[dns-operations] zdnet blog: ICANN and IANA's domains hijacked by Turkish hacking group

Eric Brunner-Williams brunner at nic-naa.net
Thu Jul 3 00:16:57 UTC 2008

Keith Mitchell wrote:
> It does seem to me rather strange that reliance is placed on a 3-party
> registrar for such critical infrastructure domains. ISTM that for such
> domains, ICANN/IANA ought to be allowed to run a non-resale "internal"
> registrar rather than use an external party. I am straying away from
> operational space here, but this would have the additional merits of not
> showing preference to any particular registrar, and being proof against
> any malicious intent at any such registrar. I think this kind of
> approach is the established practice at various ccTLDs.

None of us (registrars) cares which registrar ICANN picks, this is about 
the same as caring which $1 bill, out of a very large number of $1 bills 
in circulation, is in your wallet.

If you are trying to make a security and stability case, go ahead and 
try. You may end up saying NetSol/VGRS, and overlook the nuisance that 
ICANN was created with the task of transforming a monopoly market into a 
competitive market.

If you are trying to make a failover case, that's more interesting. 
Registrars have failed, and we expect registries will too, so there's 
the business continuity and escrow sets of issues for loss of function 
and loss of control, respectively, and the actual transfer from the 
expiring registrar or registry to the gaining registrar or registry.

A reference to "various ccTLDs" could mean a manually operated system 
with limited backups to VGRS/Afilias/NeuStar operational art for owned 
properties to AFNIC or DENIC practice. It is a wide, to the point of 
meaninglessness, range to attempt a policy or operational practice 

Seriously, if failover interests you its a wicked small club, Pat Jones, 
me and ... possibly you. But ICANN should stick to Alpo. Canned horse 
with rice is good for canines.


More information about the dns-operations mailing list