Open Root Server Confederation (ORSC)                      M. Schneiders
Root Fix Series                                                 Bijt.net
Category: Best Current Practice                                 S. Higgs
draft-higgs-schneiders-root-fix-us-00.txt      Higgs Communications, LLC
                                                              March 2002

                       Root Fix for the .US Top Level Domain


1. Status of this Memo

This document is an Internet-Draft and is subject to all provisions of
Section 10 of RFC2026 except that the right to produce derivative works is
not granted.

Internet-Drafts are working documents of the Internet Engineering Task Force
(IETF), its areas, and its working groups. Note that other groups may also
distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and
may be updated, replaced, or obsoleted by other documents at any time.  It
is inappropriate to use Internet-Drafts as reference material or to cite
them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html


2. Abstract

This document describes the "Root Fix for the .US Top Level Domain". Root
Fix is a series of actions taken by the Open Root Server Confederation
(ORSC) to prevent the destabilization of the DNS due to ICANN's introduction
of colliding top level domains. This document describes the actions taken by
the ORSC to remedy the collateral damage that has been directly caused to
the .US top level domain in non-ICANN root systems.


3. Introduction

The reader is probably confused as to how the .US top level domain (a
country code top level domain or ccTLD) has anything at all to do with
ICANN's introduction of generic top level domains (gTLDs).

Here are the chronological order of the events which created this specific
situation:

    1) Jon Postel of the IANA solicits applications for new TLDs
    2) .BIZ TLD among submissions with working registry
    3) IAHC/gTLD-MoU created
    4) US Government intervenes shutting down gTLD-MoU
    5) ICANN formed
    6) .BIZ TLD re-delegated to Atlantic Root Network
    7) ICANN solicits applications for new TLDs
    8) ICANN delegates duplicate .BIZ to NeuLevel (formerly JVTeam, LLC)
    9) ICANN re-delegates .US to NeuStar, Inc
   10) NeuStar, Inc. move all .US name server records to  duplicate .BIZ zone

If you pay careful attention you will notice:

    a) Internet community consensus is divided on which .BIZ to support
    b) Most non-ICANN root systems do not recognize ICANN's .BIZ
    c) Neulevel is a subsiduary of Neustar, Inc. indicating a high
       probability of collusion


4. The Problem In A Nutshell

As the reader can see from the output of dig, the nameserver records for .US
within the ICANN root are currently as follows:

$dig us. ns @b.root-servers.net

;; ANSWER SECTION:
us.			2D IN NS	B.GTLD.BIZ.
us.			2D IN NS	C.GTLD.BIZ.
us.			2D IN NS	A.GTLD.BIZ.

;; ADDITIONAL SECTION:
B.GTLD.BIZ.		2D IN A		209.173.57.162
C.GTLD.BIZ.		2D IN A		209.173.60.65
A.GTLD.BIZ.		2D IN A		209.173.53.162

Most of the non-ICANN root systems do not recognize the .BIZ top level
domain that ICANN has delegated to NeuLevel. As a result of NeuLevel moving
the .US name servers under the .BIZ top level domain, the .US top level
domain disappears from most non-ICANN root systems.

Therefore this "Root Fix" is required to ensure the continued operation of
the .US top level domain in non-ICANN root systems.


4. The Fix

Bijt.net and ORSC each created three new domain names specifically to
address this problem:

Bijt.net:

       ROOTFIX.COM
       ROOTFIX.NET
       ROOTFIX.ORG

ORSC:

       US-NS1.ORSC
       US-NS2.ORSC
       US-NS3.ORSC

These domain names are used for patching instabilities to the DNS which have
been directly or indirectly caused by ICANN's actions. These domains are
used within the non-ICANN root systems for the .US name server records in
lieu of the un-resolvable GTLD.BIZ domain names.

This is the current definition of .US in the ORSC root:

$dig us. ns @a.root-servers.orsc

;; AUTHORITY SECTION:
us.                     2D IN NS        us-ns1.orsc.
us.                     2D IN NS        us-ns2.orsc.
us.                     2D IN NS        us-ns3.orsc.
us.                     2D IN NS        US1.ROOTFIX.net.
us.                     2D IN NS        US2.ROOTFIX.com.
us.                     2D IN NS        US3.ROOTFIX.org.

