DNSO Archives: [ga]

ICANN/DNSO DNSO Mailling lists archives

[ga]

<<< Chronological Index >>> <<< Thread Index >>>

Re: [ga] Mr. Qaddafi Salutes Verisign

To: ga@dnso.org
Subject: Re: [ga] Mr. Qaddafi Salutes Verisign
From: Sandy Harris <sandy@storm.ca>
Date: Sat, 17 Nov 2001 18:21:01 -0500
References: <CGENKKGICDNGLJHOFENAGEKGCAAA.john@johnberryhill.com>
Sender: owner-ga@dnso.org

John Berryhill wrote:

> Look, it's very simple.  Companies in the US must obey the law.  When the
> law says that it is illegal to do business with certain entities or with any
> entities in certain countries, then US companies must cease to do such
> business.  There really should be nothing earth-shattering about that.

Yes, that much of it is simple. Dealing with it simple, too. If you think
Verisign or some other US company are breaking the law, then you should
bring the matter to someone's attention. The only question is whether to
call the company first or just turn them in. 

However, there are a bunch of complications.

For one thing, some of the anti-terrorism laws might eventually be ruled
unconstitutional in the US. Certainly organisations like the ACLU are
asking some hard questions:

http://www.aclu.org/news/2001/n111401b.html
http://www.aclu.org/news/2001/n092401a.html 

Also, booting certain nations off the net might play straight into the
hands of various extremists there. Consider the fact that Taliban banned
the Internet in Afghanistan as "unIslamic".
http://www.dfn.org/focus/afghanistan/internetban.htm

Or the reports of a "Great Firewall of China" designed to censor that
nation's net access:
http://www.wired.com/wired/archive/5.06/china.html

Or this account of the role of a computer network (UUCP rather than
Internet) in the defeat of a Soviet coup attempt:
http://som.csudh.edu/cis/lpress/articles/relcom.htm

There's some sort of trade-off there. Do the forces of Goodness, Right 
and Openness gain more by helping the victims of Benighted Gov'ts to
get access to the net or by blocking it? What do those victims want?

Should we block, for example, www.rawa.net, the Revolutionary Assoc
of Women of Afghanistan?

Should we block Cuba, since the US embargo them? Canada has never
joined that embargo, nor has most of Europe.

Then there's the whole question of the international nature of the net,
and ICANN's mission to run the thing in the interests of its users
worldwide. ICANN is a California corporation, hence obviously subject
to US law. What happens when the mission and US law conflict?

There's some precedent on that. For years, the US and various other
gov'ts have been trying to restrict strong cryptography with export
laws. The two bodies that supervise the IETF (the Internet Engineering
Steering Group and Internet Architecture Board) issued a strong
statement on that. Thanks to Jon Postel's sense of humour, it got
published as RFC 1984:

ftp://ftp.isi.edu/in-notes/rfc1984.txt

    ... various governments have actual or proposed policies on
      access to cryptographic technology ... 

    (a) ... export controls ...
    (b) ... short cryptographic keys ...
    (c) ... keys should be in the hands of the government or ...
    (d) prohibit the use of cryptology ... 

    We believe that such policies are against the interests of 
    consumers and the business community, are largely irrelevant
    to issues of military security, and provide only a marginal
    or illusory benefit to law enforcement agencies, ... 

    The IAB and IESG would like to encourage policies that allow
    ready access to uniform strong cryptographic technology for
    all Internet users in all countries.

Later on, there was a complex debate over whether the IETF should
build support for net.wiretaps into its protocol standards,
mostly on the raven mailing list:
http://www1.ietf.org/mailman/listinfo/raven

Some people there argued that obviously we had to do this because
of CALEA (US Communications Assistance to Law Enforcement Act).
Those people lost the debate. 

This led to another document from the IAB and IESG:
ftp://ftp.isi.edu/in-notes/rfc2804.txt

    The Internet Engineering Task Force (IETF) has been asked to
    take a position on the inclusion into IETF standards-track
    documents of functionality designed to facilitate wiretapping. 

    This memo explains what the IETF thinks the question means,
    why its answer is "no", and what that answer means.

So there are some well-known precedents for the notion that
international standards for the Internet should place the
interests of users above the laws of various nations, in
particular attempting to deliver real security even though
US law attempts to restrict cryptography to stuff the NSA
can easily break.

I'm inclined to think that argument applies to international
standards for domain names. Libya and Iraq, for example,
are recognised by the UN or International Postal Union or
whoever assigns country codes. Hence they should have DNS
service for the corresponding top-level domian.

If Verisign cannot deliver that because of US laws, then
ICANN, as responsible stewards of an international Internet,
should look for a non-US contractor to run the root.
--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html

Follow-Ups:
- Re[2]: [ga] Mr. Qaddafi Salutes Verisign
  - From: William X Walsh <william@wxsoft.info>
- Re: [ga] Mr. Qaddafi Salutes Verisign
  - From: Jeff Williams <jwkckid1@ix.netcom.com>
- RE: [ga] Mr. Qaddafi Salutes Verisign
  - From: "John Berryhill" <john@johnberryhill.com>
- Re: [ga] Mr. Qaddafi Salutes Verisign
  - From: Joanna Lane <jo-uk@rcn.com>

References:
- RE: [ga] Mr. Qaddafi Salutes Verisign
  - From: "John Berryhill" <john@johnberryhill.com>

<<< Chronological Index >>> <<< Thread Index >>>