[ih] Re: anyone remember when the root servers were hi-jacked? (fwd)

[Craig Simon]

I'll put the gist of my response up front. Was it a hijacking? No. Was 
it a technical test? No.  Jon was seeking to put physical control of the 
root where he honestly thought it belonged -- under IANA.

Dave Crocker wrote:
 > Let me get this straight.  You are offering a basic analysis that 
hinges on the
 > absence of the word 'test' from one of 3 message?  No doubt I 
misunderstand
 > you.

Seems so.

I'm saying that the "small steps" message that launched the redirection
is by far the most important document we have revealing Jon's initial 
intentions. The press release in which he began to use the word test was 
was clearly written after the conversation with Magaziner. You have been 
saying quite explicitly the action was designed as a technical test, and 
you have been implying that Jon told you this beforehand, but you 
haven't stated explicitly that such a conversation was held, or when. 
The "test" story that has been diffused to the public stems from  the 
post-"test" statement from Jon.

There are also some posts on the net.internet.dns.policy thread from
Jon's brother Tom in which he said that that such a test had been
planned for over a year. Tom also says that the rationale for the timing
was related to the expiration of the Cooperative Agreement (implying a
political calculation).

However, Tom makes some a few surprising statements that seem factually
wrong. If these are actually correct, I'd like to know. Tom P. wrote 
that such tests had been run before... He initially argued the agreement 
was set to expire at the end of January. He also initially argued NSI 
cooperated in the test... He said that the test was over by the time 
Magaziner called.. And he wrote that Jon's lawyer (unidentified) 
convinced Magaziner that Jon did have the authority to do the "test."

Tom does put a lot of emphasis on RFC 1174 as the basis for Jon's
authority, which is a correct place to focus. The core of problem, 
however is that, at the end of the day, Jon's authority was not 
recognized as unequivocal.

Craig Partridge and Joe Touch add plausible and useful clarifications as
to what the technical aspect of the test was about -- the power to
re-site the root and the relative ease of doing so. I would like to know
if the conversation that Joe Touch recounted happened before or after
the incident.

In an interview with me in August 2000, Bill Manning described some
test-like activities that occurred during the redirection incident, but
he didn't actually mention the point about testing the ease of re-siting
the root, nor the rationale for the timing. I do recall that when I saw
Bill at the IETF meeting around March/April 1998, he was wearing a
T-Shirt with a picture of the cowardly lion from the Wizard of Oz, with
the caption, "If I only had the noive." Choose your own inference.

The fact remains that the secondary root server operators that I've
spoken to who were participants/subjects in this so-called test weren't
told at the time that the action was a test, but that it was a
transitional step in the development of the Internet.

 > Craig> One can argue the case that there were some technical and 
administrative
 > Craig> aspects of testing going on, but to stress that what occurred 
was really
 > Craig> a technically-oriented test is to obscure the fundamentally 
political
 > Craig> nature of Jon's action.

 > 1.  I did not claim there was no political component to the test.  What I
 > said was that he was not demonstrating his power to the US government 
as has
 > been claimed.

That's not my primary claim either. Recall that the person who started 
this thread said that Jon was trying to "embarrass" the USG, and I was 
arguing against that conclusion.

 > 2.  What I said was that there was considerable concern that NSI might
 > choose to go rogue.  I do not mean the sequence of events that 
actually has
 > transpired.  There is much to criticize in NSI's performance around that
 > time, but they did not openly run counter to the administrative 
authority of
 > the root.  So what I was referring to was a fear that they might actually
 > declare their independence of the long-established authority that had 
been
 > dictating the contents of the root.

How do you operationalize the statement, "declare their independence?"
By this time, hadn't NSI had already announced that, while the CA was in 
effect, it wouldn't make a move to change the root zone without 
permission from the DOC? And hadn't Becky Burr already stated loud and 
clear that she was the gatekeeper over what went into the root?

 > 3. As is typical in the politically oriented public discussions about the
 > DNS, the operations issues are casually dismissed. Folks need to stop 
doing
 > that. Operations is about details and the operations issues that Jon was
 > testing were not nearly as trivial as some folks wish to believe. Large
 > scale operations requires large scale attention to the details. The rule
 > with operations is that all change is disruptive and it usually has
 > unexpected, negative consequences lurking in unseen places. So operations
 > folks for mission critical services worry a lot about even the 
simplest of
 > procedures.
 >
 >
 > Craig> Furthermore, I have a taped interview in which Ira Magaziner 
says that
 > Craig> during their famous phone conversation, Jon Postel proposed 
the idea of
 > Craig> using the word "test" as a face saving gesture.
 >
 > Ira was extremely upset.  As with most others, he was having so much fun
 > with the politics he neither cared about nor understood the operations
 > issues.  I was particularly intrigued to discover that after more than a
 > year of deliberation, the Inter-agency task force, over which he had 
assumed
 > authority and which was about to issue its findings, lacked very basic
 > knowledge about DNS technology.  I had to form a quick panel of 
experts to
 > try to get them up to speed.  The discussion there was fascinating.

