Yup, got that. I was pointing out the official docs as part of the learning
process. :-)
When RealNames was launched in the US a few years ago, they allowed for
non-compliant TLD's. Basically, they sold the rights to companies who would
buy them.
https://en.wikipedia.org/wiki/RealNames
To make this work, the DNS resolvers that would use those networks would
resolve only to the local root server. In many of the attempts to do this
(RealNames and New.Net) relied on the non-RFC compliant Microsoft Network DNS
version to hijack the DNS requests somehow. The controversy around the
companies was lost in the political nature that the Internet created, and as
the alternative roots ran out of money, they turned to ad sales shortly before
the demise of the companies. Its noteworthy that a few of the TLDs proposed by
RealNames are now mainstream.
I think from a national level, having a 'local' root server for philippine
based computers would help us understand our national information technology
needs.
Another aspect of this would be to set up our own PKS certificate authority --
this would help, specially in areas of national security concerns where the
root CA is only made available to 'authorized agencies'. CAs can be used for
signing as well as encrypting -- since we would be in control of the CA
(instead of say a foreign company) the chance that the root cert can be
subpoena'd by a foreign agency is much lower.
If we set up the CA for IPSEC signing, the certs can also be used in such a way
that visas are used for travel. If you have a signed cert, you can traverse
our network ;-)
From: Roberto Verzola <[email protected]>
To: Philippine Linux Users' Group (PLUG) Technical Discussion List
<[email protected]>
Cc: Anthony Florendo <[email protected]>
Sent: Thursday, July 7, 2016 3:48 PM
Subject: Re: [plug] your own root server, anyone?
By the way, this is the Louis Pouzin I'm talking about:
http://www.techweekeurope.co.uk/workspace/open-root-and-the-grandfather-of-the-internet-97497
Obet
On Fri, 8 Jul 2016 06:13:49 +0800
Roberto Verzola <[email protected]> wrote:
> Hi Anthony,
>
> The sites you gave are about the official Internet root servers. I'm talking
> about alternatives to these servers. In the same way that Linux/GNU and FOSS
> are declarations of independence from Microsoft monopoly and control and from
> commercial copyrighted software in general, the open root idea is a
> declaration of independence from the ICANN monopoly in assigning TLDs.
>
> Pls check www.open-root.eu and www.orsn.org.
>
> I don't really know a lot about the details. But I know that the open root
> concept is also about freedom.
>
> By the way, I think setting up such a root might require a static IP address
> for the servers, which the bigger companies may have but I don't.
>
> Greetings to all,
>
> Obet
>
>
> On Thu, 7 Jul 2016 16:38:52 +0000 (UTC)
> Anthony Florendo <[email protected]> wrote:
>
> >
> >
> >
> > Hi Roberto,
> > The IANA site provides some information around how to set up a root
> > server.IANA — Domain Name Services
> >
> >
> > |
> > |
> > |
> > | | |
> >
> > |
> >
> > |
> > |
> > | |
> > IANA — Domain Name Services
> > | |
> >
> > |
> >
> > |
> >
> >
> >
> > There is also here:
> > http://www.root-servers.org/
> >
> > From my experience, many ISPs here in the US just run a DNS caching service
> > and sometimes just ignores the TTL. Due to the sheer number of requests to
> > DNS serves maintained by companies like AT&T, Verizon or Earthlink, the
> > servers (or clusters) quickly become populated with almost all the servers
> > that their customers visit.
> > It seems they adjust the TTL to 30 mins to 4 hours, to reduce the outbound
> > UDP calls required for the update
> > There were also some attempts in the past to break away from the approved
> > TLDs -- there were a couple of companies that set up their own root servers
> > and sold "realnames" instead of the usual TLD.
> >
> >
> >
> >
> >
> > From: Roberto Verzola <[email protected]>
> > To: [email protected]
> > Cc: Philippine Linux Users' Group (PLUG) Technical Discussion List
> > <[email protected]>; Michael Tinsay <[email protected]>
> > Sent: Tuesday, July 5, 2016 5:27 PM
> > Subject: Re: [plug] your own root server, anyone?
