Q: Which decision of the US government took less time to make?
1. Committing to send a paltry $35 million in aid to deal with the earthquake/tsunami disaster.
2. Deciding to invade Iraq on the basis of conjured data.
It seems to me that if the US wanted to do one thing that would reassure the Islamic peoples of the world of our good intentions it would be to immediately rush at least a months worth of Iraq war money along with as many doctors and assistance personal as we have in Iraq to the affected areas.
Recently Susan Crawford in her blog wrote a note entitled "Why Internet Governance Is (or Isn't) Like Climate Change".
That note indirectly suggests the question - "What exactly about the internet is in need of governance?" (Or, to put it the other way around, "What parts of the internet are those that can't be handled by private enterprise left to operate in a competitive system under the typical legal constraints applicable to businesses in general?")
There is no doubt that ICANN represents an extension of governmental types of powers on a far more broad scope than is justified - ICANN is a poster child of the kind of excessively intrusive, overly expensive, and innovation crushing bureaucracy that has evolved in the half century since the end of WW-II.
And there is justifiable fear that the current WGIG efforts under the auspices of the UN will expand and replicate than kind of regulatory system rather than restrain it.
So Susan's question is well posed.
And I believe the answer to her question is this: Yes, there are aspects of the internet that require and are amenable to limited forms of governance.
In a note, "Governing the Internet, A Functional Approach", that I submitted to a meeting at the ITU in early 2004 I advocated the idea of finding specific, concrete, and well defined aspects of the internet that are in need of oversight.
In that paper I discussed the following areas as those that are in need of governance: (For more detail please see the original paper.)
1. A system of IP address allocation that meshes well with the IP packet routing systems. (Note: in this paper, I am referring only to unicast IP addresses. There are other forms of IP addresses, such as multicast IP addresses, that are outside the scope of this paper.)
2. A system of inter-carrier/inter-ISP traffic exchange in which end users can obtain usable assurances that designated traffic flows will achieve specified levels of service. (Note that I am using the word "assurance". I use this word to mean something less than a hard "guarantee.")
3. A system of allocation of protocol numbers and other similar identifiers.
4. The responsible and accountable oversight of a suite of Domain Name System (DNS) root servers.
5. The management of the DNS root zone file, including the clerical task of preparing the root zone file for distribution to the root servers and the task of developing and applying policies to determine which new top-level domains will be allowed entry into the root zone.
Areas 1, 2, and 4 are not are being actively overseen by ICANN. Item 3 is largely an administrative task performed by ICANN on behalf of the IETF. And it is debatable whether ICANN is adequately dealing with area 5.
For quite some time it has been my opinion that the way we should approach internet governance is to build small and limited bodies of governance. Each body would have one, and only one, area of responsibility. And each would have authority and responsibilities that are shrink-wrapped to precisely what is needed to do the needed task and no more. In addition, each such body would have a finite lifespan of only a few years; each body would cease to exist unless the community of internet users or community of nations found that body to be useful and appropriate to its designated purpose.
This is an approach that is nearly the opposite of ICANN's ever changing amoeba-like structures and its amorphous and rapidly ramifying scope of power and authority. What I am suggesting are several surgically shaped bodies, of fixed scope and authority, subject to taught reins of accountability, that are each imbued with a the minimum degree of discretionary powers needed to accomplish a specific task.
I first published my list of topics that ought to be the initial areas of internet oversight in June of 2002. Except for the addition of matters concerning the ability of users to obtain cross-ISP service's that list has not grown. This fact gives me confidence that my list is an appropriate and viable answer to Susan Crawford's question.
Ross Rader in his blog wrote an item "Om misses the boat"
I agree with much of it - it is true that ICANN is responding to some proposals for top level domains, that is, if "some" is measured as 9 out of about 55 applications - about 16%.
I disagree when Ross says "Sometimes these proposals are solid enough to get ICANN's blessing."
Why should ICANN care about the business solidity of a proposal? Why should ICANN care whether a TLD offering will survive as a business or fail and its assets fall into receivership?