1. You're changing the subject.

2. I presume you're talking about the meeting with Kahin, Burr,
Weinberg, Stef, Postel, Mockapetris, Baker, Austein, Crocker, Kowack, et
al, during the IETF meeting in DC in late 97? I sat in on that one. I 
agree it was fascinating. It seemed to me that Rob Austein had won over 
the USG participants' confidence. His presentation was excellent, and my 
reading of the body language in the room was that he had convinced the 
USG folks that the POC/CORE group was in able hands, and would proceed 
responsibly within carefully considered parameters. Then you spoke, 
Dave, and the mood changed dramatically.

 > Craig> Yes, the message to the press refers also refers to a 
"transition" as a
 > Craig> justification of the test, but in my judgment, the language is 
highly
 > Craig> finessed.
 >
 > That is because you are looking for finesse.  Don't.  Jon did not try 
to be
 > that clever.  He really was a pretty straight-forward guy.

I'm not "looking for finesse" in particular. I'm looking to see how the
pieces of the puzzle fit together. Sometimes the most plausible
explanation is finesse, just as sometimes it can be ideology, material
interest, a sense of duty, ego, tactlessness, or something else. Usually
it's a mix. Finesse isn't bad, by the way.

 > Craig> The statement hints that the "verification" was performed in
 > Craig> support of the government's desires, but it certainly was not.
 >
 > You are confusing Magaziner's expectations with the government's desires.
 > Jon was not the only one concerned about NSI's possible behaviors.

If you are suggesting that there were individuals in the government who
supported Jon's actions, please say so directly and specifically.
We all know that, "Jon was not the only one concerned about NSI's
possible behaviors." The question in that context is whether he was in
league with officers of the USG who believed they had legitimate
oversight of the root, or who were expressly concerned about NSI going
rogue, or who expressly wanted to test the ease of re-siting the root.

 > Craig> Also, to respond directly to Dave Crocker's note: If the 
directive was
 > Craig> justified on the basis that NSI was on the verge of "going 
rogue," then
 > Craig> why even bother to call the directive a test?
 >
 > Perhaps because that's what it was?

We've clearly got a significant disconnect going here. I think you have
a stronger argument when you say that Jon was worried about NSI adding
unsanctioned zones, in comparison with the reports that he just happened
be conducting a technical test one day. If his action was designed as a
preparation against bad actions by NSI, then be straightforward and make
the point directly, from the top.

Actually, I think you've been more clear this time around than
previously, but people who have detected the long history of dissembling
on this matter, from that first press report on, presumed that its
purpose was to deflect attention from what they believe was a hijacking.
The hemming and hawing tends to strengthen their suspicions.

 > Craig> Without such documentation, it's hard to uphold the position 
that Jon's
 > Craig> primary motivation was a defensive move against possible 
action by NSI.
 >
 > You are right.  We should ignore direct reports from anyone he talked 
with.
 > Unless he wrote it down, it can't possibly be true.

The people Jon talked with years ago that I have spoken with since then
are reporting quite different things about what Jon said and what kinds
of pressures he was facing. In such cases, documents are extremely valuable.

 > Craig> And, for what it's worth, his statement to the press makes no 
mention of
 > Craig> that worry.
 >
 > gosh. what a surprise. fear that the DNS registry monopoly might go rogue
 > with a mission critical service did not get cited in a public release 
that
 > would be sure to piss off that monopoly.
 >
 > wow.  really difficult to understand why they were reticent.

Earlier you wrote Jon was straight-forward in that document. Now you are
arguing he was using tact and finesse. These are all fine qualities.

 > Craig> It is fair to assume that the USG's agents would have been 
rather tough
 > Craig> on NSI if it had added any "rogue" zones to the root.
 >
 > Craig, you were spending a lot of time talking with people back then, but
 > you seem to have completely missed the difficulties that were rampant.
 >
 >
 > Legalities were claimed to be disputable.  Physical power of the monopoly
 > was excessive.  Direct effects of disruptive service would have been
 > disastrous.
 >
 > Yet you want to cite vague possibilities of post-hoc retribution as 
being an
 > adequate deterrent? Sorry, but that's just a tad naive.

First of all, to be clear, when it comes to this point, I'm inferring,
not citing. The reason for this conjecture, whether it's reasonable or
naive, is to try to think through a rather obvious question, "What were 
the ramifications of the root January 1998 episode that some people 
think was a test, and that others think was a hijacking?"

I don't think it's naive to assume that, after all the attention given
to Postel's action, agents of the USG would have been very alert to any
move by NSI to add "rogue" (not blessed by IANA) zones to the root.
Would this make the people at NSI think twice? Certainly some of them.
In any case, the company found much more effective ways to steer the
process to its own ends.

Craig