Swerve - i'm getting tired - i've been on GMT time chasing this Goolnik
chap - so this will be my last message for today as it's now well past
nappies for me. but i've giving you a most interesting response to your
root server questions and if you want to call me voice tommorrow i'll
answer all of your questions. i don't want to monopolize discussion.
On Fri, 24 Aug 2001 Swerve@Swerve.com wrote:
> > simple answer - look up the technical bible - rfc 1591.
>
> I'll check that when i have a chance. I will guess that you are opposed to
> colliding roots. I am very concerned about this whole issue, so your
> patience is appreciated.
absolutely. collisions are illogical and result in reduced
communication. or lack thereof. imagine creating two area codes 212 with
the same prefixs in both. not a good idea.
somalia is an excellent example of what is happening to the net. in
somalia there are five telephone systems - or at least last time i
looked. and non of those telephone systems are connected to each
other. so if you want to have good telephone service - you get five
different phones. that is inefficient and illogical as are colliding
tlds.
> As for .God, are you claiming exclusivity because you are the first one to
> do so within the community of alt. root people that you correspond with?
yup thats the way it works. rfc 1591 agrees.
>
> If this is the case, i am not convinced that this method is a fair and
> healthy way to protect the namespace. With all that seems to be going down,
> my support goes for a revamped Icann or single body that is owned by the
> public trust. (emphasis on "revamped")
no - i disagree. first come first served is the only approach that will
work. i usually give as an example dogs. when a dog takes a piss - he
marks his/her territory and other dogs have enoght respect not to piss in
the same spot.
as soon as you have central authorities you end up with twits playing
power politics.
what we need is a librarian or accountant who can keep good books. once
you enter the name it's done. that's the way it's worked in the past and
that's the only way it will work in the future.
give a human the ability to judge - and viola you end up with conflicts.
> >From what i can tell, and i don't know all the minutae of facts and history,
> Icann is not a true centralized body that reflects the public trust.
>
> This does not mean that all centralized bodies are "bad".
I was in politics for a long time and one thing i've learned is that
centralized authority is in most cases unfair. human beings are too
easily drawn to temptation and then the rules begin - the exceptions - the
exclusions and the excuses.
there are some centralized authorities which do work but they are mainly
limited to maintaining quality control - and even those are
corruptable. the truth of that is in abundance before our eyes. but a
centralized or shared bookkeeper would work - provided that the rules are
simple - again rfc 1591. or the old dog rule - if dog A pisses on the
fire hydrant - then dog B stays away.
much of the mess made by icann is nothing more then simple greed. once
again temptation marks their grave.
>
> I don't see how the alternative roots offer a fairer and stabler solution.
> A case and point, imo, is your personal exclusive claim to .God.
I disagree Swerve - in fact I would say multiple roots - thousands of them
should be the rule of the day.
The USG root infrastructure was established back when we had some 5,000
systems on the net. we moved from the flat host file to the zone file and
delegations. at the time i think there were only 5 roots - maybe
less. and as the internet grew we got up to 13. and that number - 13
only reflect a technical limit in bind.
now we have milions of hosts. yet at least 80% of the world is still
using 13 roots.
this poses a serious problem. a problem which is with us daily. in the
worst senario a well orchestrated hacker attack - and i'm not talking
about the fluff that passes for hacking these days. i'm talking about a
well planned information warfare senario. in this case all roots can be
taken out and the results could be catistrophic.
i spoke about this once on the dicovery tv networks - but it made them
nervous and we moved on.
then we have the possibility that the us government could go bonkers and
they could use the root themselves to conduct info warfare - and no one
would be any wiser. A root and a few proxies can be used to semlessly
redirect traffic and capture data in the process.
now I will give you a real life example of the last senario. some time
ago and some of you may have remembered this. I took over the orsc root
and caused it serious damage.
to make a long story short - at the begging of 2001 i was providing
Diebold Corporation with IP infrastructure. Diebold and the ORSC made an
arrangement to operate two root servers off my infrastructure. They never
asked me or PCCF for permission. If they had I would of outlined the
dangers in doing that.
in any case we had a falling out. i moved my infrastructure - and
incidentally i almost disconnected diebold from the net. but they quickly
figured out who was in charge and once they understood their position
penance was quickly extracted.
basically diebold was in the middle of an internal power struggle and i
ended up getting caught in the middle. now i don't mind watching
corporate drag queens tear eachs other eyes out and ruining their
mascaras. like any good sole i love watchin a cat fight and would of
pulled out the lawn chair. but don't expect me to join in the
festivities.
in any case i moved out and spent about 6 months trying to get them to
help me clear out the traffic from the two roots they were running on arpa
205.189.73/24. they were non responsive. the orsc was non responsive.
now Swerve - there was a reason why i wanted these things manually cleaned
out. Liability. A root server operator is GOD - period - full stop -
exclaimation point. or he who controls the root controls everything the
users connected to it do. because essentially you are in control of all
answer to all dns questions.
this terrified me - because i knew the damage a hacker could do if they
ever gained control of these arpas. imagine being a hacker and being in
control of all answers to all questions.
so since we didn't have co-operation it was my decision and that of the
PCCF board to null the root.
