July 27, 2004

The Rule Against Digital Perpetuities

It seems to me that in the fight over copyright and digital rights management few have considered what happens in the distant future when the material being protected is no longer covered by copyright.  That thought led me to propose the following rule and accompanying pledge.

The Rule Against Digital Perpetuities:

No Digital Rights Management (DRM) limitation or anti-copying mechanism may endure longer than the original copyright in the protected work.

The Pledge:

I pledge to neither specify nor standardize nor implement any system that does not conform to the Rule Against Digital Perpetuities.

Update August 8, 2004: Rule updated to include anti-copying as well as DRM.

Posted by karl at 10:49 AM

July 21, 2004

Leaping Without Looking - And Taking the Internet Along for the Ride

Please note the "Update" at the end of this item.

ICANN announced with a great deal of precision that "[o]n 20 July 2004 at 18:33 UTC the IPv6 AAAA records for the Japan (.jp) and Korea (.kr) country code Top Level Domain (ccTLD) nameservers became visible in the root zone file with serial number 2004072000."

It might have been hoped that ICANN would have studied the issues pertaining to IPv6 in zone files before it allowed this to happen.

But it was not until 19:40 UTC, more than an hour after ICANN's announcement, when the IETF posted a new internet draft dealing with the issue:

        Title           : DNS Response Size Issues
        Author(s)       : P. Vixie, A. Kato
        Filename        : draft-ietf-dnsop-respsize-01.txt
        Pages           : 8
        Date            : 2004-7-20

In other words, ICANN rushed headlong into deploying IPv6 in the root zone even before the IETF published material on the subject, much less waiting for that material to receive peer review.

ICANN leapt before it looked.  And ICANN took all of us on the internet along for the ride, without our consent.  In my vocabulary that's called "reckless disregard of the consequences."

Contrast ICANN's behavior in this instance with the agonizingly slow review, a review that is now in its fifth year, of the question of introducing new TLDs.

It's my impression that ICANN was looking for a quick sucess story to mask its absolute failure in all other technical aspects of its job other than internationalized domain names.  I've read the new Internet Draft (ID) and run its DNS modelling program.  That ID answers many questions, but it leaves other questions unanswered.  For example, I believe that there is danger that the efficiency of DNS could be compromised because name resolvers might not be able to get as much "glue" address information as have until now and that resolvers may, as a consequence, end up engaging in previously unecessary name query interactions with root and TLD servers in order to obtain that information.  I could be totally wrong or the magnitude of the effect may not exceed some (never articulated) threashold.  But then again I might be right.  ICANN should not have moved forward until such questions can be fully articulated and fully answered.

Update: There was apparently a version zero of this ID published on the order of a year ago (June 2003).  Unfortunately the IETF has a policy of purging Internet-Drafts within a few months after they are published and as a consequence the prior version is unavailable from the IETF's I-D archives and has been officially unavailable for the greater part of the last year.  It is, however, visible at http://www.ietf.org/proceedings/03jul/I-D/draft-ietf-dnsop-respsize-00.txt In any event if ICANN can demonstrate that it knew of and, in fact, used that prior draft, then I can rightly be accused of overreacting.  On the other hand, even if ICANN did use that prior document there still remain those unanswered questions to which I alluded.  In fact, there is a CENTR presentation that alludes to these open questions, in particular see the third bullet on slide number 6.

Posted by karl at 2:20 PM

July 20, 2004

IPv6 and root servers

There's an article on Reuters today - New Technology Heralds Unlimited Web Sites - ICANN that quotes ICANN as saying " IPv6, had been added to its root server systems"

Well, I just dug around a bit and could find is no substance to that claim.  The root zone defines no IPv6 addresses for the legacy root servers and none of the major top level domains I examined had any IPv6 delegation information.  And to top it off it appears that the name registration system may not allow domain name owners to enter IPv6 information.

