
capable of responding to true DNS security and stability events, capable 
of ensuring consistent correctness of IDN implementations, and 
delivering a scalable, adaptive, open (or plurally authoritative) rights 
of others platform.
I work for CORE, so the usual disclaimers apply.

Eric Bunner-Williams
CORE Internet Council of Registrars
http://corenic.org

[1] http://cai.icann.org/en/node/1867, transcript at 
http://cai.icann.org/files/meetings/cairo2008/workshop-first-mile-05nov08.txt