Paul Twomey is speaking.
He begins by reciting ICANN's "reforms".
He's mentions "consumer" issues: Redemption Grace, elides over whois privacy (or lack thereof), and WLS
Security and stability - he is describing the committees (security and root-server) but not their output (or lack thereof.)
Verisign:
Begins my mentioning that Verisign runs two root servers as well as creation of the root zone file itself.
He wants ICANN to expand to more stakeholders.
He wants ICANN to emphasise security of root servers. (So do I.)
He wants ICANN to evolve into an entity that ccTLD are willing to sign agreements with. (But provides no concrete details.)
He mentions excessive micromanagement by ICANN several times.
He is suggesting that ICANN be a technical umbrella and not engage in "business micromanagement".
Alan Davidson/CDT - Points out that the distributed internet depends on a few centralized name/number services.
He feels ICANN is needed, but that it needs to be more closely focused.
He is alarmed by possibility of ITU taking over and that thus ICANN must be strengthened. (He didn't mention the growth of the GAC as being perhaps being a step down the path he wants to avoid.)
He's talking about user/public representation - he's generally criticizing the lack of these and says that the Senators should not be fooled into believing that ICANN's steps are sufficient. He also said that the elimination of elections for directors might be OK. (I kinda disagree. ;-)
He's mentioning the privacy issue regarding whois, but not describing a concern that ICANN may not even begin to reach closure on this.
He suggests limited renewal of the ICANN/NTIA MoU.
eNOM - Starts of on "lack of transparency and accountability" of ICANN.
He's focusing on WLS, generally against it. "If WLS can not be stopped, it should be fair."
He's complaining that he and other registrars are not admitted to that part of ICANN that is working on tailoring the Versign WLS. My thought - welcome to the hell to which ICANN has consigned the community of internet users.
Questions:
Burns asks Twomey to respond to eNOM. Twomey says ICANN ought not be in position to determination what is offered in the marketplace. Now Verisign is talking about WLS, describing the registrar polling mechanism versus the central database triger method. (What irks me about that argument is that it presumes that the existing registration technical mechanisms are "the best of all possible worlds" and that hence WLS in its current form is a necessary result to avoid the ill effects of the current technology.) CDT - Makes the point that WLS is such a hot issue because of the lack of competition between TLDS. eNOM pointing out that WLS "tilts the playing field" between the registrars. (To my mind the tilting is between the registrars and a class and the registry as a class.)
Question to Twomey - what changes to ICANN structure needed to reach agreements with ccTLD community. His answer goes in another direction - globalization: He's mentioning growth of GAC and new ccSO.
Question: what about interoperability of internationalized domain names. (I wonder whether credit will be given to the IETF or will all the glory be absorbed by ICANN.) [By-the-way, I think internationlized DNS is one of the things that ICANN has done well - by faciliting agreement rather than imposing rules.]
Question - is icann prepared for huge upserge that internationlized domain names cause? Twomey begins by mentioning accountability/transparency - to the registries/registrars (and by implication, leaving out the internet community.)
Major slip - Twomey says there is ONE internet, not many. That is a dogmatic belief. From a technical point of view there can be many distinct internets or name spaces, with explicit gateways.
Burns is citing my submission!
Burns is asking Twomey to comment on disappearance of elections for board seats. Twomey is mentioning concern for capture, etc. Twomey is claiming that ALSC structure is adequate replacement.
He is equating "voice of consumers" with public participation.
CDT responding to absence of elections - ICANN is becoming an "international trade association" (CDT reading year old statement of Twomey.)
Burns asking - how should ICANN change? (He describes ICANN as a "cowboy convention" - nobody is in charge.)
CDT emphasises "narrow mission" and "things we don't do" and "not be over regulatory".
Burns is letting the panelists ask one another questions - Oh I wish I were there! ;-)
Burns' closing remarks - he mentions that oversight may have to be a continuing part of ICANN. He also revisits the size of the impact from the Asia Pacific area.
The hearing is over but the background chatter continues....
Nancy Victory is speaking now...