You can check for yourself by using a tool such as "dig" to examine the NS and glue information for the root zone (which is named ".") and for the TLD delegations.

To see what an IPv6 delegation looks like try the command
dig www.ipv6forum.org any
Notice the result line that looks like
jazz.viagenie.qc.ca. 258570 IN AAAA 3ffe:b00:c18:3::a

Now take a look at the root zone:
dig @a.root-servers.net . any
Do you see any AAAA records?  I don't.

Take a look at the zone information for .com:
dig @a.gtld-servers.net com. any
I don't see any AAAA records here either

I went further and did queries on the server names just to see if some of the glue records might have been missing.  The result - I didn't see any IPv6 records.

In addition, I checked whether my registrar can even accept IPv6 addresses for my name servers.  Nope.

So, to paraphrase Mark Twain - The claims that the DNS root layer supports IPv6 are greatly exagerated.

Does any of this stuff surprise me?  No.  When I was on the Board of Directors of ICANN I tried several times to get ICANN to recognize that IPv6 was out there and that name servers had to be reachable via IPv6, had to contain IPv6 records, and the registration system had to allow users to enter IPv6 information.  Even if the ICANN's claims about IPv6 been true one can only wonder why it took so long.

And there is one more small issue - the main protocol that carries DNS packets is UDP.  The RFC's for DNS put a limit of 512 bytes on those packets.  That limit, in turn, caused the limit of 13 IPv4 root servers.  With the addition of IPv6 information into the response packets there is a chance (a chance that I compute as being on the order of 100%) that we might find that we can no longer fit 13 servers into the responses.  I wonder which root servers will be eliminated?  Or will the 512 byte limit be removed?  Will ICANN even realize that these are issues to be answered?

Update (July 20, 11pm PST): Apparently .jp and .kr each have IPv6 (AAAA) records.  It is interesting to see how much larger the response packets have become due to the IPv6 information.  It would be interesting to crank the numbers to see how many fewer name servers a zone may have.  Such a calculation is necessarily imprecise because of variations in the length of name server names and the effects of DNS name compression.)

Posted by karl at 2:32 PM

July 19, 2004

One out of seven ain't bad

I see via Lextext that ICANN"s Chairman has said "ICANN's stewardship is international, bottom-up and multistakeholder.  ICANN promotes user choice, predictability and a stable technological environment in which innovation is encouraged."

By my count that statement is 1/7 correct, or 6/7 incorrect.

ICANN is certainly international - Like the Prodigal Son ICANN has not held a meeting in its home country, much less its home jurisdiction for several years.

But is there anything else in the quoted statement that is even close to reflecting reality?

Bottom-up?  ICANN has evicted internet users and repudiated any form of end-user participation except through a system of company controlled puppet "organizations."  End users have no role in ICANN except to pay the bills.  And do they ever pay the bills!  ICANN costs the community of internet users over $100,000,000 per year in excessive fees.  Of course, if one considers "the bottom" to be the DNS industry and the trademark lobby then ICANN is indeed "bottom-up".

Multistakeholder?  Sure, if you happen to be one of the chosen few stakeholders.  Internet users are not among those who have been so privileged.

User-choice?  ICANN gives users no choice but to pay artifically elevated domain name registration fees.  ICANN gives users no choice but to publish their personal information and abandon their privacy.  ICANN allows no innovation in business models; ICANN imposes a highly restrictive set of business processes and prices on those who wish to participate in the domain name business.  Choice?  Under ICANN the only way is ICANN's way.

Predictability?  Nobody has ever been able to articulate objective reasons why ICANN piicked the seven TLDs it did in year 2000 and why it left 40 others unpicked but "pending".  Nobody has ever been able to explain why the UDRP is only usable by trademark owners and not by other people and entities that have rights in a name that are based on foundations other than trademark.  Nobody has ever been able to explain why ICANN holds 75% of its board meetings in secret.  Nobody has ever been able to explain why ICANN adopts measure after measure over the objections of those who must bear the costs and endure harm of those policies and over the explicit objections of ICANN's own policy bodies.  About the only thing that has been consistently predictable about ICANN is that it will pay excessive amounts of money to the law firm that created ICANN and that ICANN will always decide on a course of action in which the public interest will be damaged in order to benefit ICANN's chosen stakeholders.