It is improper for ICANN to impose business qualifications on those who wish to try their hand at running a domain name business. For ICANN to make such conditions is to restrain trade.
ICANN can not articulate any rational technical basis for those business conditions it imposes. That is because there is none.
In other words, ICANN is engaged in nothing more than naked and unjustified economic, business, and social engineering.
Is this legal? I am not enough of an expert to know whether it is legal or not within the US. If it is then US law is flawed. As for the question of legality in other countries, that is a question for those in those other countries to ask.
ICANN's restraint of trade has resulted in a moribund and effectively closed marketplace of DNS registry/Top-Level-Domain providers. As in the case of all such monopolies the result has been a a failure of innovation of products and a system that protects inflated prices. In both cases the community of internet users are the losers.
ICANN should ask at most two questions of those who wish to run new TLDs:
1. Will the applicant adhere to internet standards?
2. Will the applicant refrain from using its position to mount an attack on the infrastructure or users of the net?
Perhaps ICANN could insist that an applicant obtain a letter from an independent business auditor indicating that the applicant has appropriate and adequate business asset protection practices so that should the applicant's business fail there will be enough pieces left around for the customers or a receiver to resurrect the operation and keep the portfolio of names in play.
Remember how I've been harping on the reckless actions of the US Department of Commerce's NTIA and ICANN in allowing the removal of 15% of IPv4 information and its replacement by IPv6 information?
(If you missed it you can read it in my postings: Driving Blind, Something's Happening But We Don't Know What It Is, Do We Mr. Jones?, Follow-up on my note: An Open Letter to NTIA, ICANN, and IANA, and An Open Letter to NTIA, ICANN, and IANA.
Remember how NTIA and ICANN assured me that they would never allow a change that risks the stability of the net.
Well, despite the absence of any technical evaluation of the risks, such a change was made by NTIA and ICANN. And now reports of instability have begun to surface.
What has happened is this: With the introduction of IPv6 based name servers, some resolvers running on hosts that have IPv6 enabled (which includes the default settings on many recent releases of Linux) but which don't have actual IPv6 connectivity, seem to be trying to talk to those IPv6 based servers. It takes time for these never-to-be-answered queries to time out and for the resolver to move on to a usable IPv4 address. Users perceive delays (four seconds) for names to resolve.
More about this can be found in a posting on the NANOG mailing list and on comp.protocols.dns.bind.
Yesterday I spent about 20 minutes to set up a test to try to reproduce the problem. I used a spare computer with a single interface. I used Fedora Core 3 (with up-to-date patches) with IPv4 connectivity and its default IPv6 configuration but no IPv6 connectivity on, or out of, the subnet to which it was attached. I used bind-9.2.4-2 with its default configuration. I ran a half dozen informal tests in which I monitored all the packets coming in and out while I started bind afresh and performed queries via the machines' resolver. I did not observe any attempts to use IPv6 packets - in other words I did not observe the reported misbehavior. However I did notice that some queries (e.g. dig @localhost www.no-such-name.fr) generated as many as 46 IPv4-based query and response packets (including queries for AAAA and A6 records.)
For the moment let's assume that the Nanog and comp.protocols.dns.bind reports are accurate and that my inability to reproduce the problem was due to some flaw in my setup or in my methodology.
Now you might say: "Four seconds? Big deal." Would you say that if you were using a VOIP phone trying to call for help because your house is burning or your child has stopped breathing? OK, perhaps that's an extreme case - but it certainly is a foreseeable one. But at internet speeds, even a few seconds are important - Would you be happy if you lost a bid on e-Bay or lost out on a stock deal because you got stalled by a cascade of these delays? At the least such delay can be very frustrating.
NTIA conceived and backed ICANN for the specific purpose of protecting the technical stability of the internet. Both bodies emit large numbers of words asserting that this is what ICANN is for and what ICANN does. Yet if we look to their actions rather than their words there is no evidence that NTIA and ICANN actually care about assuming actual responsibility and exercising actual oversight to ensure that the internet's DNS actually runs efficiently, reliably, and accurately 24x7x365.
