Category Archives: DNS

The Punt VL fallacy

Posted by Patrick Vande Walle on 7 September 2007 None comments

There is a some parallel that can be drawn between the current dispute on the .EH TLD for Western Sahara and the .VL application. In both cases, the process is being used for political purposes to serve a goal for autonomy or independence. I am not taking sides on the .EH issue, as I do not feel I have enough information to have a meaningful opinion. On .VL however, I think that the 20+ years I spent in Flanders can give me enough background.

In the case of the .VL, there is a public image, posted in English on the ICANN web site, and a quite different one posted in Dutch on the proponents web sites. Some translated extracts, for the benefit of those who do not understand Dutch:

Why a .VL, according their web site:

It is all about being recognized, mostly by the international community. Flanders does have foreign affairs responsibilities, but try to explain simply to Israël that Belgium is made of regions and communities and that you are the Minister of foreign affairs for Flanders and not for Belgium. A specific TLD would enhance the visibility of Flanders in the world, and this can only be positive.

It is clear here that this is about political visibility and not about spreading a culture, like .CAT does. Indeed, this is well in line with the political agenda of the proponents, the Jonge Vlamingen group, which states on their web site (potentially racist humor deleted from the text):

Jonge Vlamingen wishes to promote the separation of Flanders (ed: from Belgium)… We want to build a network where young Flemings who choose for Flemish independence can meet.

As has been explained in a previous post on the subject, other organizations supporting the project have a similar agenda.

My advice to the ICANN community, should this proposal be formalized, is to be aware of the fact they would actually be used to serve a political agenda, rather than a cultural one. The issue of regional autonomy (and now independence) has been on the Belgian political agenda for nearly a century. This is a very sensitive and complicated matter. ICANN would be well inspired not to join the mess.

Flemish extreme right groups want a Geo TLD

Posted by Patrick Vande Walle on 19 August 2007 2 comments

Now that Catalonia got its .cat domain, other regions are coming up with similar requests. One of those is lead by a group of associations from the Belgian Flanders region, claiming a .VL top level domain. The Jonge Vlamingen association is a nationalist group wishing to make Flanders independent from Belgium.

However, among these associations are also several hate groups. Voorpost is well known for its pro-nazi sympathies and propaganda. The Nationalistische Studenten Vereniging is an extreme right student group. One of its former members was Filip Dewinter, the current president of the extrem right party Vlaams Belang (formerly Vlaams Blok). Those groups are known for their racist positions in Flanders (against the Turkish and Maghrebian minorities) and in Belgium in general for their intolerance against anyone not Flemish.

As for the Taal Aktie Komitee, I can testify I have been physically molested by some of its members because I dared speaking French to some of my friends in a street in Flanders. It was 25 years ago, but my back is still hurting on wet days because of that.

DomainNews.com reports that the Flemish group will team up with the applicants for .cym, .bzh and .gal GeoTLDs. A word of caution to the Welsh, Breton and Galician groups: watch out who you are teaming up with. Do you want racists and revisionists in your group ? If not, you should better think twice before teaming up with the current .VL team, unless they distance themselves from those embarrassing supporters. Actually, they do. Sort of. However, the disclaimer is quite vague:

“Het vermelden van en linken naar deze organisaties en hun website betekent niet dat Jonge Vlamingen en PUNT VL de standpunten van deze organisaties onderschrijven of akkoord zijn met de inhoud van hun website”.

The references and links to these organizations and their web site does not mean that Jonge Vlamingen en PUNT VL supports the positions of those organizations or agree to the contents of their web site.

So, it is not clear however which views they support and which they do not.

Update 20 August: The proponents of .VL point out on their web site (in Dutch) that French Réunion (.re), Guadeloupe (.gp), Martinique (.mq) and French Guyana (.gf) have their own ccTLD. However, none of these French departments or territories use this for the political purposes of separating themselves from their country, and their ccTLD is administered by AFNIC. They also point out to .EU.

They seem to ignore that all these entities have their own ISO-3166 codes. Flanders does not. And unless they convince the UN Statistics Division they are a sufficiently autonomous territory from an economical point of view or an independent state, the VL ISO code is not going to assigned to Flanders any time soon. With regard to ICANN’s policy on new TLDs, I think it would be dangerous for ICANN to assign two letter TLDs which could conflict with later updates to the ISO-3166 list.

