you need to get over yourself ... who says I've dived into technical details yet? what I've posted is high level info ..
there are 13 root zones or entities like Verisign, University of Marilyn, Ames Research Center (NASA), Cogent, etc. etc. who operate hundreds of root servers. those root servers are all orchestrated by ICANN's concise root database, ALL changes previously had to be approved by the feds. which control has now been handed to ICANN with no oversight.
technically ICANN's agreement expired on Sept 30, 2016 .. so it's my understanding America had the option to take back ICANN's root control. but instead gave it away to ICANN.
No one has said you have. You've only said you "don't like diving in technical details" [sic] to deflect the conversation from the fact that you don't understand what you are discussing beyond political talking points.
An entry in a root zone file tells DNS resolvers who is the authoritative DNS server for a given root zone. The root zone is the TLD. There are not "13 root zones or entities..." like you say in your previous post - there are over 1000 root zones (.com, .net, .org, .xxx, .plumbing, .tv, .ko, etc.). The root zone file is served by a network of server clusters distributed globally. There are 13 hostnames ([a-m].root-servers.net), 12 of which resolve to both IPv4 and IPv6 addresses through A and AAAA entries respectively, and one (managed by US Defense Information Systems Agency) that only resolves to an IPv4 address.
Out of over 500 points-of-presence (POPs), only 125 are located within the United States's jurisdiction. Unlike what you said, the majority of POPs are located outside the United States.
Under NTIA oversight, IANA's requests were mostly rubber stamped for approval. It was an arrangement to shield ICANN from liability in the event that it did choose to take action against a root zone administrator such as the National Rifle Association or Barclay's. The only real changes here are in global politics (should something global and mostly outside the jurisdiction of the United States be under the regulatory control of a United States government agency?) and in ICANN's liability. An exception to the rubber stamp was the opposition to the .xxx TLD.
What I find interesting about all this is that most of the complaints about this de-regulation seems to come from the major party that supposedly supports less government regulation...
again .. you need to get over yourself ... there just might be other folks out there that do understand the architecture for the backbone of the internet. for instance what stated it all was Williams Pipeline when their pig first dragged fiber inside their massive pipelines. without the fiber infrastructure the internet would not be possible.
it used to be not so long ago .. network people was on the bottom of the totem pole .. now with rise of the internet. network people have gained this grandiose about themselves
get over it ... I predict people working cloud infrastructure will be the next ones thinking they are god's gift to technology.you seem to have conveniently left out a few details above .. like how IANN is owned by ICANN and how the de-centralized the control structure of the internet was designed. with ONE exception which is ICANN's control of the root database that ALL root servers must use to coordinate traffic. Now that ICANN is firmly in charge of said root database without the Fed's oversight should decide to say ... support a regime change by say changing root sittings at a strategic time to support whatever.
here's an example of how core businesses and a tiny number of extremely wealthy owners can coordinate a massive blackout of the internet to suit a very much political move .. which is to make sure Trump doesn't get into office at any costs.
Trump doesn't owe anyone and will bring changes that will bring down costs for regular folks. look at what's happened to drug costs .. the same thing has happened to ALL core businesses with monopoly/duopoly market share. look no further than the costs for internet access .. skyrocketing while actual costs to deliver broadband has nose-dived and keeps on going down and down. (fiber multiplexing by using different wavelengths compounded by greatly extending range before needing a repeater, etc. etc. etc.)
Interesting Coincidence – U.S. Internet Disruption Maps During WikiLeaks Presser…
Posted on October 4, 2016 by sundance
There was a great deal of anticipatory interest overnight in a press conference held by WikiLeaks and Julian Assange. Numerous alternative media sources hinted at a potentially damaging release of information that might impact the U.S. election.
However, the WikiLeaks presser was schedule for 4:00am East Coast U.S. time, 10:00am in Berlin Germany. U.S. media were not covering the press release, however it was being streamed live over the internet. Coincidentally, at the same time the WikiLeaks press conference was taking place, there were widespread internet disruptions amid major U.S. corporate internet service providers:
NBC / Comcast / Xfinity outages in the major population centers on both coasts.