She is mentioning ICANN's charge to its president made in Montreal in June as if it were likely to solve the TLD logjam. Being one who was there, I can attest that the underlying message from the Board to ICANN's president was more of a desire to move forward only on the Stuart Lynn concept of a very few "sponsored" TLDs, each undergoing microscopic scrutiny of their business plans, rather than a wholescale revision of the TLD allocation mechanism.
Questions are now occurring from the Senators:
Burns is asking whether if the renewal were to be today, would NTIA renew? The answer is non-commital and places emphasis on ICANN's annual report.
Several questions about why a country would enter into a cctld agreement with ICANN. A: Victory is making a lot of comments, the one that rings with me is that the net was running just fine so the cc's aren't necessarily thinking that entering into an agreement is needed. She is also emphasising the GAC, but without reflecting on the fact that the growth of the GAC transforms ICANN more and more into the shape of an international, intergovernmental organization.
She's done already - They are moving this hearing along quickly.
Well I'm waiting for the hearing to begin.
I am reading Nancy Victory's prepared statement. It's kissy rather than critical of ICANN. She accepts ICANN's "reform" without a hint of concern about the distance ICANN has imposed between itself and the public, she has no comment on has lack of progress on security by ICANN, she accepts that awful CRADA report, and she has only the most mild words about TLD allocation.
I can hear Nancy Victory and Paul Twomey in the background chatter as I wait for the hearing to begin.
I'm now reading Paul Twomey's statement - there is an odd simularity between his list of ICANN accomplishments and those listed in Nancy Victory's statement. I sense that the DOC may simply be reciting what ICANN is feeding to it.
I see that Paul is claiming the awful CRADA report as if it were the output of ICANN sleeping security committee. Otherwise his statement is much what I would have expected.
The Communications subcommittee of the US Senate Committee on Commerce, Science, and Transportation is holding a hearing on ICANN today, July 31, 2003. at 2:30pm EDT.
You can listen in via http://www.capitolhearings.org/ (scan down for the appropriate item for Room SR-253). I'm not sure where the written materials will be posted - I'll post the URL when I find out.
I was a witness at the two prior hearing, one in 2001 and another in 2002 - it's quite an experience.
My submission to this year's hearing is online at http://www.cavebear.com/rw/senate-july-31-2003.htm
What's going to be said by the witnesses? I don't know. But I have some guesses:
ICANN will once again try to make us believe that it is responsive to the public.
NTIA will once again threaten to pull the contractual plug on ICANN.
CDT will present its usual - an extremely competent and extremely reasonable position, wrapped in very polite, perhaps too polite, terms.
Verisign and eNOM will argue that ICANN's invasive regulatory schemes are impeding their ability to innovate and offer customers viable products.
In my own materials I make several points. Perhaps the most important are these:
ICANN's system of allocating new TLDs is a complete failure. It should be terminated and replaced immediately with something in line with that suggested by Professors Mueller and McKnight (see The Post-COM Internet: A Five-Step Process for Top Level Domain Additions - online at URL: http://dcc.syr.edu/miscarticles/NewTLDs-MM-LM.pdf) and of Professors Solum and Manheim (see An Economic Analysis of Domain Name Policy - online at URL: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=410640).
ICANN has abandoned its obligation to oversee the IP address allocation system.
ICANN's response to security of the DNS is an empty facade.
The actions of the US Department of Commerce reflect a trend to expand executive branch governmental authority, perhaps in violation of US Constitutional principles, through the use of putatively private agents such as ICANN.
Congress should enact a "Public Powers Act" that would define how and under what conditions the exercise of pubic and governmental powers may be delegated to private bodies and define the obligations of such private bodies when they are endowed with the ability to exercise these governmental powers.
ICANN has become a supranational legislature that exports "laws" desired by intellectual property interests onto nations of the world without their consent.
ICANN has not met its obligations to be open, transparent, and accountable to the public. Instead ICANN has restructured itself so as to be further than ever from the public. The gap between the public and ICANN's centers of power is filled with insulating layer upon insulating layer of ICANN created, and ICANN-regulated "structures", "organizations", and "committees".