Stable technological development?  ICANN doesn't do anything technical; it has relinquished that job to others - ask ICANN who runs the DNS root servers.  ICANN has, on the other hand, taken a hand at ensuring that many critical technical things are not done - like enhancing the security and reliability of DNS operations or even taking note of when the DNS isn't working very well.  ICANN completely failed to notice major problems with .org the other week.  ICANN is so absorbed in itself that it really does not notice whether the net is working or not.

Innovation?  ICANN has repeatedly acted as an anchor against innovation.  ICANN's arbitrary business restrictions impose one kind of DNS product and one model for providing that product.  For example, ICANN has foreclosed the possibility of short term domain names for use for events, meetings, movies, political candidates, etc.  And ICANN though an arbitrary decsion to limit registrations to 10 years has foreclosed the possibity of long-term registrations (and presumably reduced prices).  And ICANN's price-support structure, such as the $6 yearly fee to Verisign for each name, has no incentives to push Verisign to become more efficient and pass costs savings on to users.  And as I have written about the recent report by ICANN's SSAC on "Sitefinder", ICANN has adopted a vigilante model for deciding what technology it wants to attack and what technology it will allow.  Innovation can not happen within such a system; few will take the risk investing time and money in a new idea if that idea can be crushed and defamed if a majority of ICANN's board, or a single member of ICANN's staff, should wake up on the wrong side of the bed.

One out of seven is very sad.  But what is even more sad is that this one-of-seven demonstrates how detached ICANN is from reality.  ICANN lives in a fantasy world; ICANN has self deceived itself into believing that it is actually working with internet technology and that it is benefiting the community of internet users.  When your house catches fire you hardly want a pay-actor fireman.  Do we want core functions of the internet to be regulated by a play-acting ICANN?

Posted by karl at 3:30 PM

July 15, 2004

Looking at the CDT paper

I'm looking at the CDT Back to Basics paper on ICANN.

I was disappointed to see the paper begin with the recital that ICANN is a "technical coordination body." That is incorrect - ICANN avoids technical issues as if they carried the plague. With the exception of internationalized domain names (a matter that ICANN ultimately left to the IETF) and ICANN's current action with regard to Versign's sitefinder, the entire life span of ICANN has been marked by the way that ICANN has avoided establishing any policy that could be characterized as "technical coordination". ICANN has instead devoted its lifeblood to regulation of business and economic activity that has utterly nothing to do with technical coordination.

Those jobs that do involve technical coordination - jobs such as ensuring that the root servers are run well and with adequate resources and protections - have been abandoned by ICANN into the hands of independent and non-accountable groups.

In addition, I was surprised to see a resurrection of the old language that ICANN is the result of a "carefully crafted" effort. Nothing could be further from the truth - ICANN was born in a closed room with ICANN's founder and "outside counsel" acting as chamberlain controlling what people and views could enter and who could not. The only careful crafting that went into ICANN was to ensure that ICANN would conform to the desires of a few large industrial actors.

The CDT paper claims that the IFWP endorsed the White Paper. That is incorrect. The IFWP effort did not endorse the "White Paper". The forces behind ICANN destroyed the IFWP effort before that effort could reach closure. And, being a participant in the IFWP, I saw very little support within the IFWP process for the evolving ICANN.

