ICANN Verbatim minutes re SiteFinder

Steve Crocker presented his report to ICANN in Malaysia:

>>STEPHEN CROCKER: THANK YOU AND YOU ECHO VENI’S CONGRATULATIONS AND THANKS. I HAVE HAD THE PRIVILEGE OF WORKING WITH HER FROM THE BEGINNING OF MY TENURE AND IT’S AMAZING HOW MUCH SHE TAKES CARE OF BEHIND THE SCENES. I CHAIR THE SECURITY AND STABILITY ADVISORY COMMITTEE. IN THE PAST I’VE TRIED TO GIVE SORT OF A BROAD PICTURE OF WHAT WE DO.

TODAY I’M GOING TO FOCUS ON SPECIFIC TOPICS, AND THERE’S A LITTLE BIT MORE THAT GOES ON, BUT THIS HAS BEEN A PERIOD THAT HAS BEEN PUNCTUATED BY A FEW BIG ISSUES. HERE’S A LIST OF PEOPLE WHO ARE CURRENTLY ON THE COMMITTEE. THIS LIST IS ALSO ON THE WEB SITE. A VERY DISTINGUISHED GROUP, ACTUALLY, WITH BROAD BASE AND GREAT DEPTH. THE COMMITTEE WAS FORMED IN SPRING OF 2002. THE PROCESS WAS INITIATED FOLLOWING THE EVENTS OF 9/11 IN 2001. INITIAL MEMBERS WERE SELECTED BY THE ICANN STAFF, AND THE COMMITTEE HAS BASICALLY BEEN VERY STABLE. TWO ADDITIONS AND TWO DEPARTURES OVER THE ENTIRE PERIOD. ONE OF THOSE WAS DOUG BARTON ROTATING OFF THE COMMITTEE HE HE THE BECAME IANA GENERAL MANAGER. WE ARE NOW ACTIVELY LOOKING FOR NEW MEMBERS. WE ARE LOOKING FOR ANYBODY THAT YOU THINK MIGHT BE INTERESTED OR IS INTERESTED OR THINK MIGHT BE APPROPRIATE. WE HAVE SORT OF A ROUGH-AND-READY INTERNAL THAT IS INTENDED TO BE INVITING AND INCLUSIVE BUT AT THE SAME TIME NOT OVERBEARING OR HEAVY WEIGHT. ANOTHER KIND OF STAFF CHANGE, JIM GALVIN HAS BEEN OUR EXECUTIVE DIRECTOR ON A PART-TIME BASIS. IT IS CLEAR TO ME THAT WE WILL BE CONSIDERABLY MORE EFFECTIVE IF WE HAVE THE BENEFIT OF A FULL-TIME RESEARCHER AND WRITER. WE POSTED ANNOUNCEMENT. WE CHARACTERIZED THIS AS THE SSAC FELLOW. EVALUATION OF THE APPLICATIONS WE HAVE RECEIVED IS CURRENTLY IN PROGRESS. THE STANDARDS WE HAVE IN MIND ARE QUITE HIGH SO IT’S NOT A GIVEN THAT WE’LL SELECT ANYBODY FROM THE CURRENT CROP. WE’VE BEEN DOING QUITE WELL AS IT IS. SO I’M LOOKING FOR SUBSTANTIAL IMPROVEMENT RATHER THAN JUST AN ARBITRARY CHANGE. AND IF ANYBODY HAS ANY QUESTIONS OR SUGGESTED CANDIDATES, DON’T HESITATE TO CONTACT ME. THANK YOU VERY MUCH. I WANT TO TALK PRINCIPALLY ABOUT TWO THINGS TODAY. WILDCARD REPORT AND THE INTRODUCTION OF SECURITY INTO THE DNS SYSTEM THROUGH THE DNSSEC PROTOCOL. SO THE NEXT SEVERAL SLIDES TALK ABOUT THE REPORT THAT WE’VE RECENTLY ISSUED ON REDIRECTION IN THE COM AND NET DOMAINS. THE REPORT IS AVAILABLE ON THE NET. THE URL IS GIVEN AT THE BOTTOM. THE REPORT IS A DAUNTING 85 PAGES, BUT THE MAJORITY OF THAT ARE APPENDICES AND SUPPORTING MATERIAL. THE MEAT OF THE REPORT IS ROUGHLY 25 PAGES, AND THE EXECUTIVE