My materials also include a copy of my comments on ICANN's CRADA report and a copy of the public version of the evaluation of ICANN that I submitted to ICANN at the end of my term.
In my previous entry "Why Are We Willing To Bet Democracy To Gain A Few Bucks?" (July 20, 2003) I raised concerns about electronic voting systems that lack independent audit trails.
Over the last week a report came out of Johns Hopkins demonstrating several vulnerabilities of the Diebold implementation of one such system.
That system, like so many others, lacks an independent audit trail and places its entire trust on the software and on the polling place officials.
I noticed today an item in the Washington Post - "Voting Machine Study Divides Md. Officials, Experts"
In that article there is the following paragraph:
Margaret A. Jurgensen, director of elections in Montgomery County, said that voters loved the machines. "The general election went off perfectly," she said.
My question is simple - How in the world, in the absence of an independent audit trail, does Ms. Jurgensen know that "The general election went off perfectly"?
As far as I can tell, she's simply asserting this on nothing more substantial than blind faith and has no audit trail upon which she can base such a claim.
I invite her to demonstrate the concrete materials upon which she has been able to come to the conclusion that "The general election went off perfectly".
Democracy survives only because the voters have faith that their votes are accurately counted. If that faith is lost, voters will conclude that the system is fixed and will abandon the system.
The United States had a near miss in 2000 in Florida. That near miss could have turned into a disaster had there not been physical evidence of the votes cast - the infamous chads. That should have served as a warning. But instead of learning the lesson that an independent, auditable record of votes cast is a critical and necessary part of an election system, our agencies and legislatures have leapt to the unsupportable conclusion that invisible electrons are a better way to count votes than humanly readable paper.
I ran in, and won, one of the first, if not the first, worldwide electronic election - to represent North America on the board of directors of the Internet Corporation for Assigned Names and Numbers (ICANN), a body that regulates the core assets of the Internet. This election was tainted by badly implemented voting systems. That taint served as an excuse for ICANN to abandon elections and public participation in its decision-making forums.
I am also a computer scientist - I have been working with computers and networks for 35 years. Much of that time I have worked with security of operating systems, applications, and networks. I have also spent many years examining and testing software to discover flaws, intended, negligent, or accidental. I have never ceased to be amazed at how badly software is designed and implemented to deal with real-life. And I have never ceased to be amazed at how naive people are in the belief that testing and code inspection will reveal flaws.
Ken Thompson's famous 1984 paper - Reflections on Trusting Trust - should have long ago dispelled the notion that code defects and penetrations will be visible in source code.
And our experiences with the thousands upon thousands of penetrations of Microsoft's "operating systems", by vectors ranging from e-mail to web-pages to randomly addressed network packets, despite the continued and massive efforts of Microsoft and several security and anti-virus companies, should have taught us that computer platforms are laughably weak.
Even closed, special purpose systems are full of flaws and easily penetrated. Banks know this about their ATMs - that's why they allocate reserves to cover the expected losses. Even touted air and space control systems can be flawed - the Mars Climate Orbiter crashed because some software engineers used metric units of measure and others used English units.
With this a backdrop, we see not just States, but also the US Federal government, racing to deploy computer based voting systems that can not be audited, can not be recounted except by relying on exactly the same systems that are being accused of being inaccurate.
By doing this we are risking our most fundamental precept - that of government accountable to the people through elections.
Why are we doing this?
It only costs a few dollars to add a solid, paper audit trail to electronic voting machines. The only reason why this is not being done is to save a few dollars. The only conclusion that I can draw from this is that our election officials are willing to risk democracy in order to save a few bucks.
I personally do not hold democracy so cheap.
To my way of thinking, it is irresponsible to deploy electronic voting systems without there being humanly readable audit trails - and by this I mean paper ballots that the voter can read to confirm his/her vote and which, in the case of a recount, serve as the master record of the vote, superseding anything that the electronic machine might have to the contrary.