[governance] USG on ICANN - no movement here

Jeffrey A. Williams jwkckid1 at ix.netcom.com
Sun Aug 10 03:37:04 EDT 2008


Karl and all,

  One thing is for certain, the .BIZ decision was a huge mistake
at the time, and remains a black mark on ICANN as well as
DOC/NTIA.  And for this reason the decision in Paris to introduce
new gTLD's and IDN gTLD's may show us all again how creating
collisions in the name space serves no good purpose.  Ergo,
your argument, which I share Karl, is really the only logical way
to go.  It appears that perhaps ICANN is not heading in that
direction however.  I hope I'm wrong in that prediction.

See: http://www.icann.org/en/announcements/announcement-08aug08-en.htm

Karl Auerbach wrote:

> Avri Doria wrote:
>
> >> There is no reason whatsoever that the internet can not have multiple,
> >> consistent root systems, each offering up its own perception of the
> >> proper set of top level domains (disputes over conflicts of names of
> >> TLDs would be handled by exactly the same international mechanisms
> >> used today to deal with global brand names, and besides, if you or
> >> your ISP don't like what one root zone offers you can simply use one
> >> you like better.)
> ...
> > assuming it is not just mental block that prevents anyone from doing
> > this, how come it hasn't happened?
>
> It has happened - there have been competing root systems for years.  And
> many people use a variation of the idea without knowing it by virtue of
> ISP's intercepting DNS queries and vectoring them to their own servers.
>
> The problem why competing roots have not grown to be visible (or
> financially viable) is based on a number of factors:
>
> 1. Most of 'em are run by people who seem to want to play games rather
> than run a solid operation.  As an experiment I used one of these, even
> though it was not solidly run, for several years for myself and my
> company.  There were zero problems (except for the .biz conflict, but
> that was caused by ICANN intentionally disregarding a pre-existing and
> operating TLD of that name) until one of the folks running one of the
> servers decided to operate outside the limits of the domain name RFCs.
>
> 2. The technical system composed of NTIA/ICANN/Versisign building a root
> zone file and the legacy root operators publishing that zone is run with
> intense professionalism and extremely high quality.  It is a class-act
> (I hope that's not too much of an American idiom).
>
> But there are quality operations - http://european.ch.orsn.net/
>
> And there was once a very cool bit of web-based software called "grass
> roots".  What it was was a website that listed all of the various TLDs
> that people have, such as my own .ewe.  As a user you went through and
> selected which TLDs you wanted in your constellation and, if any were in
> dispute, which particular choice among the disputants.  The website
> generated a zone file that one could use to load bind and, voila, one
> could run without recourse to any root system at all - all of the root
> information was in your own servers.  The website remembered your
> choices so, if a TLD updated its list of servers or otherwise changed,
> you could easily generate a new zone file.
>
> When I talk about competing roots, I mention "consistency".  Consistency
> is *very* important.  People as users and people as publishers of
> network resources would not like being surprised and discovering that
> the names they use and utter don't work right.
>
> Some people define "consistency" as precise equivalence of TLDs in root
> zone.  (ORSN does this although they reserve the right to retain a TLD,
> such as for example, .su, should ICANN remove it from their own root zone.)
>
> I tend to define "consistency" more broadly.  In my definition, two root
> zones are consistent if for each TLD they contain the delegation
> information is equivalent.  Thus every TLD they contain in common is
> backed by the same TLD servers and thus identical data.
>
> My definition allows each operator of a system of root servers to offer
> their own blend of TLDs in the root zone file they publish.  This is a
> key point.
>
> Because by allowing each root operator to choice the inventory of TLDs
> being offered we create a path for new aspiring TLDs to try to gain a
> place in the sun.
>
> Some aspiring TLDs will find that they can not convince any root
> operator to include their "product"; those TLDs will die.
>
> Some aspiring TLDs will convince some root operators to include their
> product.  Those TLDs will, for as long as they are in only a few roots,
> be boutique TLDs.  But being a boutique TLD is not to say that it is a
> useless TLD.  Various groups, religious, educational, or whatever, may