SUMMARY IS A VERY DIGESTIBLE TWO PAGES. SO YOU CAN HAVE THIS IN SMALL, MEDIUM, OR LARGE SIZE, IF YOU WISH. MIDDLE OF SEPTEMBER LAST YEAR, VERISIGN CHANGED THE WAY THE COM AND NET REGISTRIES WORKED. AND THE CHANGE THAT THEY INTRODUCED IS THAT WHEN A—WHEN RECEIVED A NAME THAT WAS NOT INSTANTIATED, THAT’S A TECHNICAL TERM, NOT REGISTERED OR NOT OTHERWISE VISIBLE IN THE DATABASE, AND THESE USUALLY AROSE FROM TYPOGRAPHICAL MISTAKES, THEN INSTEAD OF RECEIVING A STANDARD ERROR CODE, WHICH HAD BEEN DEFINED IN THE PROTOCOL AND HAD BEEN THE WAY THE SYSTEMS HAD WORKED FOR YEARS AND YEARS, THEY INSTEAD RETURNED AN IP ADDRESS OF ONE OF THEIR OWN SERVERS AS IF THAT NAME EXISTED. AND THEN WHEN SOMEONE ATTEMPTED TO CONNECT TO THAT SERVER, IF IT WAS A WEB CONNECTION, HTTP PROTOCOL, THEY GOT WHAT WAS CALLED THE SITE FINDER SERVICE. BUT IF IT WAS SOMETHING ELSE, THEY EITHER GOT A REFUSAL TO CONNECT OR IN THE SPECIAL CASE OF E-MAIL, WERE CONNECTED TO A SPECIAL E-MAIL SERVER THAT ACCEPTED THE CONNECTION AND THEN REFUSED EACH OF THE ATTEMPTS FOR EACH USER. SORT OF A “NO SUCH USER” RESPONSE. THERE WAS A RATHER SUBSTANTIAL, A VERY LARGE RESPONSE FROM THE COMMUNITY. IT WAS SWIFT, IT WAS QUITE VOCAL, AND IT WAS QUITE NEGATIVE. OVER THE NEXT SEVERAL DAYS, ANGRY MEMOS WENT BACK AND FORTH. ICANN ASKED VERISIGN TO PULL THE SERVICE DOWN. VERISIGN SAID NO. OUR COMMITTEE ISSUED AN ADVISORY. THE INTERNET ARCHITECTURE BOARD ISSUED A MEMORANDUM, ALL BASICALLY ALONG THE SAME LINE, SAYING LET’S NOT DO THIS, AND AT THE VERY LEAST, LET’S ROLL THIS BACK AND START OVER AND HAVE SOME TIME TO THINK ABOUT IT. THEN ICANN INCREASED THE—SORT OF RAISED IT TO ANOTHER LEVEL AND SAID AS A MATTER OF CONTRACTUAL AUTHORITY, WE INSIST YOU TAKE DOWN. VERISIGN OBJECTED, BUT TOOK IT DOWN IN ANY CASE IN EARLY PART OF OCTOBER. OUR COMMITTEE HELD A PAIR OF MEETINGS IN OCTOBER ON THE 7TH AND 15TH. THESE MEETINGS WERE PUBLIC MEETINGS IN WASHINGTON. NUMEROUS PRESENTATIONS, AND TRANSCRIPTS KEPT AND COPIES OF THE SLIDES. ALL OF THAT MATERIAL REMAINS ON THE WEB AND IS AVAILABLE FOR INSPECTION BY ANYBODY. WE THEN SET ABOUT TO WRITE A REPORT, AND WITH GREAT EMBARRASSMENT I HAVE TO SAY THAT I FELL INTO A BLACK HOLE AND THERE WAS AN ENORMOUS DELAY. BUT THE REPORT IS NOW DONE. IT WAS FORMALLY TRANSMITTED TO THE BOARD, AND MADE AVAILABLE TO THE PUBLIC AND IS AVAILABLE ON THE WEB AT THE URL THAT I PUT UP AT THE BEGINNING. IT CONSISTS OF EIGHT FINDINGS AND FOUR RECOMMENDATIONS AT SORT OF TOP LEVEL, SO I’LL WALK SORT OF BRIEFLY THROUGH THE FINDINGS AND RECOMMENDATIONS. THE WORDS HERE ARE MY QUICK SUMMARY OF THE—OF THESE FINDINGS AND RECOMMENDATIONS RATHER