Discussion at the Internet Governance Forum in Geneva
While travelling home from Geneva, I was thinking quite a lot on the relationship between a ccTLD (registry) and a Country. This because many countries start to talk louder and louder about the responsibilities Countries has on critical infrastructure, or (possibly more important) the management of the critical infrastructure.
Will for example any (none?) of ccTLD operators (servers) sustain a denial of service attack of a scale similar to the attack on the root servers? What can ccTLD operators do to resist the malicious attacks? Should this be discussed?
Many ccTLD (and other TLD) operators can. Many can not. TLD operators can normally withstand an attack better than DNS lower down the DNS hierarchy. I.e. the closer to the root the servers are, the better they can withstand an attack. Of course I generalize, but what I am trying to say is that maybe the community should not be worried about the root servers not being able to provide a service anymore.
For more information about DNS infrastructure, see for example the latest issue of the Internet Protocol Journal.
One thing that worries me is any direct correlation between “the country” and “the ccTLD”. That binding is something that I think ICANN and other countries should be very careful of doing “too fast”. Take .NU for example. What do we know of the potential contractual agreements between the ccTLD manager and the country? Same with .TV, or .TW, or .AX (or .SE for that matter).
It can NOT be the case that the government is responsible for something they do not want to be responsible for, if you see what I mean. We do not know what responsibility they have, or want to have.
And even IF they have that responsibility (or rather, regardless of who has that responsibility) they have to calculate the risk of being attacked, for example using the DNS protocol, and compare that with the cost of being able to withstand the attack.
The person/group that is responsible for the service (the board for a company website for example) must take a conscious decision on what load the website must be able to handle. Given that requirement, the IT staff can calculate a cost to build it, that the board accept. When later an attack arrives, and the site dies, one can directly see whether it was lower than the required load it could handle (and then the site was built the wrong way) or higher than required, and then the board might have taken the wrong decision regarding what the site should handle.
I am as you see nervous over external bodies stating what load a service must be able to handle that someone else is responsible (and pay) for. Anything below the root I think is such a service that “the global community should not decide on”. The local community the TLD serve should make the decision.
To explain and discuss things and tell what attacks exists, so that the board (or country) in the examples above make the correct decisions, absolutely.
To increase cooperation between police etc so that the source of large attacks can be found, absolutely.
To increase legal cooperation so that it is illegal to initiate attacks, absolutely.
But to say what load a ccTLD dns must be able to handle, no, I do not think so.
I also think you should read the blog post of my friend Kurt-Erik Lindqvist (also responsible for i-root) regarding the ddos in Estonia. He comments on an article about the attack in his blog.
What I think IGF can help, where I agree with Kurtis, is to discuss what is actually going on out there, how to cooperate to find the criminals, and how to actually bring them to court.
My experience is that the hardest thing today is not to find the people, it is to bring them to court, and tie what they do to something that actually is illegal according to some legislation.
It is the COOPERATION between technical people, police and legislative bodies, in ALL countries that can be, and should be improved.
And that is where IGF can help.
A lot!