November 14, 2005

WSIS, ICANN, Hacking, and Functional Decomposition

It's been an interesting, and very exhausting, week - I spent a couple of days at a gathering of intellectual property lawyers in Napa, then three days at the Hackers Conference (as usual, extremely interesting, but we operate under a cone of silence, so no details), and this morning I had to come across the bay to Monterey - which, to to bring me to my topic, is a long way from Tunisia.

Tunisia?  That's where the World Summit on the Information Society (WSIS) is meeting this week.  From what I have seen there are a lot of flowery words that largely seem to be euphemisms hiding the difficult and harsh reality that some nations have more wealth than others.

The internet is a core element of WSIS discussions.  And it appears from those on-site that the question of country-code top level domains (ccTLDs) has come to the fore.  As is natural in a meeting among nations, there is a pretty broad acceptance of the idea that control of a ccTLD is an attribute of sovereignty.  It appears that the principal opponent of that idea is the United States, which says that it wants ICANN to continue to be the overlord of ccTLDs.  The position of the US is inconsistent with its own actions - the United States simply evaded ICANN when it came to redelegating the .us ccTLD.  But hey, I've gotten use to my own national government saying one thing and then doing the opposite.  Is there any wonder why people here in the US mistrust bodies of government?

Let's assume for the moment that the role of recognizing and selecting the operator for a country-code Top Level Domain (ccTLD) is not an appropriate role for a private United States based corporation that has substantial ties to the United States government.

Let's assume for the moment that the job of recognizing the appropriate national authority to operate a given ccTLD is vested into a new body.  What ought that body to look like?  And where does that leave ICANN?

As I have mentioned elsewhere, I believe that one of the architectural principles that WSIS ought to follow is "form follows function".  In other words, once we decide to vest ccTLD questions into a new body, that new body should be shaped, and rigidly constrained, to deal with ccTLD questions and only with ccTLD questions.  This body should have as its job, and as its only job, the following tasks:

  • Choosing what ccTLDs should exist.
  • Selecting the proper authority to have control over each ccTLD.
  • Obtaining from each ccTLD authority the domain names and IP addresses of the domain name servers for its ccTLD.
  • Publishing this information on a universally accessible web page (in order to enhance the integrity of this information it ought to have a message hash (digest) and be digitally signed.)

The first two of these tasks have political overtones, the latter two are clerical and non-discretionary.

This ccTLD body  needs  no formal linkage to ICANN or any other body that assembles the published ccTLD information into a domain name system root zone file or operates root servers.  ICANN or these other bodies can simply utilize the published information when they build root zone files.

Thinking of the the construction of root zone files - is this really an appropriate job for ICANN?  I think not, at least not by default.

Since each group of root server operators must not only pick the root zone file it will publish but must also modify that root zone file to contain the names and IP addresses of its root servers, as well as any DNSSEC key information, it makes more sense for each group of root server operators to define how its root zone file is to be built, and by whom.

There is no need to establish any institution of internet governance to construct root zone files.  The job is clerical and non-discretionary.  It does not take a great deal of time - much of it ought to be automated.  But it is a job that should be done with great care, with substantial and frequent checks for quality, and with an effective means to return to a workable status quo ante should an error occur.

What is of importance here is that because the job of root zone file preparation is really an aspect of operating a system of root servers, there is no need to vest that job into ICANN.  It may be that some operators of root servers may chose to hire ICANN to do the work on their behalf, but that is the choice of root server operators and need not be of concern to WSIS.

If ICANN is no longer the vessel for ccTLD questions and root zone preparation then what is left of ICANN?

ICANN has already abrogated nearly all of its role over IP addresses to the regional IP address registries; ICANN, via its performance of the IANA function, merely allocates large blocks of addresses to the RIRs.  This, so far, has been largely free of non-technical dispute.  IP address assignment at the IANA level has become a discretionary clerical function, albeit one that should be exercised with substantial technical knowledge and with flexible concern for a set of guidelines that are evolving mainly from the RIRs and their processes (and not via ICANN.)

IANA is really the secretariat of the IETF.  IANA is far from the only source of numbers used on the internet.  The IEEE, ITU, W3C, and other bodies also provide many of the agreed-upon numbers used to coordinate the internet.  IANA, less the ccTLD role, should be returned to the IETF.

IANA has no more business being placed on the stage of internet governance than does the secretariat of the IEEE, of the ITU, or of any other standards body.  And IANA has no more claim to a tax on internet users than does any other standards body.  If IANA is to benefit from an ICANN-imposed tax on domain names to support IANA than the IEEE, ITU, and other bodies have an equal right to the proceeds of that tax.  If those other bodies have no such claim than neither should IANA.

After removing ccTLDs, root zone preparation, and IANA from ICANN, what's left of ICANN?  What remains is ICANN's position at the head of a pyramid of contracts that regulate the practices, products, and prices of those companies that ICANN has granted (for a fee and a cut of the action) the privilege of engaging in the business of selling domain names.

It seems to me that we ought not elevate this residual aspect of ICANN to the vaulted and insulated position of a body of supra-national governance.  Rather we should recognize it for what it is: a combination in restraint of trade.  Perhaps it is a combination that we want to retain, perhaps not.  But we should neither blind ourselves nor put on rose colored glasses when we ask the question whether the domain name marketplace, and its customers, the community of internet users, are harmed or helped by this remaining part of ICANN.

Posted by karl at November 14, 2005 4:35 PM