THAN THE PRECISE WORDING, WHICH REFLECTED SOME CARE AND CONSIDERABLE DEBATE TO GET IT TUNED JUST RIGHT. SO MY INTENT HERE IS TO GET THE SENSE OF THESE THINGS ACROSS RATHER THAN THE PRECISE WORDS. DO SEE THE REPORT IF YOU WANT TO DIG INTO IT OR IF THERE ARE ISSUES THAT ARE SOMEWHAT MORE SUBTLE THAN MY PRESENTATION HERE IS INTENDING TO COVER. SO THE FIRST FIND SOMETHING THAT VERISIGN DID, IN FACT, CHANGE THE REGISTRY AND ALSO THAT THAT CHANGE CAUSED HARM TO A WIDE VARIETY OF PEOPLE WHO WERE NOT PARTY TO THE CHANGE. THAT CHANGE VIOLATED ENGINEERING PRINCIPLES BY BLURRING THE ARCHITECTURAL LAYERS, AND AS A CONSEQUENCE, IT HAD THE UNFORTUNATE EFFECT OF PUTTING VERISIGN FUNDAMENTALLY INTO THE DESIGN LOOP FOR ANY CURRENT AND FUTURE PROTOCOL CHANGES. WHY IS THAT? WELL, THE PROTOCOL FOR DOMAIN NAME SYSTEMS SAYS IF THERE’S NO ENTRY, YOU GET BACK A NEGATIVE ANSWER, AND MANY APPLICATIONS ACTUALLY MAKE USE OF THAT NEGATIVE RESPONSE IN A CONSTRUCTIVE WAY. THE CHANGE THAT VERISIGN I UNDERSTAND CONSTITUTED EFFECTIVELY REMOVED THAT NEGATIVE RESPONSE ALTOGETHER, SUBSTITUTING AN APPARENTLY POSITIVE RESPONSE, AND THEN TRIED TO FIX IT UP AT THE NEXT LAYER UP WHEN SUBSEQUENT QUERIES TO THAT—OR CONNECTIONS TO THAT SERVER TOOK PLACE. BUT THEY WOULD TAKE PLACE IN ARBITRARY PROTOCOLS, AND SO IT BECAME A PROTOCOL-SPECIFIC RESPONSE REQUIRED, AND THINGS GET VERY MESSY AT THAT. THOSE THREE FINDINGS ARE INDEPENDENT OF TIMING, INDEPENDENT OF PROCESS. THEY JUST SPEAK TO THE FACTS. THE FOURTH FINDING IS THAT THE CHANGE WAS ABRUPT. THERE WAS VERY LITTLE, ESSENTIALLY NO NOTICE, A LITTLE BIT OF ADVANCE NOTICE IN PUBLIC PRESS. NO COORDINATION WITH THE COMMUNITY. ALTHOUGH IT WAS QUITE EVIDENT THERE WAS A VERY LONG DEVELOPMENT PERIOD, SO IT WASN’T JUST THAT THEY THOUGHT IT UP ONE NIGHT AND INTRODUCED IT THE NEXT DAY. SO THAT CHANGE WAS ABRUPT, AND THAT HAS ITS OWN CONSEQUENCES. THERE WERE—ANOTHER FINDING IS THAT, AS A CONSEQUENCE, THERE WAS VIGOROUS ACTION ACROSS A NUMBER OF FRONTS TO COUNTERACT THAT CHANGE. THE ONE THAT RECEIVED THE WIDEST NOTICE WAS A CHANGE INTRODUCED BY INTERNET SYSTEMS CONSORTIUM IN ITS BIND PROGRAM AS AN OPTION TO BE CHOSEN BY ITS CUSTOMERS THAT WOULD TAKE THE ADDRESS RETURNED AND TAKE NOTE OF THAT AND SAY THAT’S THE ADDRESS OF THIS REDIRECTION; LET’S TURN IT BACK INTO AN ERROR CODE. THAT’S A—AND THERE WERE COMPARABLE CHANGES MADE BY ISPS AND PUT INTO SOME ROUTERS. SO NOT SOLELY THERE—NOT SOLELY THE ISC BIND CHANGE. THE PROSPECT OF WARRING CHANGES THAT MAKE A CHANGE AND THEN ANOTHER PART THAT UNDOES IT IS THE KIND OF THING THAT STRIKES FEAR AND TERROR IN THE HEARTS OF ENGINEERS THAT TRY TO BUILD STABLE SYSTEMS. THINGS BECOME RICKETY AND ONE LOSES SLEEP IN THOSE KIND OF SITUATIONS. 