The CDT report claims that ICANN is a body of limited powers. That claim grates against reality: ICANN has imposed upon the internet a price support regime that pulls well over $100,000,000(US) out of the pockets of internet users every year and puts that money into the pockets of registries and registrars. ICANN has also imposed a worldwide de facto law of trademarks. These are not the acts of a body of limited powers. None of these acts of ICANN have any relationship to "technical coordination". But they do have much to do with the exercise of governmental powers by a body that has completely rejected the concept of public participation in its decision making forums.

The CDT report, which frequently mentions ICANN as a "bottom-up" organization fails to remember how ICANN eviscerated every form of meaningful public participation in ICANN, including the repudiation of ICANN's explicit promises to have publicly elected members on its Board of Directors. ICANN's ALAC has proven to be a joke - after nearly two years its membership is nearly zero, a situation that compares very poorly with the robust and evolving public system that ICANN dismantled when that system elected me to ICANN's Board of Directors.

CDT is a well intended organization and its opinions are often worthy of respect and consideration. However, it is hard to give credence to a report that begins with as many errors of fact and historical fairy tales as does this report.

Posted by karl at 2:06 AM

July 14, 2004

More thoughts on ICANN's SSAC report on Verisign's Sitefinder

This is a followup to my note of July 9, First thoughts on ICANN SSAC Report.

The short form is this: ICANN's SSAC reached the right answer but through the wrong means.

ICANN is once again making ad hoc responses to systemic issues.  This creates a regime of unpredictability that places any innovation that is unfavored by ICANN under a cloud.  ICANN further weakens its position by citing as well established processes things that are neither well established (outside of the IETF) nor widely accepted.

ICANN has squandered five years by failing to establish objective and broadly accepted guidelines upon which one may rely to know what kind of innovations and inventions will be permitted by ICANN and which will not.  Instead ICANN's report constitutes an assertion that the internet will be governed by a code of subjective orthodoxy.

ICANN was created to ensure that the technical aspects of the internet's DNS and IP address systems operate reliably 24x7x365.  This it has not done.

There is no doubt in the minds of many (myself included) that Verisign's sitefinder grievously violates the end-to-end principle.  However, there is no law on the books that elevates the end-to-end principle to a mandatory law that must be obeyed.  ICANN squandered its moral authority over technical matters by becoming the handmaiden of the trademark industry and by ignoring for year after year a number of specific and detailed requests that it actually become involved in matters that actually affect the reliable, secure, and efficient delivery of DNS and IP address services to internet users.

As ICANN's Chairman, Vint Cerf, is quoted as saying, the SSAC report is indeed an important document in the life of ICANN.  I'm sure he has his reasons for believing this.  I agree that the document is important.  I believe that the SSAC report is important because it demonstrates that ICANN has not the slightest clue regarding the context in which ICANN operates.  The SSAC report demonstrates that ICANN does not comprehend that the choice of what is proper and what is not proper on the net is not to be measured by technical platitudes but rather through a careful and principled balancing of private equities, technical, social, and economic, against the public's need for both innovation and stability.

My concern is that ICANN has taken the path of arbitrary and capricious response to Verisign and Sitefinder rather than the path of objective principle.  The difference is between that of vigilantism on one the hand and judicial process on the other.

Sitefinder is so bad that the fact that ICANN is using vigilante methods to combat Sitefinder might be overlooked in our emotional reactions to the situation.  However it would be very bad if we failed to take notice that ICANN's methodology vis-a-vis Sitefinder creates a situation in which new ideas, much like the ideas from which the internet arose from the technical orthodoxy of the 1970's telcos, could be unfairly condemned and suppressed.

This represents a great danger to the future of innovation.

Moreover, given ICANN's obsequious approach to the intellectual property industry, and given that industry's proclivity to use any means, technical or not, to further its goals, even if the result is the suppression of technology to a degree amounting to un-invention, the SSAC/ICANN report's lack of a principled method for making hard choices is something that should be of great concern and of little comfort.

Posted by karl at 11:55 PM

ICANN/IANA report on updating root servers

I notice that ICANN/IANA has published a new document titled IANA Administrative Procedure for Root Zone Name Server Delegation and Glue Data 

In general it is a sensible and reasonable document.

