[ih] Re: anyone remember when the root servers were hi-jacked? (fwd)

[Dave Crocker]

Craig,

Tuesday, November 12, 2002, 11:42:14 AM, you wrote:
Craig> original message he sent out initiating the so-called "test."  The note
...
Craig> However, the directive initiating the action (apparently there was an 
Craig> earlier email which included the same text, but without a PGP signature) 
Craig> does not refer to a test.

Let me get this straight.  You are offering a basic analysis that hinges on the
absence of the word 'test' from one of 3 message?  No doubt I misunderstand
you.


Craig> One can argue the case that there were some technical and administrative
Craig> aspects of testing going on, but to stress that what occurred was really 
Craig> a technically-oriented test is to obscure the fundamentally political 
Craig> nature of Jon's action.

1.  I did not claim there was no political component to the test.  What I
said was that he was not demonstrating his power to the US government as has
been claimed.

2.  What I said was that there was considerable concern that NSI might
choose to go rogue.  I do not mean the sequence of events that actually has
transpired.  There is much to criticize in NSI's performance around that
time, but they did not openly run counter to the administrative authority of
the root.  So what I was referring to was a fear that they might actually
declare their independence of the long-established authority that had been
dictating the contents of the root.

3. As is typical in the politically oriented public discussions about the
DNS, the operations issues are casually dismissed. Folks need to stop doing
that. Operations is about details and the operations issues that Jon was
testing were not nearly as trivial as some folks wish to believe. Large
scale operations requires large scale attention to the details. The rule
with operations is that all change is disruptive and it usually has
unexpected, negative consequences lurking in unseen places. So operations
folks for mission critical services worry a lot about even the simplest of
procedures.


Craig> Furthermore, I have a taped interview in which Ira Magaziner says that
Craig> during their famous phone conversation, Jon Postel proposed the idea of 
Craig> using the word "test" as a face saving gesture.

Ira was extremely upset.  As with most others, he was having so much fun
with the politics he neither cared about nor understood the operations
issues.  I was particularly intrigued to discover that after more than a
year of deliberation, the Inter-agency task force, over which he had assumed
authority and which was about to issue its findings, lacked very basic
knowledge about DNS technology.  I had to form a quick panel of experts to
try to get them up to speed.  The discussion there was fascinating.


Craig> Yes, the message to the press refers also refers to a "transition" as a 
Craig> justification of the test, but in my judgment, the language is highly 
Craig> finessed.

That is because you are looking for finesse.  Don't.  Jon did not try to be
that clever.  He really was a pretty straight-forward guy.


Craig> The statement hints that the "verification" was performed in
Craig> support of the government's desires, but it certainly was not.

You are confusing Magaziner's expectations with the government's desires.
Jon was not the only one concerned about NSI's possible behaviors.


Craig> Also, to respond directly to Dave Crocker's note: If the directive was
Craig> justified on the basis that NSI was on the verge of "going rogue," then 
Craig> why even bother to call the directive a test?

Perhaps because that's what it was?


Craig> Without such documentation, it's hard to uphold the position that Jon's 
Craig> primary motivation was a defensive move against possible action by NSI.

You are right.  We should ignore direct reports from anyone he talked with.
Unless he wrote it down, it can't possibly be true.


Craig> And, for what it's worth, his statement to the press makes no mention of 
Craig> that worry.

gosh. what a surprise. fear that the DNS registry monopoly might go rogue
with a mission critical service did not get cited in a public release that
would be sure to piss off that monopoly.

wow.  really difficult to understand why they were reticent.


Craig> It is fair to assume that the USG's agents would have been rather tough 
Craig> on NSI if it had added any "rogue" zones to the root.

Craig, you were spending a lot of time talking with people back then, but
you seem to have completely missed the difficulties that were rampant.


Legalities were claimed to be disputable.  Physical power of the monopoly
was excessive.  Direct effects of disruptive service would have been
disastrous.

Yet you want to cite vague possibilities of post-hoc retribution as being an
adequate deterrent? Sorry, but that's just a tad naive.

d/
-- 
 Dave Crocker  <mailto:dhc2 at dcrocker.net>
 TribalWise <http://www.tribalwise.com>
 t +1.408.246.8253; f +1.408.850.1850