5 AND 6 HAVE TO DO WITH PRIVACY ISSUES. BECAUSE OF THE WAY THEY CHOSE TO HANDLE E-MAIL, AND MAYBE IT’S WORTH BACKING UP A LITTLE BIT. THE GENERAL STRATEGY FOR THE NON-WEB PROTOCOLS WAS SIMPLY TO REFUSE THE CONNECTION. IN THE SPECIAL CASE OF E-MAIL, WHEN ONE E-MAIL SERVER IS TRYING TO SEND MAIL TO ANOTHER E-MAIL SERVER AND IT HAS ITS ADDRESS AND KNOWS THAT IT EXISTS, THE STRATEGIES THAT ARE BUILT INTO THOSE PROTOCOLS ARE TO OVERCOME TEMPORARY TRANSMISSION FAILURES BY RETRYING. SO A REFUSAL TO ACCEPT THE CONNECTION IS SEEN AS A TEMPORARY HURDLE AND IT QUEUES UP THE MAIL AND ATTEMPTS TO SEND IT IN THE AMOUNT OF TIME IT TAKES TO RUN THROUGH ITS COURSE AND GIVE IT VARIES BUT A TYPICAL TIME IS THREE DAYS. SO A MISTYPED NAME IN AN E-MAIL ADDRESS, INSTEAD OF GIVING A VERY QUICK RESPONSE THAT THAT IS AN IMPROPER OR NONEXISTENT DOMAIN NAME LEADS TO A VERY LONG DELAY THAT LOOKS AS IF THE MAIL IS GOING TO GO THROUGH AND THEN THREE DAYS LATER AN ERROR MESSAGE THAT THE SERVER SEEMS TO BE DOWN, CONFUSING AND QUITE DELAYED. SO VERISIGN INSTEAD OF USING THAT STRATEGY BUILT A SERVER THAT ACCEPTED THE CONNECTION AND THEN IN THE PROCESSING OF EACH OF THE USERS, THE TWO ADDRESSES, IF YOU WILL, WHO IT’S FOR, SAID WE DON’T HAVE THAT USER, DON’T HAVE THAT USER, AND THAT GENERATED A MUCH PROMPTER “NO SUCH USER” RESPONSE. PEOPLE CONCERNED WITH PRIVACY ISSUES OBSERVED THAT THAT STRATEGY MEANS THAT THE ADDRESSES OF WHO YOU WERE SENDING THE MAIL TO AND WHO WAS SENDING IT ENTERED VERISIGN SERVERS RAISING THE APPEARANCE OF POSSIBLE PRIVACY ISSUES. VERISIGN WAS ADAMANT THAT THEY DIDN’T RETAIN OR USE THAT INFORMATION. I THINK THERE’S NO EVIDENCE TO THE CONTRARY AND NO REASON TO—NOT TO BELIEVE THAT. BUT THE ARRANGEMENT OF HAVING THAT INFORMATION GO INTO SERVERS THAT ARE UNINTENDED OPENS THE DOOR FOR OTHERS TO DO THE SAME OR FOR OPERATIONAL ISSUES TO CHANGE OVER A PERIOD OF TIME AND LED TO A CERTAIN DEGREE OF NERVOUSNESS. A SEPARATE PRIVACY ISSUE IS RELATED TO THE PAGE THAT WAS DELIVERED UP WHEN—IF YOU WERE MAKING A WEB CONNECTION, INCLUDED SOME SOFTWARE THAT TRACKED USER BEHAVIOR AND REPORTED IT BACK. TO A CERTAIN EXTENT THAT’S STANDARD INDUSTRY BEHAVIOR, BUT ON THE OTHER HAND IN THE CONTEXT OF TRYING TO MAKE A DOMAIN NAME REFERENCE AND NOT HAVING OPTED IN OR EVEN CHOSEN TO GO THERE LEFT ANOTHER SET OF PEOPLE NERVOUS ABOUT THE PRIVACY ISSUES. AND THE LAST FINDING IS THAT COLLECTIVELY, THE SET OF EVENTS FROM A TECHNICAL PERSPECTIVE AND FROM A MANAGEMENT PERSPECTIVE REDUCED TRUST OVERALL, WHO IS IN CHARGE OF THE NETWORK, WHAT IS