I proceeded to create an html page explaining the history of the problem,
the event and the solution.
http://www.dot-god.com/communications/Diebold_Inc/
I redirected al 404 errors to that page.
I then created a zone file which essentially gave one answer to all
questions.
http://www.dot-god.com/communications/Diebold_Inc/baptista-vortex-namespace.txt
and i redirected all port 80 traffic to one main server. it worked. the
arpa was flushed of activity. I expect the server to crash - but it
survived. I was ready with backups if required and had techs standing by
to halt the server if required.
The first users to be flushed were the individual ones who were using the
orsc roots directly. they were pretty well the first to go. since we had
one one answer to all questions the server was faster then the other orsc
servers which perform recursion so our server always answered first in
most cases.
then the isp's quickly followed. only a few were caught in it for a long
time. mainly large isps with many customers who were caching the orsc
root.
the last to go were automated systems. there was one which was in brazil
(i think that was the country) which was indexing web pages. we got about
100,000 hits from that before they figured it out. alot of automated
systems that day broke.
the traffic was not as heavy as i had anticipated. that was mainly due to
cached answers. so large isp's experienced sporadic outages. but in some
case the technical suuport staff argued with the users that there was
nothing wrong with their system and only acted as more and more
caches expired and the problem intensified. a major isp in california -
znet took two days to settle down.
we had traffic from everywhere under the sun. the grand dutchy of fenwick
- ot is that lichenstien ;-) was one of those. several labs at the
university of california including the office of the president were
affected. numerous businesses. yada yada yada.
and of course i watched as user names - passwords - credit card info -
and other stuff flew past my screen.
and of course - diebold and the orsc ended up with a black eye. John
Palmer made a claim to me in private that a good percentage drop in
traffic was detected. when i made his claims public he quickly reversed
himself - orsc damage control.
so the moral of this story is simply - be careful who runs your root. and
by the way - as a matter of interest - if anyone is interested in looking
at the list of affected users - i can search for it and post it. if there
is an interest. the httpd logs i am willing to make available to anyone
willing to sign a non disclosure agreement with us. they of course
contain sensitive data.
So Swerve - this brings us full circle. Do you trust the US Government to
run the world. I don't. ICANN and the USG DOC has show it has no
understanding of the power that it yields and shown it can be abusive.
I personally would recommend to any world government or corporation that
if it wants to maintain it's data safe - and the integrety of it's system
- that it run it's own root.
anyway in closing i really enjoyed this - and your welcome to give me a
call personally. someone who asks questions and takes the time to listen
is in my opinion a human asset worth investing in.
the rest are ostrages with their heads buried in the sand and their rumps
up in the air - well spread - with a great big red flag which says "DO
ME" ;-)
Regards
Joe Baptista
>
> regards,
>
> Swerve
>
> time for another smoke.
> >>
> >> Imo, Icann has been messing up for a long time. The alternatives that
> >> appear to be unfolding seem to be making things messier.
> >
> > your right there. icann has made a mess of it. and most of the
> > alternatives are still wandering in the desert. but there is good forward
> > motion. the tlda is the first attempt and i hope the last. but hope is
> > for fools and lovers.
> >
> > new.net is an excellent example of stupidity. they have an opportunity to
> > lead - yet they choose to collide and contribute to the problem. yet when
> > new.net was asked the question here - what if icann ends up setting up
> > simular tlds. their response was why should they.
> >
> > i found that reply funny and offensive. basically one sinner pointing the
> > finger at another. very droll.
> >
> > regards
> > joe
> >
> >>
> >>
> >>
> >> Swerve
> >>
> >>> Gods interest in this is non
> >>> existent. in the beginning God gave all of you a very special gift. and
> >>> what you have done to it is rape it, spoil it, and in the process you
> >>> manage to exterminate each other with a certain level of efficiency that
> >>> makes me and any other intelligence sick.
> >>
> >> Are you part of the "you" that you are referring to above, or is it only the
> >> rest of us?
