Date: Sat, 27 Oct 2001 22:20:22 -0400
From: vint cerf vinton.g.cerf@wcom.comBob,
your
message and Mike Roberts' message seem to be talking past each
other.
Mike is
talking about the At Large Study Group, generally.
That everyone with an operating
responsibility for some part of the
Internet needs to take resilience, robustness
and recovery seriously
seems self-evident. Perhaps more so as people look to Internet
to be
an increasingly useful and reliable communication infrastructure.
You
and I are in agreement that expansion of the DNS top-level domains
is of uncertain
value if the purpose is to turn DNS into some poor-quality
index/directory of
Internet content. Some people are apparently convinced
either that DNS can/should
be such a directory or that they can make a
lot of money because other people
think that way.
ICANN concluded to allow modest expansion to find out what the
consequences
would be (a bunch of lawsuits for starters!). I am glad we did not
try to
open up TLDs wholesale on the first go around.
DNS itself can do little
to prevent terrorist attacks. We can try to make
all the parts of the Internet
increasingly resilient and resistant to
various
forms of DOS - but the major
vulnerabilities seems to be in the hosts.
We HAVE seen some bad problems with
DNS in which responses to unasked
queries
have overwritten tables and allowed
hijacking of DNS entries. I'm sure the
catalog of problems merits attention.
I
did not see anything in Mike's remarks that led me to think he was
suggesting
that
DNS can be a secure source of "meaning" - but why isn't it a useful
exercise
to
try to minimize the opportunity for making deliberately falsified
bindings?
vint