[governance] RE: Human rights and new gTLDs

Kieren McCarthy kierenmccarthy at gmail.com
Fri Oct 5 16:36:44 EDT 2007 

I'm with you Brett but sometimes policy and technical are two sides of the
same coin.

Re: registry failure.

The RegisterFly collapse was not the first time - in fact it was far from
the first time - that a registrar had failed. But the system in place had
always worked previously - namely that the company would sell its data to
another registrar.

The problem was that the system relied on the registrar behaving in a
certain way. When it didn't, suddenly there was no method by which it could
be made to behave in a reasonable and responsible manner, and there was no
way for anyone to step in and take its records off its hands.

If a registry goes haywire - who can fix it without the explicit help and
consent of the company that has gone haywire? And yet can you imagine
VeriSign agreeing to let *anyone* ever be allowed to take .com off its
hands?

(I actually think you could draw up a series of events that VeriSign could
agree to that would provide the authority to someone - for the simple reason
that they know that the situation would never happen.) 


The other big problem that you have raised is the concept of the expectation
of registry renewal.

The .pro registry is a case in point - it got the contract under one plan
but then changed that plan. The UPU is currently asking for a radical
alteration in its initial plans for .post - the plans under which it was
granted the registry.

What if someone gets a registry under a certain plan and then sells up when
a different company sees a different way of running it to make money. What
if we end up with registry contracts being sold on the open market in the
same way you can purchase an ICANN-accredited registrar company?

Now, I am sure that somewhere someone is having and has had these
conversations but I've not heard them. And if I haven't heard them, they're
not being had widely enough.




Kieren




-----Original Message-----
From: Bret Fausett [mailto:bfausett at internet.law.pro] 
Sent: Friday, October 05, 2007 4:11 PM
To: Internet Governance Caucus
Subject: Re: [governance] RE: Human rights and new gTLDs

On Oct 5, 2007, at 10:31 AM, Kieren McCarthy wrote:
 > It means controls need to be put in place and it means that  
suitable failure
 > systems have to be put in place.

It's also important to separate the parade of horribles in your  
message into technical failures and policy failures.

Technical failures are relatively more easy to solve. Keep in mind  
that a registry's main obligation is to reliably serve a text file  
(aka, the TLD zone file) to anyone who asks for it. If a registry can  
no longer do this, the task of serving the text file can be given to  
someone else, and ICANN simply updates the root servers to point to  
the new TLD servers. Yes, you also have whois, registrant and billing  
data (which may live at either or both the registry and registrar),  
but at least in an emergency, you could keep traffic flowing by  
porting the zone file to a new server.

(The idea of hacking .money to change the zone file to serve  
fraudulent date is interesting, and ICANN certainly require that  
registries have security standards to guard against it, but hackers  
do this already through cache poisoning at the ISP level.)

Policy failures are much harder to solve, but they also exist largely  
in the eyes of the beholder. For example, I was very much disturbed  
that .PRO opted to depart from its original purpose and allow open  
registrations for second-level .PRO names through registrar proxy  
services (the registrar uses the professional credentials of its in  
house lawyers and accountants to stand as the credentials of non- 
professional registrants otherwise ineligible to register). Others  
thought exploiting the proxy registration loophole was a good thing.

Trying to solve for possible policy failures as a prerequisite to  
launching new TLDs is one of the reasons we're still talking about  
the launch ten years after the White Paper.

--
Bret Fausett (skype me at "lextext")
smime.p7s is a digital signature
http://www.imc.org/smime-pgpmime.html
-------------------------------------




____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

More information about the Governance mailing list