However I have concern about two aspects.

First is the following step in their procedure to validate a root zone file change:

4. Each of the servers in the request that is intended to become or remain part of the delegation is checked to be sure that the serial numbers and other information in the SOA (Start Of Authority) record match what is returned by the master (also known as primary) server for the domain. Experience shows that when these records do not match it is likely that there are other operational problems with the name server(s) that are not properly synchronized, especially when the unsynchronized server is intended to be added to the delegation.

DNS servers are not strictly synchronized, they are only very loosely coupled.  It is not uncommon for the servers handling a particular zone to be out of synchronization because one or more of the servers is simply a bit later (with "bit later" being measured in hours for thing like root servers and in days for zones deep in the DNS hierarchy.)

Just the other day we heard that Verisign will be updating .com several times a day; .org is already updated this way.  In addition to the loose coupling of servers for these zones.  The zone files for these are large and do not transfer from server to server in zero time.  Under these conditions the IANA step quoted above will more often than not find that this synchronization condition will not obtain.

This step in the processing of root zone updates should be relaxed a bit to allow for off-by-one non synchrony of servers.

Second, the report claims that "In one year the IANA staff will undertake a re-evaluation of the 512 byte limit.".  This is something for the IETF to handle and decide, not IANA.  I doubt that it will require a long winded working IETF working group, and the folks at IANA are, as always, free to participate.  But it is wrong for IANA to be making substantive decisions about matters this deep into protocols.

Posted by karl at 11:34 AM

July 9, 2004

First thoughts on ICANN SSAC Report

I'm doing an initial read of the report by ICANN's SSAC report on Verisign's Sitefinder.

Findings (2), (4), and (5) of the report are based on an assertion that Verisign violated "the well-defined boundary between architectural layers", "accepted codes of conduct" and "established practices".  I find the claim that there are such "codes of conduct" and such "established practices" to be unjustified and dangerous. These claims represent a major new claim of power in restraint of innovation and commercial practices.  And there are neither clear limits nor objective definitions to these "codes of conduct" and "practices"; they amount to the imposition of neo-religious principles cloaked in technological garb.

The report's condemnation of Sitefinder as violating a "well-defined boundary between architectural layers" falls equally hard on practices that the report does not reject - Network Address Translators (NATs), firewalls, and stateful and policy based packet forwarding.

It is interesting to contrast the report's assertions regarding layering with those found in section 3 of RFC 3439, a section entitled "Layering Considered Harmful"

While I personally agree that the internet has been created and has flourished on the basis of common beliefs and practices held among the technical literati, I do not believe that such beliefs and practices are automatically held by all or that it is proper to condemn those who chose other paths.  The internet itself was born out of a rejection of the techical orthodoxy of the old telephone company (telco) world.  Had the principles of adherence to established technical practices such as is asserted by the SSAC report been accepted as binding among those who invented the internet during the 1970's the internet would probably never have been created and communications today would probably strongly resemble ISDN.

Section 2.3 of the SSAC is a nice discussion of some of the practices used by some members of the internet community.  But these are merely that - voluntary practices of a small, relatively homogeneous group.  Yet even within that group there are quite strong differences of opinion over rather fundamental issues as, for example, how packet routing ought to work (MPLS vs hot potato routing) or whether internationalized naming ought to be performed within DNS or layered upon DNS.

If we techies can't agree among outselves on these major technical matters, then on what basis should a company engaged in competitive enterprise be constrained?

Different people and different organizations have divergent views on what constitutes the common good, on what constitutes acceptable and desirable goals, and what are legitimate and ethical constraints.