Is NTIA or ICANN even aware of these issues? Yes they are, but only because I actually called NTIA and, after several days of attempts, spoke to people there. And I have had e-mail correspondence about this matter with ICANN (which, by the way is not visible on ICANN's correspondence web page.)
Has NTIA or ICANN initiated a study or tried to reproduce the problem? There is no indication that they have - or that they intend to do so.
We have a dangerous situation. We have an oversight gap. There is an absence of management. Nobody is making sure that the various parts of the Domain Name System are all flying at all, much less that they are safely flying in the same direction. The Challenger and Columbia disasters showed us what can happen when there are oversight gaps and negligent managers. NTIA and ICANN have created an undefended vulnerability through which a catastrophic failure, or successful attack, of DNS, and thus of the entire internet, is possible.
It's pretty clear that ICANN's goal is to be the jealous overlord of domain name business practices and products.
And its also pretty clear that the goal of NTIA is to make political brownie points and award itself a gold star for privatization.
It is also quite clear that NTIA and ICANN are reducing the stability of the internet by distracting attention from the absence of coherent supervision over those things that actually affect the reliability, efficiency, and accuracy of the upper layers of the Domain Name System.
We can let NTIA and ICANN live in their fantasy worlds. NTIA can have its little gold star. And ICANN can try to defend itself against an increasing number of claims made under an increasing number of national laws that it has become merely a combination of industrial actors who are collaborating among themselves to restrain and restrict the participants in the DNS marketplace and to establish prices and product specifications and devoid of any technical basis for doing so.
In the meantime we do need to establish a responsible authority to ensure that the DNS and IP address allocation systems are being managed and operated safely. This is a vacuum that must be filled.
I notice that ICANN issued a press release with the title:
ICANN successfully concludes Cape Town Meetings
Which makes me wonder: What would an unsucessful conclusion be? Would the ICANN board and staff have to be trapped forever in the meeting room like the characters in Sartre's play No Exit?
I have no idea who wrote that wonderful piece, Time for Reformation of the Internet, posted by Susan Crawford. (It wasn't me - I never use the word "netizen".)
Elliot Noss of Tucows wrote a partial rebuttal, I must be attending the wrong ICANN meetings.
Elliot's company, Tucows, has been a leader in registrar innovation and competition. And Tucows has constantly been among the most imaginative, progressive, responsible, and socially engaged companies engaged in these debates.
Elliot focuses on the registrar/registry distinction. I agree with Elliot that there does exist real competition and innovation among domain name registrars.
But the points made by Time for Reformation of the Internet go far beyond registries and registrars.
ICANN has significantly shaped and restricted the scope of that competition and innovation by imposing requirement after requirement on the kinds of products that registries can offer to registrars and that registrars can offer to the public. Many of those requirements, such as the requirement that registration business data (whois) be made public, are made at the expense of the community of internet users and for the benefit of the intellectual property industry. Other ICANN requirements are simply arbitrary. For example ICANN has never once justified the requirement that domain names be registered for one to ten years in increments of one full year. That arbitrary ICANN requirement has destroyed the potential for product innovation and competition by registrars at the short-term and long-term ends of the spectrum.
Elliot mentions the claim made by ICANN that consumers are saving money as the result of there being an ICANN. While it is true that prices for domain names have dropped since ICANN came into being it is far from true that prices are anywhere near as low as they could be. As Elliot correctly points out there is a significant difference between legacy registries, such as Verisign with .com, and the registrars that sell the those registries products. What is not mentioned is the degree to which ICANN has created a price support system for those legacy registries that forces domain name consumers to pay as much as $300,000,000 per year in windfall profits to those legacy registries.
When the current Verisign contract came before ICANN - the contract that gave Verisign .com in perpetuity - I voted against it in part because it had no mechanism to drive down the $6 fiat price that ICANN gifted unto Verisign.