THE NEXT THING THAT GOING TO HAPPEN. THOSE KIND OF QUESTIONS BECAME MUCH MORE EVIDENT ON PEOPLE’S MINDS. WE FORMULATED FOUR RECOMMENDATIONS. THE FIRST IS DON’T DO THIS REDIRECTION. THE PRIMARY MECHANISM FOR THE REDIRECTION IS USING A MECHANISM CALLED WILDCARDS WHICH IS A TERM THAT SAYS THIS ENTRY COVERS EVERYTHING NOT COVERED ABOVE, BUT THERE ARE OTHER WAYS TO DO REDIRECTION. ONE COULD HAVE A PROGRAM THAT SYNTHESIZES A RESPONSE INSTEAD OF A FIXED DATABASE, AND THAT’S THE LANGUAGE WE USED IN THE REPORT. BUT RECOMMENDATION 1 SAYS LET’S NOT DO THIS GOING FORWARD IN ANY OF THE PUBLIC DOMAINS THAT EXIST. THERE ARE ALSO A HANDFUL OF RELATIVELY SMALL DOMAINS THAT HAVE BEEN USING THIS STRATEGY, AND THAT RAISES, QUITE OBVIOUSLY, THE QUESTION OF, WELL, WHAT ABOUT THEM? DO THEY GET TO CONTINUE? IS THAT OKAY? IF THEY CONTINUE, WHY IS THAT NOT A BAD THING? IN FACING UP TO THOSE ISSUES AND DOING A REASONABLY STRAIGHTFORWARD ANALYSIS, OUR CONCLUSION IS THAT THOSE USES SHOULD BE PHASED OUT. WE DON’T INTEND THAT THAT SHOULD HAPPEN ABRUPTLY. WE BELIEVE THAT FOR MOST OF THE UNDERLYING REASONS THAT THAT STRATEGY IS BEING EMPLOYED THAT THERE MAY BE OTHER WAYS TO ACCOMPLISH A COMPARABLE GOAL. BUT THAT IS OUR RECOMMENDATION. AND I HASTEN TO ADD THAT OUR JOB IS TO MAKE RECOMMENDATIONS. WE DON’T HAVE ENFORCEMENT OR REGULATORY AUTHORITY. BUT WE DO THE BEST ANALYSIS WE CAN AND WE OFFER THAT ADVICE TO THE BOARD, TO THE COMMUNITY, AND TO, IN SOME SENSE, ANYBODY ELSE WHO WILL LISTEN. THE THIRD RECOMMENDATION WAS IN OBSERVATION THAT THE USE OF WILDCARDS IS DOCUMENTED IN THE SPECIFICATIONS, THE RFCS THAT DEFINE THE DOMAIN NAME SYSTEM. BUT THE LANGUAGE IS NOT CLEAR ABOUT THE PROPER USE, AND OVER TIME THERE HAS BEEN DIFFERENT WRITINGS THAT SUGGEST THAT THIS IS SOMEWHAT DANGEROUS OR SHOULD BE USED ONLY IN LIMITED CIRCUMSTANCES. SO OUR RECOMMENDATION IS TO TRY TO BRING GREATER CLARITY IN THAT AREA. WHETHER OR NOT THE IETF WOULD TAKE THAT UP IS A MATTER UNDER THEIR CONTROL, OBVIOUSLY, AND NOT OURS. THE FOURTH RECOMMENDATION SPEAKS TO THE PROCESS OF INTRODUCING CHANGE INTO PUBLIC REGISTRIES, AND OUR RECOMMENDATION IS THAT THERE SHOULD BE A DISCIPLINE PROCESS THAT INCLUDES OPEN NOTICE, AND NOT ONLY OPEN NOTICE BUT A CONSENSUS PROCESS THAT INCLUDES THE PEOPLE WHO ARE AFFECTED AND NOT SOLELY THE REGISTER OPERATORS. SO THAT’S THE BASE PICTURE OF WHAT OUR FINDINGS AND RECOMMENDATIONS ARE. AND HOW DO YOU WANT TO HANDLE THIS, ALEJANDRO? I WILL BE HAPPY TO TAKE QUESTIONS OR NO QUESTIONS IF YOU THINK THAT THAT’S INAPPROPRIATE, OR I CAN MOVE ON TO THE OTHER TOPIC, BUT THIS WILL BE A NATURAL POINT FOR QUESTIONS ON THIS TOPIC.

