There is currently a discussion going on between Milton Mueller and Patrik Fältström over the deployment of DNSSEC on the root servers. I think the discussion exemplifies the difficult relation between those who develop standards and those who use them.
On the one hand, Milton points out that the way the signing of the root zone will be done will have a great influence on the subjective trust people and nation states will have towards the system. On the other hand, Patrik states that “DNSSEC is just digital signatures on records in this database”. Both are right, of course, but they do not speak the same language. It is just like saying that a spam e-mail which is RFC (2)822 compliant is a legitimate one. From a technical point of view, it certainly is. From a social point of view, it is still an annoyance.
There is this often expressed feeling in the engineering community that technological choices are politically neutral by design. Nothing is further away from truth, as has been demonstrated by people like Lawrence Lessig. The development of standards is done exclusively by companies. Notice, for example, that those attending IETF meetings do it on company time and budget. The actual users are absent. The logic that says that IETF meetings are open to all is flawed by the fact that an average IETF meeting will cost you around $1500 to attend. Hence, there is an economic barrier to the participation of individuals. Additionally, the influence you might have on a process is proportional to the consideration you get from your peers. Newcomers need quite some time to get accepted by the community, especially if they are not engineers.
Companies are driven by the market. If there is no potential market, there is no need to develop a new standard. A good example of this is the fact that you cannot yet send an e-mail to, say, brønshøj@københavn.dk or addresses in native Cyrillic, Arabic or Asian scripts. Pretty soon, the right hand side will be dealt with, thanks to IDNs. But the use of non-ASCII character sets on the left hand side is still a not standardized. The EAI working group in the IETF has only been launched a few months ago. Why did it take so long ? I guess that the need for this has only appeared in recent years. As long as the Internet was mainly used by the American / Western European world, being restricted to 7 bit ASCII was not much of an annoyance, if at all. Now that the user base has enlarged to include countries that do not use the latin alphabet, it becomes a hot topic. However, it will take years before this can be implemented in the software we use every day. Notice, for example, that most operating systems today still require the user name to be in 7 bit ASCII.
Similar issues exist with RIRs, where again the actual IP address users are absent for the same set of reasons detailed above. However, which IPv6 prefix is going to be allocated by your ISP to your home network in a few years from now is an important one. Yet, those who are active in policy development at the RIR level are those very ISPs. The policy will be related to their commercial interest, which may – or may not – match the user’s interests.
End users are represented in ICANN. I am the first to admit that ALAC may be far from perfect, but it has the merit to exist and we can improve it. Isn’t time for a similar concept for the IETF, the RIRs and all those bodies that have a crucial effect on our user experience while using the Internet ? Being closer to user needs, without the filtering of the marketing department, may help prioritize the future developments.
Recent Comments