;; ADDITIONAL SECTION:
us-ns1.orsc.            2D IN A         209.173.57.162
us-ns2.orsc.            2D IN A         209.173.60.65
us-ns3.orsc.            2D IN A         209.173.53.162
US1.ROOTFIX.net.        2D IN A         209.173.53.162
US2.ROOTFIX.com.        2D IN A         209.173.57.162
US3.ROOTFIX.org.        2D IN A         209.173.60.65

As you can see these names server records refer to exactly the same IP
numbers of the .US name servers in the ICANN root. The benefit of having two
sets of name server records for this task (.COM/.NET/.ORG ICANN root set and
.ORSC non-ICANN root set) allows us to monitor for root zone pollution
(spillover) between the ICANN and non-ICANN root systems. This is an equally
serious issue which this document does not address.


5. Security Considerations

This document assigns all stability issues under the security heading. There
are two issues regarding stability to the DNS covered by this document:

   1) The introduction of a colliding top level domain by ICANN
   2) The loss of the .US top level domain as a result

This document only addresses the loss of the .US top level domain to non-
ICANN root systems.

Critical resources within the .US domain, including US federal, state, and
local government agencies, as well as schools and other organizations have
been put at very high risk, affecting transactions between .US domains
across areas of the internet using non-ICANN root systems.

Without intervention, this situation could conceivably escalate into life
threatening situations such as US government e-commerce services that no
longer worked for their communities and emergency services that lose vital
email messaging/paging capabilities to end user cell phones/pagers.

Intervention (in the form of this Root Fix by the ORSC) was required in
order to re-stabilize the DNS.


6. Authors Comments

It is the opinion of the authors that the .US top level domain name servers
were moved in a deliberate manner in such a way as to break and fragment the
DNS, above and beyond the simple introduction of a colliding TLD. It appears
to be a deliberate DNS deployment design to put anyone not supporting the
ICANN root "out of business".

Prior to the re-delegation to NeuStar, Inc., the .US top level domain was
supported by 7 widely distributed name servers. Since the re-delegation, the
.US top level domain has traded those name servers in for 3 vanity-domain
name servers on 2 networks. This is in total contrast to the expansion of
sub-root name service, such as the deployment of GTLD-SERVERS.NET. More name
servers are better since they distribute the load and are more robust and
reliable because of increased redundancy. What rational reason could
NeuStar, Inc. have unless they were trying to make a specific market-
positioning point?

Because of the closely-held relationship between ICANN, Neustar and
NeuLevel, it is entirely possible that there are anti-trust issues here. If
this situation doesn't actually break the law, it certainly breaks the
spirit and intent of the law. Not to mention it puts critical resources
within the .US domain at risk, requiring the intervention of the ORSC in
order to re-stabilize the DNS.

ICANN's job is simply to co-ordinate the DNS alongside various protocol and
IP address assignments. Stuart Lynn, ICANN's president, recently admitted
that ICANN has failed in it's primary mission objectives. As a result, the
ORSC community is currently forced to make fixes and patches to resolve
these problems. No one has died yet, but we're just sitting here waiting for
the law of averages to run out.


7. About The Open Root Server Confederation (ORSC)

ORSC is a group of people with varied backgrounds and interests which we
have collectively found to have a single common focus on helping to resolve
the difficult problems of developing an open cooperative governing process
for the Internet, and specifically for an OPEN ROOT SERVICE CONFEDERATION.
We find that we have a common belief in the power of self organization as it
applies to Internet Governance, and we are openly working toward helping
that self organizing process along.

We have individually contributed to the development of Draft Postel in 1996,
the gTLD-MoU, the US Government Green and White Papers, through individual
public comments to the 1997 NTIA Notice of Inquiry, the formation and
development of ICANN.

ORSC is not here to fragment the DNS. We're here to see it put to work in
the appropriate manner for the larger community. Unfortunately, we are
forced to exist in a parallel space to ICANN because ICANN refuses to
acknowledge our work. We are close enough to be directly attacked by ICANN,
and yet this makes us close enough to fix / re-stabilize the DNS when ICANN,
under it's own admission, fails to meet it's mission objectives.


8. Authors' Addresses

    Marc Schneiders
    Bijt.net
    Treublaan 14
    Zeist, 3705 CZ
    NL

    Simon Higgs
    Higgs Communications, LLC
    P.O. Box 4519
    Sunland
    CA 91041-4519
    USA

End