The fact that certain vague principles have resulted in useful techology is not sufficient reason to embue the practitioners of those principles with control over the use of that technology except for limited times under systems such as patent law.  Indeed, those who invent a thing are often too close to the thing to comprehend how it may best be used.  (See my note Techies wanna do policy)

In consequence, while I agree with the underlying notions of the value of the end-to-end principle and the value of cooperative practices as outlined in the SSAC report, I do not yet see that the report establishes a foundation upon which one can constrain Verisign from deploying Sitefinder.

Once again, I believe that the proper framework for analysing these kinds of situations is my First Law of the Internet.

I believe that had the SSAC realized that decisions about Sitefinder require a balancing of equities, and had the SSAC adopted something like the First Law of the Internet as a framework, then the report could have been more than a regurgitation of vague beliefs and instead have provided a good case study regarding when troublesome practices on the internet (and I do believe Sitefinder is quite a body of trouble) should be restrained and when they should be allowed to go forth even if there is some ancillary harm.

Posted by karl at 5:53 PM

July 6, 2004

When You Shouldn't Use Voice Over IP (VOIP)

There's been a lot of talk recently about Voice Over IP and how it wonderful it is.  In many regards it is kinda cool.

But there are situations in which people ought to be careful and should carefully consider whether VOIP might work to their disadvantage.

The reason is simple - delay.

A typical POTS (plain old telephone service) phone has nearly no delay - the receiver hears at about the same time you speak.  If there is a delay it is often only a few milliseconds, a time that is barely noticeable to people.

VOIP phones, on the other hand, typically insert a few hundred milliseconds (1000 milliseconds = one second) of delay.  This delay is present even if the two phones are on the same LAN.

An easy test is to find some phones where the two parties can see one another.  Have one person tap the mouthpiece with a pencil.  You can then clearly see the time delay (or near-absence of delay) by observing the time between when you see the pencil tap the phone and when you hear the tap.

The extra mouth-to-ear delay of VOIP can be bad because that extra delay can make people sound impaired, drunk, or just plain stupid.  Our perception of the intelligence or capacity of the other party is strongly shaped by the speed with which the other person responds.  With VOIP, no matter how fast the other person thinks and answers, there will be a noticeable delay.

So, if you are a person who's business is based on a perception of intelligence or expertise - for example, if you are a doctor or lawyer - then you may want to consider sticking with analog telephones.

And if you are a person who has to deal carefully with delicate situations - for example if you are handling a suicide line - then you might also consider avoiding VOIP.

And finally, if you engaged in telephone based auctions then you might want to consider whether the quarter of a second of delay typical of VOIP will create a bidding disadvantage.

Posted by karl at 10:57 PM

July 5, 2004

Comments to ICANN's TF3

Here's what I sent to ICANN's Task Force 3.  My general impression of the TF 3 output was that it was a prettified way of accusing the community of internet users as being cheats and liars and demanding that the costs of trademark enforcement be offloaded from the trademark owners onto the backs of domain name registrants and the DNS registration industry.

(It is amazing how often the trademark industry forgets that the purpose of trademarks is to protect the consumer's right and ability to identify goods and services and to distinguish such goods and services from one another..  The trademark industry forgets that trademarks are intended to benefit the customer, not the seller, and that any benefit to the seller is merely incidental.)

Here's what I sent in:


I find the report to be inadequate and lacking both the factual and logical foundation to support its conclusions and recommendations.

The report begins by failing to comprehend the meaning of "accuracy".

Accuracy is not an absolute term.  One definition of accuracy is the absence of incorrect information.  In that regard, a blank field on a form is completely accurate.  The task force's report makes it clear that this is not the definition of accuracy that is being used by the task force.  If the task force wishes its report to itself be able to claim that it is accurate then the task force must necessarily articulate what it means by accuracy.

I submit that accuracy is measured by context.  In the case of business data the typical metric of accuracy is whether the data exchanged, in all directions among all parties to the transaction, is whether that data is sufficient to support the business being transacted.