There is a distinction between those legacy registries and those that have not yet been created. Legacy registries, such as those for .com and .net, have captive customers. These captives are people who have had no real choice of contract terms - they have been forced to build their brands and network names on Top Level Domains that are largely indistinguishable when measured in terms of contractual provisions and terms. It is necessary that these captive customers be protected against registry abuse. However, for future registries, if there were many choices and real competition, new customers could pick and chose among the offerings and obtain long term commitments to protect themselves from predatory practices by the registry. ICANN, unfortunately, has given no sign that it will ever allow such a system to be conceived much less that it be born and grow into a mature industry.
Real competition and innovation of product offerings by registries has been suffocated by ICANN's refusal to allow any except a very few rigidly limited new TLDs. So registrars are forced to resell at retail a product that at wholesale is largely undifferentiated. Consumers, who are at the end of the distribution chain, are still forced to chose among domain name products in which the principal differences are a few dollars in price and the means of maintaining name servers and contact information. This lack of deep differences between retail product offerings is a hallmark of a marketplace that has little more than a thin skin of competition over a highly non-competitive skeleton.
It is very sad that the United States Department of Commerce has created a system that causes this kind of market distortion. It is worse the the United States Department of Commerce has not only allowed, but actually supported, this kind of restraint of trade of the products related to the internet's domain name system. And it is downright detestable to consider how the United States Department of Commerce has fostered the false belief that ICANN is actually protecting the public against technical failures of the internet's domain name system or IP address allocation systems.
Time for Reformation of the Internet said many things concerning ICANN's regime of dogmatic absolutism rather than principled balancing of interests. I found much truth and merit in what was said.
Time for Reform only weakly addressed ICANN's failure to concern itself with the actual technical stability of the internet and ICANN's attempt to become the willing courtesan of the intellectual property industry.
Item #20 in Time for Reformation of the Internet was this:
20. The internet would improve if ICANN were simply to disappear
I have a great deal of sympathy for that assertion. But I also have concern about the transition that would follow. I wrote about exactly that point in my testimony to the US Senate in June 2002. Below is what I said in 2002. I believe that, except for the sale of the Network Solutions registrar by Verisign, that not much has changed in the intervening 2 1/2 years.
What Would Happen To The Internet If ICANN Were To Vanish?
Much of the debate over ICANN is colored by the fear of what might occur were there to be no ICANN.
ICANN does not have its hands on any of the technical knobs or levers that control the Internet. Those are firmly in the hands of ISPs, Network Solutions/Verisign, and those who operate the root DNS servers.
Were ICANN to vanish the Internet would continue to run. Few would notice the absence.
Were there no ICANN the DNS registration businesses would continue to accept money and register names. With the passage of time the already low standards of this business might erode further.
The UDRP (Uniform Dispute Resolution Policy) system runs largely by itself. The Federal ACPA (Anti Cybersquatting Consumer Protection Act) would remain in place.
ICANN has already established a glacial pace for the introduction of new top-level domains. ICANN's absence will not cause perceptible additional delay in the creation of new top-level domains.
ICANN has already abrogated the making of IP address allocation policy to the regional IP address registries; those registries will continue to do what they have always done with or without ICANN.
ICANN has no agreements with the root server operators; the root servers will continue to be operated as an ad hoc confederation, as has been the case for many years.
The only function that would be immediately affected would be the IANA function. IANA is an important clerical job, particularly with regard to the country-code top-level domains (ccTLDs.) IANA is not a big job, nor does it have real-time impact on the Internet. (In fact there is a credible body of evidence to suggest that ICANN delays certain clerical tasks on behalf of ccTLDs for months on end in an effort to coerce ccTLDs to sign contracts with ICANN.)
There are those who will try to divert outside reforms of ICANN by asserting that touching ICANN will cause the Internet to collapse or otherwise be damaged. The truth is quite the reverse. ICANN's ties to the technical and operational stability of the Internet are tenuous at best. A full inquiry into ICANN, a full reform of ICANN, or a complete rebid of the agreements under which ICANN operates would not damage the Internet.
