This Friday a message appeared on the site of the inconspicuous American department that it plans to give up control over the DNS root zone. In other words, the United States will no longer control the entire domain name system, giving control to the community.

Technical part

In DNS, recursive name resolution starts with a dot at the end of a domain name. Most often, it is missed, but, instead of www.grani.ru www.grani.ru should write www.grani.ru. - just like that, with a dot. When a client asks for a recursive DNS server to say what the IP address of the www, the process begins with the definition of reputable servers for the zone ru. And it begins with a request to the "." Zone, the servers of which reply that the RU zone has several authoritative servers, and the process continues recursively until we find out that the A-record for www points to 46.226.110.151, after which the browser goes to this address and finds out that Roskomnadzor ... However, the post is not about censorship.

Root servers are responsible for the root zone. They have 13 IP addresses - this is the maximum amount that can be put into one DNS answer over UDP. There are more servers themselves (multicasting is used, load balancing using DNAT and other technologies), but they have 13 addresses. The root server addresses are tightly nailed in the configs of almost any DNS servers. And even DNS servers that do not support recursion usually respond with a list of root servers (if we don’t know the root servers and don’t know where to start the recursive name determination process, then any DNS server will point them to them).
')
It is in the root zone that TLDs (top level domains) are recorded, such as .ru, .com, .jp, .info, etc.

On this the technical part ends and the political begins.

Political part

DPI, the great Chinese firewall, small Russian firewall - this is all nonsense. Who controls the root zone, controls the entire Internet. If you remove the zone .no from the DNS, then no Norwegian site will not open by name. More precisely, it will cease to open after some time, as soon as the caches of the resolvers are rotten.

Historically, since the authorization of using the Internet for commercial activities, the root zone was formally subordinate to NTIA (full name: US Commerce Department's National Telecommunications and Information Administration - the American equivalent of Roskomnadzor, but without censorship functions). In the course of the development of the Internet, a non-profit organization ICANN was created that dealt with relations with registrars of national domains, creating new TLDs, etc. An agreement was concluded with it - and ICANN acted as the IANA (top distribution IP address), it also managed the root zone. The technical work was assigned to Verisign. But formal control remained with the United States.

It should be said that the USA never used this “control” to influence the Internet in the slightest way, but the “what if?” Fears remained. And intensified after the publication of the surveillance of the NSA for all and sundry. Requirements to transfer control over the Internet (and, more precisely, over ICANN) under the management of international organizations, for example, the UN, were heard long ago. The US itself has long (by the year 2000) promised to hand over control, but still pulled and pulled.

And so, this moment has come to pass. US plans to give control over the Internet.

Details

The contract between NTIA and ICANN expires in the fall of 2015. Up to this point there will be no actual changes. But by this time it is planned to develop a policy for ICANN, principles for the participation of stakeholders and a general idea of ​​“how it will be”. In the list of so-called. stakeholders - IETF, regional registrars (RIR), two completely unknown organizations to me: Internet Architecture Board (IAB), the Internet Society (ISOC), Verisign, TLD operators (all of a sudden, owners of .google, .yandex, etc. . can get a slice of the handle to manage all the DNS).

In any case, taking into account the current behavior of NTIA (non-interference), practical changes for end users (both site visitors and domain owners) will not be noticeable.

On the other hand, there are certain risks of getting conflicts already around TLDs, allocation policies, etc. For all the seemingly commercial-technical point of view (with which the IETF copes quite well), there is a risk of getting a lot of conflict around national domains. Should there be a national domain in the Basque Country? Crimea? Abkhazia? Chechnya? Any other secessionist group? If politicians become fit, then very serious problems are possible. Previously, they were solved by gentle pressure from the United States. In the absence of a moderator, problems may become tangible.

illustration from web4realty.com