>>ALEJANDRO PISANTY: WE ARE ALREADY RUNNING OVER TIME BUT I THINK WE COULD ALLOW FOR FIVE MINUTES OF QUESTIONS HERE.

>>STEPHEN CROCKER: SO I’VE GIVEN THIS TALK MAYBE FIVE TIMES THAT I CAN REMEMBER DURING THIS WEEK TO DIFFERENT GROUPS. THERE MAY BE NOBODY LEFT THAT HAS A NEW QUESTION, AND THAT’S FINE.

Later in the Meeting I had the chance to ask a question/make a point:

>>KEITH TEARE: YEAH. MY COMMENTS RELATE TO THE SITE FINDER EXPERIENCE. AND JUST BY WAY OF DISCLOSURE, I, ALONG WITH I THINK SIX OR SEVEN OTHERS IN THE IMMEDIATE AFTERMATH OF SITE FINDER AND THE CONTROVERSIES SURROUNDING IT WERE ASKED TO SERVE ON A TECHNICAL ADVISORY COMMITTEE TO VERISIGN TO HELP THEM UNDERSTAND WHY THERE WAS SO MUCH CONTROVERSY.

AND I PARTICIPATED IN THAT AND HAVING DONE SO I’VE LOOKED AT THE PROCESS THAT’S GONE ON SINCE WITH A GREAT DEAL OF INTEREST. AND I THINK I’D LIKE TO SHARE WITH THE BOARD A NUMBER OF THINGS WHICH ACTUALLY MOUHAMET’S COMMENTS WERE A GREAT SEGUE TO. I THINK THE FIRST THING IS THE ATMOSPHERE IN THE IMMEDIATE AFTERMATH OF SITE FINDER ACTUALLY MADE IT INCREDIBLY DIFFICULT TO HAVE A RATIONAL CONVERSATION ABOUT IT, BECAUSE THERE WAS SO MUCH PASSION ON BOTH SIDES, THAT ANYONE WITH AN OPINION OF ANY TYPE USUALLY FOUND IT VERY DIFFICULT TO HAVE A DIALOGUE WITH ANYONE THAT HAD A DIFFERENT OPINION. AND I FEAR THAT SOME OF THAT ATMOSPHERE HAS FED THROUGH TO THE FINAL REPORT. AND THAT IS AN ATMOSPHERE OF LET’S SAY FEAR, ONE IN WHICH WORDS LIKE “SAFETY” END UP BEING INCREDIBLY FRIGHTENING WORDS THAT HAVE THE IMPACT OF STOPPING CONVERSATION, BECAUSE YOU JUST CAN’T GO THERE. HOW COULD YOU BE FOR THINGS NOT BEING SAFE? THEREFORE, PLEASE DON’T HAVE AN OPINION ABOUT THIS BECAUSE IT ISN’T SAFE DOESN’T FEEL GOOD TO ME. AND WITH SITE FINDER PARTICULARLY, AND SOME OF THE FINDINGS, I’M PUZZLED, ACTUALLY. I RUN LOTS OF DOMAIN NAMES FOR SOME WEIRD REASON TO DO WITH HISTORY, AND MOST OF THEM DON’T SERVE VERY MANY PROTOCOLS. ACTUALLY, MOST OF THEM DON’T HAVE E-MAIL LIVE. MOST OF THEM DON’T HAVE LDAP LIVE, MOST OF THEM DON’T HAVE IMAP LIVE. VERY FEW PEOPLE WHO OWN DOMAIN NAMES RUN PROTOCOLS, ALL THE PROTOCOLS THAT THOSE DOMAIN NAMES SHOULD SUPPORT. AND IT SEEMS TO ME THAT IF YOU ANALYZED REAL DOMAIN NAMES THAT PEOPLE OWN AND COMPARED IT WITH WHAT SITE FINDER WAS, THE