There's a lot of sound and fury about the .net redelegation.
One thing that people tend to forget is that the root servers themselves as well as the servers for the major top level domains are themselves named within the net domain.
An experiment should be performed to see what happens to the ability of the net to recover from a shock, in particular the ability of the DNS system to bootstrap itself, should the .net TLD servers be knocked out due to operational error or some other cause.
I don't have much faith that ICANN will actually perform such an experiment - ICANN has been remakably willing to make faith-based assertions about such things and to take us and the internet along for a blind walk along the clifftops - See my note "Driving Blind"
I was glad to see Vittorio Bertola appointed to the Working Group on Internet Governance (WGIG), part of the UN WSIS effort.
His report from Capetown is illuminating:
Consider his comments about what ICANN is evolving into:
it seems to me that the gnso is trying to exert the authority of global law enforcement system and turning icann into a global police of the internet, that takes care (and is thus responsible) for crimes that are committed through the internet.
moreover, it scares me that all the architecture of national and international legal due process that humanity has been building for the last thousand years can be suddenly thrown into the trashcan by a handful of people in a room.
I agree. And as I have mentioned elsewhere - ICANN is evolving into a new kind of mini-government without land - and without accountability.
ICANN is not doing what it should be doing - which is to guarantee to the community of internet users that the technical aspects of DNS and that IP address allocation work. Rather ICANN has become the pliant tool of the intellectual property and DNS registry/registrar industry. Vittorio's phrase "global police of the internet" very much captures what ICANN is in the eyes of the intellectual property industry.
Susan Crawford in one of her reports from Capetown expressed concern should those necessary jobs of internet governance and coordination be vested into governmental bodies. In this case I disagree with her analysis. ICANN is being imbued with plenary powers over an important part of the internet. Yet ICANN is becoming increasingly accountable to no person and no country. That kind of accountable-only-to-self is a hallmark of governmental power. To my mind it really doesn't matter whether we label ICANN or public or private. No matter what adjective we apply ICANN presents the same dangers that were feared by those 18th century thinkers who created the philosophical foundations for the modern democratic nation-state. As such it is only prudent to apply to ICANN, or its successor(s), the same kinds of controls that have been used to create constitutional democracies - separations of powers, checks-and-balances, articulated realms of authority, ambition countering ambition.
In another one of Susan Crawford's postings she quoted Paul Kane saying:
The point here is that many aspects of the Internet are not being suggested as topics of Governance, simply because they currently work well enough not to be on the radar. These include such things as the routing system (which is pretty stable)...
I believe that Paul letting his fear of governmental intrusion get in the way of an objective examination of the true state of network operation. The packet routing system of the internet - a matter that is closely tied to IP address allocation (one of ICANN's lost responsibilities) has dark clouds on the horizon. There was a thread on the NANOG mailing list this week about exactly this issue. Indeed one person prominent in the business of building routers (and router-making companies) suggested that governmental regulation of some kind might be necessary to prevent routing becoming yet another tragedy of the commons.
Earlier this year a conference was held in Los Angeles regarding forces that are destabilizing and fragmenting the internet. Some of those issues such as lack of oversight of root server operations (yet another one of ICANN's lost responsibilities) and packet routing - particularly as usable VOIP requires time-critical end-to-end, cross-carrier, performance - were identified as areas for concern.
The point of all of this is that it is pointless to argue the tired old Reagan-Thatcher line that governmental powers are best exercised by private actors. When stripped of emotion and rose colored glasses of self-interest it is obvious that the role of oversight, coordination, or governance (pick your favorite word, it really doesn't matter) is an exercise of authority that must be well defined and well limited else it can become a kind of tyranny. This is not an idle thought - we have watched ICANN evolve into a body that is creating, without any technical justification whatsoever, a worldwide intellectual property law and imposing a rigid and anti-innovative business model over the internet's domain name system while simultaneously working to nullify ICANN's accountability to internet users and national governments.