The inextricable issue of Internationalized Domain Names

Posted by Patrick Vande Walle on 4 July 2007 5 comments

ICANN has embarked on the IDN boat at the same time it wants to introduce DNSSEC and new gTLDs. This promises lots of fun. Or grey hair, depending how you look at it.

First is the issue of country code IDNs. The ISO-3166 table, based on two letter codes, is a western convention. Some cultures do not use abbreviations or acronyms. Some do not use a character-based alphabet, but a syllabic one. Hence, the next logical step would be to represent the full country name in local script, rather than a transliteration of the ISO string. As an example, Morocco may want to use المَغْرِب (or xn--mgbc0a9azcg7dsq in punycode) , in parallel with .ma. This is a simple case: Morocco has only one official language.

Imagine the case of India, where there are 1.652 languages, of which 24 are spoken by more than one million people. All have a distinct alphabet. Further, the Constitution of India does not impose an official language. Are we going to have at least 24 new IDN TLDs for India ? This would make political sense, but would be a real burden to manage at the root level, especially if we end up with 1.652 of them, just for India. Obviously, other countries which use several languages may want to do the same.

When it comes to gTLDs, the situation becomes even more interesting. Take, for example, .ORG. ORG stands for “not-for-profit organization”. How does that translate in IDN TLDs under different languages ? If we simply transliterate the “org” string in local script, we might end up with a meaningless name or – more unfortunate – an offensive word in the local language.
On the other hand, there may be several ways to translate the NFP organization concept in a specific language. As an example, if I had to translate the NFP organization concept in French, it would be association à but non lucratif in France, but association sans but lucratif in Belgium or association sans but économique in Switzerland.

Yet, it does not look logical that the incumbents gTLD registries could automatically claim to run any IDN TLD which translates more or less the concept of the original string. We should expect those countries which were not offered a piece of the multimillion dollar gTLD cake in previous years to want some money out of the IDN TLDs in their own script. Just imagine how much money could potentially represent a .com TLD in mandarin or arabic.

ICANN will have a hard time desiging a policy for IDNs. The technical challenges are actually small, compared to the economical, political and cultural issues surrounding those internationalized domain names.

This host is DNSSEC enabled

Posted by Patrick Vande Walle on 4 June 2007 None comments

We keep hearing in the ICANN and IETF crowds that DNSSEC is unavoidable and that it is the way to go. These are the same crowds saying that we should move to – or at least support – IPv6. In both cases, the prophets are not always those who actually do it. While www.isoc.org and www.ietf.org are running on a dual IPv4/IPv6 stack, much of the companies working within the IETF do not run dual stack web sites: Cisco, Microsoft, IBM, Sun, etc.

So, rather than telling others that they should run DNSSEC, I figured I should do my homework and run DNSSEC myself, without waiting for my TLDs to get signed.

The job is done, but it was no easy task. If you are looking for a simple button on a GUI to sign your DNS zones, move on. Currently, this is not for the faint of heart, which might explain the slow adoption path. Bind does include all the tools, but you first have to figure out how the damn thing works and use the right parameters.

I found a tool which made my life much easier. It is called ZKT. Once you have configured the header files to your environment and adapted your file directory structure to the requisites of ZKT, you can actually sign all your zones in one pass. It will call the necessary Bind tools with the right parameters. I have created a cron job that will periodically check which signatures need updating and change the zone files accordingly. Highly recommended.

Vint in International Herald Tribune on IDNs

Posted by Patrick Vande Walle on 30 October 2006 1 comments

According to this article in IHT , those who want deployment of IDNs now are “political gambits”. Cerf said that the technical side is not yet ready and thus the deployment of IDNs should be done very carefully.

I agree to the technical aspects. However, the next question is of course: “when will it be ready for deployment ?”. Can the ICANN community commit to a deadline it will meet ? If not, ICANN should not blame those “political gambits” who wish to go forward because they just cannot afford to wait anymore.

There is a bad habit in the ICANN community that it should set the agenda and the rest of the world should just follow. Trouble is of course that the “rest of the world” represents several billion people, most of them ignoring the very existence of ICANN and even more its legitimity to set the world agenda. ICANN sounds more and more like Major Tom in David Bowie’s Space Oddity: “Ground Control to Major Tom, your circuit’s dead, there’s something wrong. Can you hear me Major Tom ?”

This post has also been featured on CircleID , where most of the discussion will take place, I guess