[dnssec-deployment] Comments on the TAR paper

[Edward Lewis]

At 16:08 -0400 6/20/08, Paul Wouters wrote:

>The problem we need to address is not how to get 1 registry on board. What we
>need to address is how to facilitate those registries that want to offer this
>to their registrants. There are a few non-profits involved here, that have
>nothing to do with making profits.

I sense a misconception that there are cash-starved non-profit 
registries desiring to implement DNSSEC but unable to afford it while 
the cash-flow-rich registries are unwilling to divert profits to 
DNSSEC deployment.

You will find that far more TLDs are regulated by a non-profit entity 
than is apparent.  High profile for-profit registry operators work 
under contract with a non-profit.  Non-profits do call the majority 
of the shots, witness PIR's dotORG, run by Afilias.

I believe there has never been a case of a for-profit resisting the 
deployment of DNSSEC, perhaps discouraging it because there is no 
sustainable business case or willing to negotiate it into a contract 
for a higher operating fee.  But if a non-profit requires it, DNSSEC 
will be implemented by the (or some other) operator.

Non-profit does not imply cash-poor.  In fact, the non-profit may not 
pay the operator at all, merely granting the right to operate there 
registry within some policy bounds.
-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis                                                +1-571-434-5468
NeuStar

Never confuse activity with progress.  Activity pays more.