> >>
> >>>
> >>> i say to you that any man or woman who would oppose us is petty and
> >>> vain. and by default their indulgence in god more fiction then fact.
> >>
> >> I oppose your attempt to exclusively control the .God domain. Why is that
> >> petty and vain?
> >>>
> >>> anyway - we have various churches and spiritual organization registered
> >>> under .god - so i don't see a problem. if you find any holy roller who
> >>> objects - send them to me. because i say with absolute certainty that God
> >>> does not maintain a complaints department.
> >>>
> >>> regards
> >>> joe baptista
> >>>
> >>> p.s. be careful pretty soon i'll start quoting scripture and then we'll
> >>> all be sorry. i feel the spirit moving me. and then poor Ross will have
> >>> to step in and we'll end up with a dogs breakfast.
> >>>
> >>>>
> >>>> regards,
> >>>>
> >>>> Swerve
> >>>>
> >>>>> From: baptista@pccf.net
> >>>>> Date: Fri, 24 Aug 2001 14:17:37 -0400 (EDT)
> >>>>> To: Swerve@Swerve.com
> >>>>> Cc: baptista@pccf.net, Duane Cook <dcook@9netweb.com>,
> >>>>> discuss-list@opensrs.org
> >>>>> Subject: Re: was ...Re: www.dotsex.com, now is .God ?
> >>>>>
> >>>>> On Fri, 24 Aug 2001 Swerve@Swerve.com wrote:
> >>>>>
> >>>>>> Hi Joe,
> >>>>>>
> >>>>>> Checked out the link to your site in the last email.
> >>>>>>
> >>>>>> Are you claiming exclusive intellectual property rights under .God ?
> >>>>>
> >>>>> yes - we are.
> >>>>>
> >>>>> regards
> >>>>> joe
> >>>>>
> >>>>> p.s. - i have just been informed by the solicitor of record that pennance
> >>>>> has been done. we are now moving to the next stage - salvation. it will
> >>>>> take 24 hours for me to confirm the penance.
> >>>>>
> >>>>>>
> >>>>>> regards,
> >>>>>>
> >>>>>> Swerve
> >>>>>>
> >>>>>>> From: baptista@pccf.net
> >>>>>>> Date: Fri, 24 Aug 2001 12:24:19 -0400 (EDT)
> >>>>>>> To: Duane Cook <dcook@9netweb.com>
> >>>>>>> Cc: discuss-list@opensrs.org
> >>>>>>> Subject: Re: www.dotsex.com
> >>>>>>>
> >>>>>>> On Fri, 24 Aug 2001, Duane Cook wrote:
> >>>>>>>
> >>>>>>>> Can someone tell me if this new .sex domain is legimate?
> >>>>>>>> or if it is like the fake domains that new.net is selling?
> >>>>>>>>
> >>>>>>>> www.dotsex.com
> >>>>>>>
> >>>>>>> in short no
> >>>>>>>
> >>>>>>> the long story is here:
> >>>>>>>
> >>>>>>>
> >>>>>>
> >> http://www.dot-god.com/communications/TLD_Networks_Ltd/public_announcement.>
> >>>>> h
> >>>>>> tm> l
> >>>>>>>
> >>>>>>> including links to corporate documents and other fluff.
> >>>>>>>
> >>>>>>> regards
> >>>>>>> joe baptista
> >>>>>>>
> >>>>>>> p.s. one more thing not yet indexed - his affidavit response to WIPO
> >>>>>>> concerning dotsex.com - he lied.
> >>>>>>>
> >>>>>>> he's threatened to sue us - now according to his lawyer he wants to make
> >>>>>>> peace. at this time we have asked for a show of penance. we will see
> >>>>>>> what happens.
> >>>>>>>
> >>>>>>> --
> >>>>>>> The dot.GOD Registry, Limited
> >>>>>>>
> >>>>>>> http://www.dot-god.com/
> >>>>>>>
> >>>>>>>
> >>>>>>
> >>>>>
> >>>>> --
> >>>>> The dot.GOD Registry, Limited
> >>>>>
> >>>>> http://www.dot-god.com/
> >>>>>
> >>>>>
> >>>>
> >>>
> >>> --
> >>> The dot.GOD Registry, Limited
> >>>
> >>> http://www.dot-god.com/
> >>>
> >>>
> >>
> >
> > --
> > The dot.GOD Registry, Limited
> >
> > http://www.dot-god.com/
> >
> >
>
-- The dot.GOD Registry, Limited
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:36:38 EDT