CircleID

Do note there is a technical discussion about it on the OARC public mailing list:

The start of the discussion

I think saying that the stability of the domain name system is down to luck might be pushing the bounds of reality a little. If it were luck we would probably have seen some prolonged large scale dns outages over the past few years don't you think?

In response to Brett Carr:

OK, I'm not locked into the word "luck".

However, it is very fortuitious that, as ICANN continues to drop the ball on internet stability, we have an incredible group of root server operators.

Fir example the root server operators resolved the issue of the 13 server limit by taking the step of deploying anycast.  Barely anyone in ICANN could even spell "anycast".

But the reason I like the word "luck" is that these root server operators are not bound by any legal obligation to do good things or to expend their efforts.

I have no doubt that as individuals they would not do otherwise - as individuals (and the organizations who wrap those individuals) the root server operators have amazing skill, foresight, and abilities.

However, we have long learned that stability is built on instutions not mortal people.

And some of the root server operators, such as those operated directly or indirectly by the US military, have a clear superseding obligation - to protect the USA even if that has ill effects elsewhere.

Quite a while ago I proposed a set of terms that I believe the root server operators ought to obligate themselves, legally, to follow - see the latter part of http://www.cavebear.com/cbblog-archives/000192.html - and which I believe would largely be a promise to continue what they are already doing.

As far as the primary point of my note - which was not about root server operations, but about the size of the root zone - It is my sense that the biggest issue is how much we are willing to risk human and procedural errors.

The root zone today is tiny - compressed it fits into about 20K bytes, smaller than the pretty icons on most web pages.

At that size it is easy to redistribute in case of error.

But say that the root zone grows to the size of .com - 60,000,000 entries.  That's a large file to administer and transfer, and perhaps most importantly to reload when a server restarts.

But we have proof with .com that it is possible to run a zone of that huge size with very good reliability.

ICANN is going around whining that it can't add even a few top level domains - remember ICANN will have its 10th birthday this year.  Yet, when we look at the fact that even if we chop my numbers by 60-fold, i.e. one million TLDs, we see that ICANN could hand 'em out at a rate of 50 every business day and it would still take a 100 years to get to a million TLDs.

In other words, ICANN's stasis is inexcusable and serves only to promote the interests of the intellectual property community and certain large businesses, not to mention the interests of the incumbent TLD registries.  And if one looks, one might notice that those are exactly the primary supporters of the ICANN status quo.

There is also, of course, the question of why ICANN even has the power to act as the gatekeepr who gets to decide who can enter the domain name business (and on what terms) or not.  That smacks of restraint of trade.  And when we brew in the fact that ICANN favors incumbents and excludes the public, and that ICANN is a forum in which domain name products and terms are decided, ICANN is starting to look and smell a lot like a combination in restraint of trade.  Whether it an illegal one is a question that has yet to be asked and answered in every country in which the domain name system is felt, i.e. in every country.