SAFETY CONSEQUENCES WOULD BE EXACTLY THE SAME FOR THOSE THAT ARE OWNED AND THOSE THAT ARE NOT OWNED, THE FAILURE TO SUPPORT PROTOCOLS, FOR EXAMPLE, WOULD BE EXACTLY THE SAME. THE BREAKING OF THE END-TO-END PRINCIPLE WOULD MOSTLY BE THE SAME, BECAUSE MOST DOMAIN NAME OWNERS DON’T RUN ALL THE PROTOCOLS THAT THEY COULD POSSIBLY RUN TO SERVE THE INTERNET. AND SO I FEAR THAT SOME OF THE ARGUMENTS ARE ACTUALLY NOT GOOD ARGUMENTS. NOW, HAVING SAID THAT, CLEARLY, THERE’S A LOT OF ISSUES AROUND SITE FINDER. BUT I THINK I’D LIKE TO RETRIEVE OUT OF IT SOME REALLY IMPORTANT POSITIVE THINGS THAT THE BOARD SHOULD AT LEAST HEAR AND THINK ABOUT. FIRSTLY, ON ADDRESSING SYSTEMS IN THE ABSENCE OF ADDRESSES, THE MAIL SYSTEM HAS A RETURN TO SENDER SYSTEM. IF YOU SEND A LETTER TO A FAKE OR A NONEXISTENT ADDRESS AND YOU PUT ON WHO YOU ARE, THEY SEND IT BACK TO YOU. THE TELEPHONE SYSTEM, IF YOU RING A WRONG NUMBER, HAS A NUMBER OF DIFFERENT WAYS TO TELL YOU YOU DID THAT. EITHER IT MAKES A NOISE OR IT SOMETIMES SAYS YOU’VE DIALED A WRONG NUMBER. IT SEEMS TO ME THAT FOR THE DOMAIN NAME SYSTEM TO HELP USERS WHO MAKE A MISTAKE, THAT ISN’T A BAD GOAL.

IT’S NOT AN UNWORTHY GOAL. IT’S ACTUALLY QUITE A GOOD GOAL. THE FACT THAT SOMEONE MAKES MONEY FROM IT IS NOT A BAD THING, EITHER. I MEAN, ULTIMATELY, WE LIVE IN MARKET ECONOMIES FOR THE MOST PART. I CAN’T FIND ANYTHING BAD IN THAT. SO I THINK THE UNDERLYING GOALS OF SITE FINDER, THERE’S SOMETHING WORTHY IN THOSE GOALS THAT’S GENERALLY OKAY. AND THE FACT THAT THERE WERE THE PROBLEMS IS SOMETHING THAT’S COMMON TO BOTH SITE FINDER AND EXISTING DOMAIN NAMES. THERE’S NOTHING DIFFERENT IN MY MIND THERE AT THE LEVEL OF THOSE PROBLEMS. APPLICATIONS ARE BROKEN. IF SOMEBODY TRIES TO SEND ME AN E-MAIL AT KEITH@E-MAIL NEWS.COM, WHICH IS A DOMAIN I KNOW. IT’LL BREAK. IT JUST WON’T GET THROUGH TO ME, THE SAME WAY AS IN SITE FINDER. SO I THINK AT LEAST TO SOME EXTENT, PASSION AND OPINION IS OVERRIDING DIALOGUE AND DISCUSSION. AND WHAT MOUHAMET SAID ABOUT THE CONSEQUENCES OF THAT FOR A FREE-THINKING INTERCHANGE THAT CAN LEAD TO INNOVATION IS ACTUALLY CRUSHING IN SOME REGARD. I KNOW I’M PRETTY NERVOUS EVEN MAKING THESE POINTS BECAUSE OF THAT. BECAUSE, YOU KNOW, IT’S A DIFFICULT DISCUSSION TO HAVE BECAUSE THERE’S SO MUCH PASSION AROUND THE ISSUE.