> >
> > Hi Mike,
> >
> > I'm only asking for interest in joining a learning process, not really
> > about any commitment to set up a root server.
> >
> > And for further clarification: I'm not talking of DNS servers for
> > subdomains, which a big firm might want to do. I'm talking of alternatives
> > to the ICANN root server. At least two already exist that I know of, the
> > OpenRoot initiative maintains one, and China does too, I am told.
> >
> > Greetings to all,
> >
> > Obet
> >
> >
> > On Mon, 4 Jul 2016 08:26:04 +0000 (UTC)
> > Michael Tinsay <[email protected]> wrote:
> >
> > > Setting up a root server and operating one, while it goes hand in hand,
> > > are two different matters, IMO. At the very least, Obet is inviting us
> > > for the former. I am interested, but am on the fence about participating
> > > because I'm also thinking of the latter, as it will, for me, justify
> > > learning the former. Setting up a root DNS server behind the firewall,
> > > as fooler points out, can contribute to the security of the enterprise
> > > network. I'm unsure if I can commit to setup and operate one for my
> > > present employer. Hence, sitting on the fence for now.
> > >
> > > From: GMDumlao <[email protected]>
> > > To: Philippine Linux Users' Group (PLUG) Technical Discussion List
> > ><[email protected]>
> > > Sent: Sunday, 3 July 2016, 20:10
> > > Subject: Re: [plug] your own root server, anyone?
> > >
> > > Of important consideration here are the logistics and business continuity
> > > of high availability servers for the purpose. Root server - therefore
> > > implying the need for those qualities - lacking those, a root server it
> > > ain't.
> > >
> > > Glenn
> > >
> > > On Saturday, 2 July 2016, Roberto Verzola <[email protected]> wrote:
> > > > Hi fooler,
> > > >
> > > > It is good for me, for all kinds of reasons. And I will leave it to
> > > > people to decide if it will be good for them, for whatever reason. If
> > > > not, they can simply not join. And probably we will also realize what
> > > > other reasons it is good for, after we learn how to do it.
> > > >
> > > > Obet
> > > >
> > > > On Fri, 1 Jul 2016 22:47:53 -0400
> > > > fooler mail <[email protected]> wrote:
> > > >
> > > >> On Fri, Jul 1, 2016 at 10:28 PM, Michael Tinsay <[email protected]>
> > > >> wrote:
> > > >>
> > > >> > Aside from the learning experience one gets in setting up a DNS root
> > > >> > server, what would it be good for?
> > > >> >
> > > >>
> > > >> according in their faq
> > > >>
> > > >> https://www.orsn.org/en/faq/
> > > >>
> > > >> security against manipulation..
> > > >>
> > > >> fooler.
> > > >
> > > >
> > > > --
> > > > Roberto Verzola <[email protected]>
> > > > _________________________________________________
> > > > Philippine Linux Users' Group (PLUG) Mailing List
> > > > http://lists.linux.org.ph/mailman/listinfo/plug
> > > > Searchable Archives: http://archives.free.net.ph
> > > >
> > > _________________________________________________
> > > Philippine Linux Users' Group (PLUG) Mailing List
> > > http://lists.linux.org.ph/mailman/listinfo/plug
> > > Searchable Archives: http://archives.free.net.ph
> > >
> > >
> >
> >
> > --
> > Roberto Verzola <[email protected]>
> > _________________________________________________
> > Philippine Linux Users' Group (PLUG) Mailing List
> > http://lists.linux.org.ph/mailman/listinfo/plug
> > Searchable Archives: http://archives.free.net.ph
> >
> >
> >
> >
>
>
> --
> Roberto Verzola <[email protected]>
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> http://lists.linux.org.ph/mailman/listinfo/plug
> Searchable Archives: http://archives.free.net.ph
--
Roberto Verzola <[email protected]>
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
