[dnssec-deployment] signing .org

Jeroen Massar jeroen at unfix.org
Thu Jun 26 19:27:45 EDT 2008 

[not really related to dnssec anymore but oh well...]

Dan Mahoney, System Admin wrote:
> On Thu, 26 Jun 2008, Jeroen Massar wrote:
> 
>> apparently all the political people having decided that . is the new .com
> 
> Please clarify that statement?  A signed root is critical, to be sure. 
> However, "Political people" (could you be more vague?)

Nothing vague there, people thriving on politics for getting things done 
are "Political People", clearly in .paris that is the City of Paris, 
which clearly is not a part of France anymore. Just read who supplies 
the cookies and suddenly have a 'big announcement and banquet':
http://www.circleid.com/posts/86262_launch_of_paris_domain_icann/
Cookies are also a form a politics, or what otherwise is called: bribes.

  haven't started
> offering out TLD domains for sale to private companies(*) -- except 
> where that country has partnered with a country government to treat the 
> domain name as an "export" (something that I think cheapens the whole 
> country, but hey) like .ws, .tv, etc.
>
> More domains are still sold under .com than any other.  But next to com 
> and net (similar for a NUMBER of reasons, managed by the same people, 
> etc), .org is critically important as well.

You might notice that my email address is also .org (and I will be 
taking the first option I get to also get unfix.org DNSSEC signed).

I love the whole hierarchy idea that is currently still in effect.
Organizations/non-commercials in .org (which is why it is unfix.org, as 
I am really not tied to a country either ;). Commercials in .com, 
Network stuff in .net and per-country things under their country thing.
 From my POV it would even have been better to have the uk-alike 
subdomains everywhere (thus .com.cctld, .org.cctld) or pushing it even 
by subsectioning that. But it is way too late for that and actually now 
it is completely messed up because of the new way things are going to 
happen.

The problem is that, as I wrote, ". is the new .com",

Now read up the political gibberish and what those folks have nicely 
decided:
http://www.circleid.com/posts/86269_icann_approves_overhaul_top_level_domains/

and there is a lot more text about this (see on circleid and various 
other such sites), thus basically '<anything>.' will be going in there, 
oh and in every script possible on this planet, thus .com will also be 
كوم (LTR of course, thus where does the hostname go? Not even talking if 
every browser is going to translate http:// and how soon pages are going 
to understand <a href="بروتوكول انتقال النص المتشعب://google :), 最好的, 
or closer, there will be .org as "组织.",  possible संगठन and a zillion 
other combinations. How are you going to DNSSEC all of those? 
(fortunately it is punycode in the backend which makes it easier but 
still, oh and why not just get your own TLD and then sign it, oh you 
forgot, the root is not signed)

That was of course, if you follow that political cruft a bit a long time 
already in the pipeline, now they are just going to make it happen as 
some people smell cash from virtual bits (can't blame them for that of 
course, hell who doesn't want to literally create millions with that trick)

'.' is not signed yet and as it will become .com signing it and getting 
it signed will only become harder, and all those new "tlds" will well, 
go under ., thus as such it doesn't matter if .org gets signed as the 
majority of domains, especially the ones that are kinda important for 
most people, will end up under '.'

Fun detail of course is that most people don't actually type domainnames 
anymore and just google everything. As such Google is actually the DNS, 
soon you can just type 'google' and the browser doesn't even need to 
complete it as well, that is the address, nothing more, nothing less.


Now if DNSSEC (to keep it at least a bit on-topic) would generate the 
vasts amounts of money that registering TLD's would be doing, maybe that 
the people earning that cash out of virtual bits (because that is what 
TLD's/domainnames etc are) would help push the political envelope to get 
'.' also signed, until that happens it will take a lot of fighting from 
a lot of people here who are already working amazingly hard to get 
there. But I don't see it happening quickly with these kind of moves :(

>> Bye bye DNS...
> 
> Another statement that makes no sense.

Not from your point of view maybe, or just because you don't know my 
point of view. The Internet as most people know it (aka "something.com") 
won't exist anymore. The idea of hierarchy in DNS will be gone too. That 
is why for me it is Bye Bye DNS... so long and thanks for all the fish.

Enough long ranting I guess, but I just had to state it, so that when my 
kids once ask me "who created that mess" I can at least say that I 
really didn't like it. Can't do anything about it though as the money 
has been smelled and some people are already calculating their profits.

Greets,
  Jeroen

(oh, just in case, I do know that DNS is not only for "the web", but the 
ICANN folks do certainly think that is the case it seems and most of the 
population also doesn't know better, and why should they care about 
those details anyway...)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://dnssec-deployment.org/pipermail/dnssec-deployment/attachments/20080627/f2d42a2a/attachment.bin

More information about the Dnssec-deployment mailing list