…and Time Warner disruptions were centered in New York City, Los Angeles and the state of North Carolina:
Amazingly at 5:13am EDT (USA) / 11:13am (Berlin) Julian Assange announced there would NOT be a specific release of anything related to Hillary Clinton at this event, and all of a sudden the outage issues cleared right up.
Check out the Outage Difference for NBC/Comcast/Xfinity:
Left 4:20 am EDT – Right 5:15am EDT
Last edited:
ICANN is still an American organization. Do you think they're somehow immune to US law now?
We still have oversight as part of a multi stakeholder model. The accountability provisions of the handoff maintain the advisory role of governments within ICANN, and through bylaw changes, ensure that a government or a group of governments cannot capture or exercise undue influence over the IANA functions.
This post brought to you by the internet backbone that was formerly government controlled and was given away to private organizations.
We still have oversight as part of a multi stakeholder model. The accountability provisions of the handoff maintain the advisory role of governments within ICANN, and through bylaw changes, ensure that a government or a group of governments cannot capture or exercise undue influence over the IANA functions.
This post brought to you by the internet backbone that was formerly government controlled and was given away to private organizations.
close but not accurate .. our government previously had oversight over the single most important component that cannot be decentralized. which is the ICANN root database that all root servers use. internet infrastructure design was purposely decentralized for a host of reasons, hence why without hierarchical order, it would all quickly fall into chaos.
when ICANN's agreement expired on Sept 30, 2016 .. America had an opening for several options which included keeping oversight control over ICANN. instead we gave away to a private entity with no oversight. ICANN could makes changes to favor say a political agenda without most of the world even knowing what they are up to.
fact is the giveaway has already taken place .. unlikely control can ever be taken back .. a HUGE mistake has been made!
look no further than the controlled outage across USA exactly when Wilkileak's data release documenting Hillary's crimes was suppose to take place ... coincidence? I think not!
=======
Wikileaks has a perfect record for legitimate leaks. This is as high of credibility for their authenticity as you can get for now. Also, if Wikileaks missed on this one, it would destroy their credibility. Highly unlikely this hasn't been in the works for a while. Assuming this is all true, observe their strategy.
- Allude for many weeks to new revelations that will "end Hillary."
- Advertise a big announcement on Wikileaks birthday. The anti-Hillary people, and those addicted to these sensitive leaks of all types, light up with activity.
- During the big announcement, no leaks are revealed. The right go into leak withdrawal, and pro-Hillary channels that were previously very quiet on the leaks (to the point of ignoring or even suppressing it) go into gloat mode over it. Suddenly everyone on the left is talking about the leaks that didn't happen.
- Hours later, Guccifer 2.0 announces he has hacked the Clinton Foundation. However the leaked documents look like they could have come from other organizations. There is nothing provided that specifically ties it to the Clinton Foundation. All channels are buzzing now. The anti-Hillary ecstatic that they could be real, the pro-Hillary expressing their assurance that these don't look like genuine Clinton Foundation leaks. But everyone is talking about it.
- Hours later, Guccifer 2.0 assures us that the files are from other sources, but promises there are the from the Clinton Foundation and more is to come.
- Wikileaks then confirms the leaks to be authentic. During the time that everyone is talking about them.
https://www.reddit.com/r/The_Donald...he_top_wikileaks_drops_all_860mb_of_guccifer/
Last edited:
@_CY_ - I did not leave out that IANA is a part of ICANN. Also, root servers are not used to "coordinate traffic". They are simply a DNS service that only serves up DNS entries for the root zone level. Compared to other DNS services, they are rarely queried. Their only function is to say who is/are the authoritative nameserver(s) for a given root zone. Because of DNS caching by DNS services and the hierarchical structure of DNS services, your computer will rarely (if ever) query a root server. It will probably not even query an authoritative nameserver.
Here is an example of a root zone query (in particular, the root zone administered by the National Rifle Association):
That 172800 tells anyone querying for this entry that the entry should be cached for 48 hours. But that doesn't really matter to you, because your computer won't query it. (I'm going to change the root zone in use now to barclays simply because I don't know of any domains in the nra root zone.)
