back to article ICANN's technical competence queried by Verisign report

A review of the globe's DNS security, stability and resiliency by dot-com registry and root server operator Verisign has called into question the technical competence of domain name overseer ICANN. The 33-page document, seen by The Register and due to be published soon, comes just days after the news emerged that ICANN's staff …

  1. Anomalous Cowturd

    So, should I complain to my MP?

    Would he have a clue what I was talking about?

    Who'm I gonna call?


  2. Ole Juul


    In response, ICANN's CTO David Conrad told The Register his organization had struck a balance between fostering innovation and competition and maintaining the stability and security of the network.

    There's that word again: innovation. Since when does "innovation" rank as something that is needed to balance with stability and security?

    1. Anonymous Coward
      Anonymous Coward

      Re: Balance?

      Since the atomic bomb perhaps?

      1. FrankAlphaXII

        Re: Balance?

        You may want to consider that early atomic bombs weren't very secure (aside from physical security measures like Military Police, Air Police and Marine security guards) or all that stable.

        1. Alan Brown Silver badge

          Re: Balance?

          Early atomic bombs were mostly held together with duct tape too. That's an apt analogy for the state of DNS for a long time.

    2. Yes Me Silver badge

      Re: Balance?

      And Dave Conrad also said:

      "And the approach we agreed upon was a reasonable compromise. There is always a risk any time you change things, but no one is arguing that we shouldn't be making those changes."

      Actually, quite a lot of people have been arguing since 1998 that it was a mistake to create any new gTLDs at all (except those to support non-English characters, which are clearly of great importance to the language groups concerned).

  3. Robert Helpmann??

    Sounds like a plan!

    Verisign is unhappy about the degree of progress however, sub-titling an entire section on the issue "Flying Blind".

    So, much of the internet's basic workings are based on security through obscurity? Sounds about right.

    1. theblackhand

      Re: Sounds like a plan!

      Security through obscurity?

      I thought Verizon was highlighting process and operational issues rather than fundamental security issues. The key exchange process works (based on it being in use for sometime), it's just a little fragile - I suspect because it relies on people rather than automated jobs.

  4. James R Grinter

    "Hello Kettle," said Pot. You're looking rather black."

  5. Anonymous Coward
    Anonymous Coward

    Time for reserved "private" TLDs?

    As it was done for private IP address spaces - why nobody thought about reserved private TLDs - say .lan or the like? Some that would never be allowed on the Internet? Or they're now so greedy about the idea of selling new TLDs that reserving some could look like "lost business"?

    1. Yes Me Silver badge

      Re: Time for reserved "private" TLDs?

      Um, yes, people did think of it, which is why .local is a reserved name and why .home is on hold. But it's also a risky idea - if you're sitting in the back garden and unintentionally connected to your neighbour's WiFi, printer.local might be the wrong printer.

  6. razorfishsl

    Time to get 'localhost' & 'localdomain' registered........

    1. Anonymous Coward
      Anonymous Coward

      .localdomain was (yes *was*) a private domain for The Microsoft Network, just like .onion domain for the TOR network.

      localhost is the name of the PC/tablet/phone/whetever you are currently working at. If you are using it as a TLD for your whole LAN or private network, please unplug your machine and let the Interenet recover.

      .local is the network TLD for private use.

  7. Alan Brown Silver badge

    No great surprise

    People at ICANN discovered there's a lot of money to be made.

    People outside ICANN discovered there's a lot of money to be made. Those people then got themselves inside ICANN for purely self-interest reasons (no matter how they might have dressed it up) and proceeded to bring in various of their cronies and yes-men, instead of people with an interest in keeping things running smoothly and proper technical skills.

    The result was that the ICANN we have now is not the ICANN of 1999

    The world is right to be resisting ICANN taking over IANA even if the US Govt doesn't want to be responsible for oversight anymore.

    The problem is the _other_ groups wanting to take on oversight are as bad or worse than ICANN and significantly worse than the status quo (IANA has stepped in a few times to stop ICANN. I can't see the ITU or UN or other groups doing that. They're all pushing their own distasteful agendas.)

    Allowing ICANN to push out alternate gTLDs instead of leaving that to the alternate roots (in several cases rolling out alternate gTLDs that are already in use by alternate roots) has cemented their monopoly on DNS and allowed former board members to line their pockets (take a look which ones are now working for registries and in what roles) at the expense of the Internet as a whole organism.

    Monoculture is a very bad thing. The Internet is designed to be robust in the face of failures but it's steadily converging on fragile dependence on a few major players in both routing and DNS.

    1. Anonymous Coward
      Anonymous Coward

      Re: No great surprise

      "Monoculture is a very bad thing. The Internet is designed to be robust in the face of failures but it's steadily converging on fragile dependence on a few major players in both routing and DNS."

      The problem is usurpation. Given any group of two or more with authority, there's always the chance of one of that group attempting to usurp. It's hard to guard against usurpation as it's an active agent that can develop ways around safeguards. Also, true altruism is rare as it tends to run against the human condition, so the odds of a usurper are at least passing fair, only increasing with the number of members.

    2. Anonymous Coward
      Anonymous Coward

      Re: No great surprise

      I agree. We all do except people have to understand that internet is about stability and communication at several levels, not just about fancy product and services from top fortune companies. Fortune companies think they are changing the world (all of them do). However, without stability there will be chaos and people have to understand the world changed long time ago thanks to the stability of the internet.

  8. Anonymous Coward
    Anonymous Coward

    I THINK ...

    I think the internet will not allow douche-bags to control him. There is so much more in the board critical to us than websites and high level fancy services.

    1. Alan Brown Silver badge

      Re: I THINK ...

      "I think the internet will not allow douche-bags to control him."

      As with SMTP, DNS is so ingrained in the way of doing things that we pretty much HAVE already sleptwalked into allowing a bunch of douchbags into getting control (Anyone interested should look at the rather colourful history of the last ICANN chair to get an idea of the kinds of people involved)

  9. Anonymous Coward
    Anonymous Coward

    Who ?

    These people who wants to take control and line-up their pockets are the same people promoting stupid LoT misconception. The internet is for everybody with any interest and that's how it should be.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like