I'm very briefly skimming the ICANN-Verisign settlement papers. I'm reading it quickly and it is late, so what follows may contain substantial errors.
It isn't yet clear to me who really got what. ICANN clearly got money (lots of money) and an increased bureaucracy. The IETF gets to put the kabash on things it (whatever "it" is) doesn't like. Versign get gagged but it also gets ICANN's promise not to pull the rug out from under it.
From my skimming my feeling is that this agreement is like duct tape around dynamite - it feels like it's merely a temporary bottle trying to hold back a tremendous centripetal energy.
One thing for sure - the community of internet users loses. We get to pay more money; our internet taxation without representation is increased.
And, as Appendix 10 and 7 makes clear, neither ICANN nor Verisign consider uptime to users of DNS to be very important - all of the service level requirements are measured in terms of availability to registrars and consumers of "whois" (mainly the intellectual property industry.) In other words, .com could wobble widely out of control with 30 minute times to respond to DNS queries - and that would not violate the service levels required by this agreement. But if the registration system should go south for a few moments, then the SLAs in Appendix 10 and the obligations of Appendix 7 come into play. The agreement is deficient in its failure to impose clear service levels on the actual delivery of name resolution services to internet users.
And the agreement is also deficient in that it fails to allow internet users third party beneficiary status so that they could come in and enforce the terms of this agreement.
I see that the even though Versign might relinquish the actual job of editing a root zone file to ICANN, no change is contemplated regarding the USG's veto power over changes.
I also see that ICANN purchased in this agreement Verisign's silence in a number of areas even, perhaps, the question of ICANN's continued existence in the WSIS/WGIG debates. I can't see how that provision of the agreement can withstand: it is very vague and Versign's business interests will never coincide with ICANN's desires for very long particularly if the evolution of the WSIS/WGIG process turns ICANN into a sinking ship that threatens to take Verisign down with it.
Article III - Section 3.1(f) gives Verisign the very clear right under the contract to do data mining. I'm not sure whether that right was as clearly called out under the old agreements.
Data mining? Remember that the full domain name that a user utters is found in queries to root and TLD servers. This means that those who operate those servers are in a very advantageous position to mine those queries to learn "what is hot and what is not". Sure, caching out in the net will short-cut a large number of the queries before they hit the servers, but dealing with that kind of thing is old hat to those practiced in the arts of statistics.
I'm glad to see that after all these years they have finally defined "stability". (It's amusing to me how similar their definition is to the one that I have been suggesting for half a dozen years - that stability be measured in terms of impacts on end-to-end packet flows across the net.) However, I am bothered that the definition ensconces the IETF into a role that is potentially inappropriate for a standards body, particularly given that the IETF's role over internet technology is shrinking.. I can easily see this latter part of the definition turning into a tourniquet that slow and perhaps even prevent the flow of innovation into the NTIA/ICANN/Verisign DNS.
My sense is that this committee to define security and stability will become the new venue for the ICANN-Versign dual.
By-the-way, they seem to have once again failed to define what they mean by the word "Internet". If the net actually fragments more than has been the case so far (NATs are a kind of fragmentation) the question of which "internet" among many will become a real issue. For example, what if country, let's call it C***a, decides to create its own DNS hierarchy - will this agreement prevent Verisign from entering that marketplace?
Section 3.2(a) - ICANN once again promises to operate in an open and transparent manner. ICANN's history in this regard is pretty pathetic, I doubt it will improve.
Section 3.2.(b) - I like the word "an" in the phrase "an authoritative root server system" - is it a Freudian slip or does ICANN now actually understand that there can be multiple systems of roots, all of which can be "authoritative" (a word that is not defined in the agreement.)
I see that ICANN is taking an even larger slice out of domain name registrations - this amounts to a tax levied on exactly those domain name users who are not permitted any role in ICANN's decisions.Posted by karl at October 25, 2005 1:12 AM