> find it useful to set up their own TLD and all the members use whatever
> root publishes their TLD.
>
> Some aspiring TLDs may grow to such demand that root operators will
> chose to incorporate them as a mater of course - we can anticipate that
> the NTIA/ICANN/Verisign suite of about 250 TLDs will be in this category.
>
> Some aspiring TLDs will not wait to be chosen but will pay root
> operators to include their product into those operator's list of TLDs.
>
> (One a TLD has become one of the must-have ones it is conceivable that
> the situation could turn around and that the root operator must pay the
> TLD for the right to publish that TLD.)
>
> Getting to disputes over names: These will certainly arise.
>
> TLDs with the same name are tainted goods, no rational root system
> operator would want these in its inventory - such TLDs are going to
> cause user confusion and raise trouble for the root operator.
> Consequently, those TLDs that are in dispute are going to have trouble
> finding a place to exist and will thus have an incentive to resolve the
> dispute.
>
> And as for forums to resolve disputes: The worldwide system that
> resolves disputes over product names, trade and service marks, is quite
> usable to resolve disputes between those who are trying to run different
> TLDs under the same name.  Yes it is a system that is full of lawyers
> and other denizens of the darkness, but it is a system that works and is
> no less fair than ICANN's UDRP and certainly has the very important
> characteristic of being already in operation and pretty much universally
> accepted.  In other words we don't need to create an overlord of names
> to resolve disputes over TLD names: we already have a distributed system
> that stands ready and able to do the task.
>
> So, as you can see, if we had competing, consistent roots those who want
> to try their hand and risk their money on building a new TLD can do so.
>   They will, like anyone marking a new product, have to fight to "build
> their brand" by getting shelf-space in the inventory offered by root
> operators.  But that's simply the normal facts of life for normal kinds
> of products.
>
> And some of those TLD products will be shoddy or badly run.  And here we
> get to the question whether ICANN is a consumer protection agency?  Is
> it (and if so, it is rather odd in the way it ejects those consumers it
> purports to protect from its forums of decision-making.)
>
> If we can presume that domain name buyers have enough brains to pick and
> chose among TLD offerings then our level of governance is merely to
> require that TLD providers publish enough information for buyers to make
> rational choices, in other words TLDs should be required to publish
> something akin to the kind of all-revealing prospectus that we here in
> the US get for offerings of financial securities.  And that there be
> long-enough contracts for those buyers to lock-in those promises.
>
> Sure, some TLDs will collapse leaving owners of names in those TLDs with
> useless names.  Again, do we want to create a worldwide body of consumer
> protection (an uber-ICANN) or do we want to way, as we say with airline
> tickets, if you buy from a shaky airline and it collapses leaving you
> with worthless tickets, well, too bad for you?
>
> People who want to build rock-solid names will tend to remain in .com,
> .org, and .net.  Some new TLDs will aspire to build a reputation good
> enough to attract those customers.
>
> But some new TLDs may specialize in short-term registrations: A name for
> a month to handle a one-time town meeting for example.  A collapse of
> that kind of TLD will not be a catastrophe.
>
> > - lack of political will?  why do all those frustrated governments
> > keeping waiting for USG/ICANN blessing?
>
> Government people, like most people, crave the known and fear the
> unknown.  Given the quality of the operation run by the legacy root
> server folks - people who deserve internet angelic status - there is
> little incentive from the point of view of governments to change.  ICANN
> gives ccTLDs a lot of leeway.  Governments have their ccTLDs, they are
> sated.
>
> > - people do not believe it is technically possible?  i.e. it is easy to
> > say if can be done technically, but has anyone really laid out a plan
> > and showed how it can work - running code and all of that?
>
> I ran my own machines and those of my company using various other root
> systems, including one of those "grass roots" setups for several years
> while actively looking for problems.  There were none (until one
> operator decided that he could violate the RFCs by putting character
> string IP addresses rather than host names into NS records.)
>