>>VINT CERF: KEITH, I’M GOING TO TAKE CHAIRMAN’S PRIVILEGE AND RESPOND, IF YOU’RE FINISHED.

>>KEITH TEARE: YEAH, I CAN FINISH NOW.

>>VINT CERF: I ACTUALLY THINK THOSE ARE VERY BAD ARGUMENTS.

SO I DON’T WANT TO PROLONG THIS TOO MUCH. BUT I ACTUALLY BELIEVE THEY ARE ARGUMENTS FOUNDED IN MAYBE A MISUNDERSTANDING ABOUT HOW SOME OF THIS STUFF BEHAVES. WHEN YOU DESIGN A SYSTEM SUCH AS THE INTERNET WITH THE DOMAIN NAMES UNBOUND IN ANY FASHION TO ANY PROTOCOL, THE ONLY ASSUMPTION YOU CAN MAKE FROM THE ENGINEERING POINT OF VIEW IS THAT ANY PARTICULAR DOMAIN NAME MAY BE USED WITH ANY PARTICULAR PROTOCOL IN THE INTERNET. YOU CAN’T MAKE THE ASSUMPTION THAT THIS PARTICULAR DOMAIN NAME IS SOMEHOW SHIELDED, BECAUSE YOU DON’T KNOW WHEN YOU’RE DOING THE DESIGN WHETHER AT SOME LATER TIME THAT DOMAIN NAME WILL BE USED WITH A PARTICULAR PROTOCOL. SO THE FEAR AND SAFETY AND SO ON, WHICH ARE LOADED TERMS, SHOULD, I THINK, IN THIS CASE BE THOUGHT OF MORE AS ASSURANCE THAT THINGS WILL WORK IN AN UNCERTAIN FUTURE. THAT’S POINT NUMBER ONE. THE EXAMPLES THAT YOU GAVE ABOUT, YOU KNOW, THE TELEPHONE SYSTEM TELLING YOU THAT YOU DIALED A WRONG NUMBER OR THE POSTAL SERVICE DELIVERING A MESSAGE BACK TO YOU THAT YOU MISADDRESSED, THE DESIGN OF DNS DOES GIVE EXACTLY THAT SIGNAL. THE SIGNAL WAS, “THIS DOMAIN NAME IS NOT REGISTERED.” THAT’S A WELL-DEFINED RESPONSE.

IT’S LEFT TO WHICHEVER PROGRAM SENT THE REQUEST TO DECIDE WHAT TO DO WITH IT. WHAT HAPPENED IN THE SITE FINDER CASE IS THAT THE PARTICULAR DIVERSION, BASED ON THE RECOGNITION THAT THE DOMAIN NAME WASN’T PRESENT, TOOK AWAY FROM THE PROGRAM MAKING THE QUERY THE OPPORTUNITY TO DECIDE FOR ITS PURPOSES WHAT TO DO. AND IT DID SOMETHING ELSE. AND THERE WAS NO OPT IN OR OUT OR ANYTHING. SO I THINK THAT THE REASONING THAT YOU’RE GOING THROUGH DESERVES SOME CAREFUL DISCUSSION, NOT TODAY. BUT I WOULD LOVE TO ENGAGE YOU ON THIS, BECAUSE I BELIEVE THAT THERE ARE SOME PRETTY DEEP ISSUES THAT ARE MISSED IN THE CONVERSATION. ANYBODY ELSE? NO. THANK YOU.

>>KEITH TEARE: OKAY. 

Leave a Reply