Tuesday, February 28, 2006

The beginning of the end (retracted)

This post has been retracted due to errors in the source article. China is not creating their own ".com" and ".net" domains. Rather, they are creating ".com.cn" and ".net.cn". Apologies for any confustion. <!--The beginning of the end starts tomorrow. This CircleID article states that China is standing up it's own internal DNS system. If you read it closely enough, you'll notice that they're standing up their own ".com" and ".net" domains.

(To do (any volunteers?): research the requirements to obtain a Chinese .com domain)

Whether or not any other country attempts this will depend on how the Chinese will depict the success of the "experiment". Given the usual "failure is not an option" mind set, implementation problems will probably remain hidden and the project will be extolled as a resounding success.

What does it mean?

It means that if the Chinese government says that such-and-such does not exist on the Internet, for the Chinese user, it does not exist (they can't reach it). It means that censorship becomes that much easier as the model switches from "enumerate the bad" to "enumerate the good". It means that monitoring of DNS-based services just became very easy as zones can be configured to run their traffic through government approved proxies. Many of the tunneling systems (those that use hostnames and SSL) will no longer function.

For the the of us, it makes tracking down sources of malicious traffic that much harder (conflicting WHOIS entries will appear, if the new ones are made available). Commercial interests will probably renegotiate with the Chinese government (do they become an income stream for those that control the CN networks?).

These are just off of the top of my head. Y'all can probably think of a few more. If other large population bases decide to do this, there's going to be chaos. Yes, eventually it'll be ironed out but it's going to get messy before it gets better.-->