In the case of domain name registrations, the parties to the transaction are the registrar and customer (registrant) or his/her agent.  There are no other parties to the transaction.  (The report of task force 1 makes it clear that when examined on the basis of real numbers rather than chicken-little-like anecdotes that the interests of trademark owners in domain name transactions are based on events so rare and of such individually miniscule impact on the internet community as to amount to a factor that can be best remedied through recourse to traditional legal processes.)

As measured in the context of the registrar-customer transaction the first metric of accuracy is whether the information conveyed at the time of the registration is sufficient to support that registration.  The second metric is whether the information conveyed is sufficient to maintain the relationship.  And the final metric is whether the information at the time of potential renewal is sufficient to support renewal, if the potential for such renewal was part of the original understanding.

Before going further it is necessary to distinguish the concept of "accuracy" from that of "precision".  It is perfectly accurate for every domain name registrant in existence to indicate that  he or she lives on planet Earth.  But most would not consider that to be usefully precise.

At the time of the initial registration of a domain name the following information needs to be conveyed:

      Desired domain name
      List of name servers

     Whether the name requested name has been allocated to the customer (implying that the name and customer's name server list have been placed into the appropriate zone file.)

Not all registrations involve money and billing.  Nor do all registrations necessarily impute a desire for renewal - one area of domain name businesses that have been arbitrarily foreclosed until now by ICANN have been non-renewable, short term registrations for single-time events, elections, movies, etc.

If a registration involves the payment of a fee, then the exchange of information must be adequate to facilitate the payment of that fee.  After that payment, that information is no longer needed to support the registration process.  It is a well known principle of privacy that information should be retained only if it is relevant to a transaction.  Thus a registrar that is desirous of protecting privacy would be acting quite within reason should it erase transactional information once that information has ceased to be of value.

Maintenance of the relationship between registrar and customer is largely driven by the needs of the customer.  For that reason there is no particular reason, in the context of maintenance of the registration information (i.e. the list of name servers) for the registrar to retain precise, that thus privacy infringing, information regarding the customer.

Third parties who today bombard the DNS whois databases are not parties to the maintenance relationship.  As task force 1 indicated, such third parties ought to be required to make a preliminary showing that they have reason to examine the registration data.  The degree of precision of the data disclosed must, therefore, vary in conformance with the degree of precision of that showing and of the nature of the purported grievance.

Finally, renewal processing only requires sufficient information to consummate the renewal transaction at the time of the transaction - there is no need for such information to be exchanged in advance of renewal or to be retained after renewal.

Additional data gathering and maintenance burdens the system with additional costs.  Absent a clear showing of illegal activity on the part of the majority of domain name registrars and customers it would be improper to impose such costs on all transactions.  Yet the task force's report seems to have elevated the ill-actions of a very, very few into a blanket accusation against all domain name registrants as a self-bootstrapping argument to encumber the entire domain registration system with excess costs and an institutional system of excess information disclosure amounting to a wholesale violation of the privacy of every member of the community of internet users.

If the demands of such third parties trigger the gathering and maintenance of data above and beyond the data used for registration, maintenance, and renewal then those third parties ought to pay the costs of such gathering and maintenance.

Update: July 6, 2004: ICANN's submission software decided to deep-six my comments.  Fortunately the GNSO folks, who have been unsung wonderworkers several times in the past, noticed.  Hopefull my comments will show up in the official archives.  I am, however, feeling a bit of deja vu: during my entire term as a Director of ICANN ICANN's so-called "webmaster" silently ignored every request to post any of my writings onto the webpages on which ICANN posted the writings of other directors and officers.

Posted by karl at 3:44 PM

Did ICANN Even Notice .Org's Problems?

Last week .org had problems.

Many users reported an inability to resolve domain names under .org.  The scope and nature of the problem was masked by .org's heavy use of anycast technology: the problem, and even the appearance of trouble, very much depended on your location in the topology of the internet.

Network operators noticed immediately.  ICANN did not.

