[83711] in cryptography@c2.net mail archive
RE: DNSSEC to be strangled at birth.
daemon@ATHENA.MIT.EDU (Dave Korn)
Thu Apr 5 15:55:45 2007
From: "Dave Korn" <dave.korn@artimi.com>
To: <dan@geer.org>
Cc: <cryptography@metzdowd.com>
Date: Thu, 5 Apr 2007 17:15:42 +0100
In-Reply-To: <20070405154812.3F4921BF952@absinthe.tinho.net>
On 05 April 2007 16:48, dan@geer.org wrote:
> Dave,
>
> For the purposes of discussion,
>
> (1) Why should I care whether "Iran or China" sign up?
I think it would be consistent to either a) care that *everybody* signs up,
or b) not care about DNSSEC at all, but I think that a fragmentary uptake is
next to useless. As indeed the current situation provides evidence may be the
case.
> (2) Who should hold the keys instead of the only powerful
> military under democratic control?
>
> (a) The utterly porous United Nations?
>
> (b) The members of this mailing list, channeling
> for the late, lamented Jon Postel?
>
> (c) The Identrus bank consortium ("we have your
> money, why not your keys?") in all its threshhold
> crypto glory?
>
> (d) The International Telecommunication Union?
>
> (e) Other: _____________________________
>
> Hoping for a risk-analytic model rather than an
> all-countries-are-created-equal position statement.
Strawman. Not what I said at all.
FWIW, however, I would like to see them held by a multinational civilian
organisation. That could be a UN or ITU body, or an ICANN or IETF/IANA
offshoot, there are many possibilities.
The *important* point is that we have strategies and techniques available to
us in democracies to prevent corruption or abuse of power: we have separation
of powers, and bodies that bring together conflicting interests to share power
in the theory that if anyone tries to get up to anything, the others will be
watching, and since they have conflicting interests they are unlikely to
collude. This seems to me to be a viable principle for management of internet
infrastructure.
Placing it all in the hands of a single interest group - whether that be the
US (or anybody else's) military, the RIAA, or Bun-Bun the mini-lop, is a
single point of failure for corruption/abuse resistance.
BTW, there are lots of other reasons not to trust a military: lack of
accountability and oversight. You were the first to mention democracy: just
because the US army is the army of a democracy does not mean that it is in
itself democratic.
cheers,
DaveK
--
Can't think of a witty .sigline today....
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