> Having competing roots offers a significant increment in internet safety
> - it removes a single point of failure (the single root) and allows
> users (or more likely their ISPs) to chose the root that works best and,
> if that goes awry, to change to another.
>
> The bigger question is where does the money come from to lubricate this
> system so that it can run?
>
> Turns out that there is a lot of data mining gold in DNS query streams.
>   (People do not realize that ICANN's contracts specifically allow TLD
> operators to data mine the query traffic.  And one can make a guess that
> various governmental agencies in some countries are rather interested
> in, and willing to pay for, "intelligence" data or "law enforcement"
> information that they can derive from the queries.)
>
> As I have been reminded by John L., because of caching a lot more
> interesting data can be gleaned from TLD server than from a root server.
>   However, there still remains a lot of value that can be gained by
> sitting at a root and watching the queries (remember, name queries
> received by roots tend to contain the entire domain name being resolved).
>
> Sure, the idea that our queries are being monetized is scary, but it is
> already permissible under ICANN's contracts.
>
> > another question i have, would this be yet another mechanism that would
> > allow for restriction of freedom of expression and  freedom of
> > communication?    would ISPs become the new arbiter of who we would have
> > access to?  i.e my provider could restricted me to the family friendly DNS?
>
> Yes, an ISP that wants to offer a shrunken DNS could do so; but I would
> suggest that an ISP that wants to do this already can find plenty of
> tools to do this even in a single-root world.
>
> I would submit that having competing, consistent roots, gives users more
> opportunities to bypass such restrictive ISPs and removes the more
> fearful worry of a worldwide central authority from imposing its moral
> or cultural views on *all* DNS everywhere - we already saw this kind of
> thing in a small way with .xxx in which a small fundamentalist religious
> group in the US manipulated the US executive dept to tickle the Dept of
> Commerce to stomp out .xxx no matter whether the community said it was
> good or not.
>
> > or would it be possible for users to pick any DNS tree, or mixture of
> > DNS trees, they wished?
>
> I'm not suggesting changing the DNS protocols, so mixing of trees would
> not be possible.
>
> > could this model bring us a new form of provider, the global DNS
> > provider, who gave use unfettered access to all possible roots?
>
> That itself would be a new root that simply aggregated every TLD that it
> saw, modulo those in dispute.
>
> > it is an interesting idea that you and others have been talking about
> > for yeas, yet i never see more discussion of it then a idea presented
> > and then ignored.  why is that?  i know you have your own ideas on TLDs
> > and even have your own .ewe (love the name) .  why has it not flown yet
> > and why is it not breaking this ground open - especially if it is such a
> > fertile field and an obvious solution?
>
> I really have not had time to get the registration system of .ewe in
> place; I'm working too hard on network testing and troubleshooting
> tools.  People can see the skeleton of the idea at:
> http://www.cavebear.com/eweregistry/
>
> > - does the whole idea just need a good business plan?
>
> Yes, but it also needs ICANN to refrain from things like ICP-3.  That
> kind of thing can be construed as interference, potentially unlawful
> interference, with the business plans of those who aspire to build TLDs
> and roots outside of the ICANN system.  What ICANN does via ICP-3 is a
> lot like Microsoft and Apple publishing an official joint statement that
> declares Linux to be a danger to all computer users and something that
> must not be permitted.
>
> > or do you really believe it just needs a paradigm shift.?
>
> Well, this new set of DNS attacks are certainly revealing some deep
> cracks in the architecture of DNS.
>
> And I don't really know how the very slow deployment of DNSSEC affects this.
>
>                 --karl--
> ____________________________________________________________
> You received this message as a subscriber on the list:
>      governance at lists.cpsr.org
> To be removed from the list, send any message to:
>      governance-unsubscribe at lists.cpsr.org
>
> For all list information and functions, see:
>      http://lists.cpsr.org/lists/info/governance

Regards,

Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1 at ix.netcom.com
My Phone: 214-244-4827

____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance



More information about the Governance mailing list