Let's say you want to visit home.barclays. If you are a normal Internet user, you will probably be using DHCP with your ISP and using the DNS servers they provide. We'll assume the record you are looking for has not been cached, and that your ISP doesn't use a hierarchical structure for their DNS (though most do). So basically, under this scenario, you are the first person to query a given domain name - the absolute closest you will get to needing to ask for information on a root zone.
Your computer will first query your ISP's provided DNS for a home.barclays entry. First their DNS will check it's entries for home.barclays. If that is not found, it will check for barclays (the root zone). Only at that point will it actually go out and ask a root server for the entry for barclays, and then it will cache that entry for 48 hours (172800 seconds). The response it gets back will be something like:
After this, your ISP's DNS will then query one or more of the root zone authoritative nameservers returned. It will ask if an entry exists for home.barclays. However, at this level, A/AAAA records are generally not returned - just NS records.
The DNS server will then cache the NS entry for home.barclays for one hour (3600 seconds). It will then query one or more of those NS servers returned for home.barclays. (In the event that you and your ISP had no entries for the com root zone, the process would be repeated in this case because the NS records point to ns[2,3,7].barcap.com.)
And once again, this result will be cached for one hour by any DNS throughout the chain. However, this one provides the A record necessary for your computer to say it's destination. Determining which route to take between your computer and the destination is outside the scope of this discussion, but is currently done without any governmental regulatory oversight.
Here is an example of a root zone query (in particular, the root zone administered by the National Rifle Association):
Code:
0.18 [NORMAL] veggiemeat@caol-ila:~
$ dig @a.root-servers.net nra
; <<>> DiG 9.10.3-P4-Debian <<>> @a.root-servers.net nra
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10971
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 9
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;nra. IN A
;; AUTHORITY SECTION:
nra. 172800 IN NS a2.nic.nra.
nra. 172800 IN NS b0.nic.nra.
nra. 172800 IN NS c0.nic.nra.
nra. 172800 IN NS a0.nic.nra.
;; ADDITIONAL SECTION:
a2.nic.nra. 172800 IN A 65.22.243.25
a2.nic.nra. 172800 IN AAAA 2a01:8840:ed::25
b0.nic.nra. 172800 IN A 65.22.241.25
b0.nic.nra. 172800 IN AAAA 2a01:8840:eb::25
c0.nic.nra. 172800 IN A 65.22.242.25
c0.nic.nra. 172800 IN AAAA 2a01:8840:ec::25
a0.nic.nra. 172800 IN A 65.22.240.25
a0.nic.nra. 172800 IN AAAA 2a01:8840:ea::25
;; Query time: 55 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Wed Oct 05 12:57:09 CDT 2016
;; MSG SIZE rcvd: 280That 172800 tells anyone querying for this entry that the entry should be cached for 48 hours. But that doesn't really matter to you, because your computer won't query it. (I'm going to change the root zone in use now to barclays simply because I don't know of any domains in the nra root zone.)
Let's say you want to visit home.barclays. If you are a normal Internet user, you will probably be using DHCP with your ISP and using the DNS servers they provide. We'll assume the record you are looking for has not been cached, and that your ISP doesn't use a hierarchical structure for their DNS (though most do). So basically, under this scenario, you are the first person to query a given domain name - the absolute closest you will get to needing to ask for information on a root zone.
Your computer will first query your ISP's provided DNS for a home.barclays entry. First their DNS will check it's entries for home.barclays. If that is not found, it will check for barclays (the root zone). Only at that point will it actually go out and ask a root server for the entry for barclays, and then it will cache that entry for 48 hours (172800 seconds). The response it gets back will be something like:
Code:
0.27 [NORMAL] veggiemeat@caol-ila:~
$ dig @a.root-servers.net barclays
; <<>> DiG 9.10.3-P4-Debian <<>> @a.root-servers.net barclays
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61207
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 9
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;barclays. IN A
;; AUTHORITY SECTION:
barclays. 172800 IN NS a.nic.barclays.
barclays. 172800 IN NS b.nic.barclays.
barclays. 172800 IN NS c.nic.barclays.
barclays. 172800 IN NS d.nic.barclays.