ICANN, the body that proclaims itself to be in charge of the stability of the internet's domain name system, appeared to be completely unaware of the existence of problems with one of the internet's largest top level domains.

Instead ICANN, as is typically the case, was obsessed with other matters that have no relation whatsoever to the reliable provision of internet domain name services.

Perhaps it is time to establish a new body, one that actually is concerned with the stability of the internet, so that ICANN can finally stop the obviously untruthful promotion of itself as an organization that has any technical competence, technical knowledge, or concern for the secure, stable, reliable, and efficient technical operation of the internet's domain name system.

Posted by karl at 10:57 AM

On the Corruption of Power

In the 19th century Lord Acton wrote: "Power tends to corrupt; absolute power corrupts absolutely."

Today is the 4th of July, an American celebration of a the signing of the Declaration of Independence, a document that repudiated arbitrary and capricious exercises of power by governments and people who occupy high offices of government.

Today I saw Fahrenheit 9/11.  The subject of that film is a modern day government and modern day high officers who have discarded Constitutional limitations and regressed the science of government back to what it was before July 4, 1776, but with members of the present day Executive Branch of the United States Government undertaking the roles then performed by King George III and Lord North.

Fahrenheit 9/11 is disturbing.  But the assertion of supra-Constitutional powers by American Presidents is nothing new.  Lincoln and nearly every president of the 20th century claimed and exercised powers beyond those in Article II.  And to make the situation more troublesome, when Congress gives an inch, Presidents routinely take a mile.

But the nature of this behavior changed with presidents Reagan and Bush the elder.  Iran-Contra went beyond mere excess and became corruption.

This corruption was accepted by the public at large.  Rather than being condemned, corruption was adopted into private practice.  Can one say with confidence that the corruption of Enron and Worldcom did not have roots in the contempt for law that came to be the norm of Presidential behavior during the 1980's?

Within the last few weeks we saw Executive Branch memorandums surface that claimed that President Bush the younger has powers that are bounded neither by law nor international treaty.  And within the last few days we heard the former president of Iraq make a disturbingly similar claim regarding his own powers and immunities.  If Bush has such powers in the United States, then how can we condemn a foreign president, no matter how evil, for the exercise of those same powers in his own country?  Fortunately last week the US Supreme Court slapped down at least a few of these presidential clams.

Corruption, like disease, creeps into the body politic and infects the lesser organs as much as the greater organs.  Methods practiced by those at the top, by our President and his officers, come to be practiced in the huge administrative agencies of the US Government.

Take, for example, the matter of Internet Governance.  The US Department of Commerce has created a secular arm through which it sheds, and shreds, Constitutional and legal limitations.  The US Department of Commerce has created and supports the Internet Corporation for Assigned Names and Numbers, ICANN, a body that is so hostile to the public interest that it has gone so far as to assert that its own Directors may not examine its financial records.

ICANN has powers of government.  ICANN openly dictates who may and who may not engage in certain forms of business on the internet.  Without the ultra-vires backing of the US Department of Commerce this would be overt, and perhaps illegal, restraint of trade.  The private corporation of ICANN exercises the very governmental power of recognizing and derecognizing who are to be the internet representatives of sovereign nations.

ICANN represents a new kind way for governments to evade Constitutional and legal constraints - ICANN is simply a new way for governments to exercise the kind of arbitrary and capricious powers that were so clearly rejected on July 4, 1776.

As Fahrenheit 9/11 so clearly demonstrates, it is time to remember the Declaration of Independence and the Constitution and force our government and officials to toe the line.  And as ICANN so aptly demonstrates, this remedy must be applied to all branches and all agencies and not be a cosmetic applied only to at the top.

Have a happy Forth of July.  But please do more than light fireworks; take time to re-read the Declaration of Independence and the US Constitution and consider the degree to which our present government conforms.

Posted by karl at 12:25 AM