;; ADDITIONAL SECTION:
a.nic.barclays. 172800 IN A 37.209.192.9
b.nic.barclays. 172800 IN A 37.209.194.9
c.nic.barclays. 172800 IN A 37.209.196.9
d.nic.barclays. 172800 IN A 37.209.198.9
a.nic.barclays. 172800 IN AAAA 2001:dcd:1::9
b.nic.barclays. 172800 IN AAAA 2001:dcd:2::9
c.nic.barclays. 172800 IN AAAA 2001:dcd:3::9
d.nic.barclays. 172800 IN AAAA 2001:dcd:4::9After this, your ISP's DNS will then query one or more of the root zone authoritative nameservers returned. It will ask if an entry exists for home.barclays. However, at this level, A/AAAA records are generally not returned - just NS records.
Code:
0.21 [NORMAL] veggiemeat@caol-ila:~
$ dig @a.nic.barclays home.barclays
; <<>> DiG 9.10.3-P4-Debian <<>> @a.nic.barclays home.barclays
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5817
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;home.barclays. IN A
;; AUTHORITY SECTION:
home.barclays. 3600 IN NS ns7.barcap.com.
home.barclays. 3600 IN NS ns3.barcap.com.
home.barclays. 3600 IN NS ns2.barcap.com.
;; Query time: 77 msec
;; SERVER: 37.209.192.9#53(37.209.192.9)
;; WHEN: Wed Oct 05 13:03:24 CDT 2016
;; MSG SIZE rcvd: 106The DNS server will then cache the NS entry for home.barclays for one hour (3600 seconds). It will then query one or more of those NS servers returned for home.barclays. (In the event that you and your ISP had no entries for the com root zone, the process would be repeated in this case because the NS records point to ns[2,3,7].barcap.com.)
Code:
0.16 [NORMAL] veggiemeat@caol-ila:~
$ dig @ns7.barcap.com home.barclays
; <<>> DiG 9.10.3-P4-Debian <<>> @ns7.barcap.com home.barclays
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52486
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;home.barclays. IN A
;; ANSWER SECTION:
home.barclays. 3600 IN A 147.63.166.62
home.barclays. 3600 IN A 141.228.141.86
;; Query time: 131 msec
;; SERVER: 141.228.129.129#53(141.228.129.129)
;; WHEN: Wed Oct 05 13:18:55 CDT 2016
;; MSG SIZE rcvd: 74And once again, this result will be cached for one hour by any DNS throughout the chain. However, this one provides the A record necessary for your computer to say it's destination. Determining which route to take between your computer and the destination is outside the scope of this discussion, but is currently done without any governmental regulatory oversight.
You think ICANN has no oversight of any kind, which is not close or accurate. Only you, _CY_, could see a transition from single-stakeholder to well-defined multi-stakeholder as "no oversight."
And what I posted about accountability changes, was authored by the NTIA. The same NTIA that you were okay with being the single-stakeholder. The same NTIA that is okay with being a stakeholder in a multi-stakeholder model.
sorry but you are outright wrong and I've already pointed out root severs are only quarried every 40 hours or so ... due to the decentralize nature of the internet for a host of reasons .. without a hierarchical structure in place it would all fall into chaos. what coordinates it all is the data contained in the concise root database that ICANN has been maintaining all these years with ALL changes approved by the feds. now that complete control of the root database is in ICANN's control with NO oversight .. if/when ICANN becomes politicized in favor of BIG money .. only then will the fallacy become apparent to everyone. even then there's a high probability very few will even notice what ICANN is up to.
in case you have not figured it out by now .. I'm capable of diving in deep as necessary to get my point across .. but why? when most folks will have no clue and fall to zzzz reading it ..
now why don't cha respond to why we had massive internet outages in most of the major cities across USA during the scheduled Wilki-leaks release in the middle of the night?
oh but it's not possible for the internet to be politicized?
Last edited:
OK fine .. no further oversight by the folks that financed the backbone of the internet .. the US taxpayers.
no matter how one views it .. ICANN is a private entity with now NO government oversight.
it's a mistake and a giveaway of epic proportions ...
