Paul Hoffman
April 25, 2002
|
Table of contents
2. Run the DNS root for the two most important constituencies 3. Give the ccTLDs more say in the content of the DNS root 5. Add 25 new TLDs every six months 6. Let the current gTLDs continue as-is 9. Stop perpetuating the hoax of Internet user "representation" 10. Let ICANN gracefully shut down as soon as the TLD Secretariat is operational |
1. IntroductionThe president of ICANN has admitted the obvious: The ICANN system is broken. However, most responses to the issue have focused on reforming ICANN instead of looking at solutions to the original problem, which is the stable management of the DNS root. This essay deals with reformation of the DNS root administration, not ICANN reforms. After many years, there are still widely varying views on what ICANN is supposed to do and how much power it should have. Fortunately, the past three years with ICANN have offered many lessons, and most of those lessons point to the same conclusions:
While ICANN looks unfixable, the DNS root is still manageable. Where ICANN has floundered, the DNS root operators have fostered a useful and stable Internet naming system. This part of the Internet has weathered the massive growth of both traffic and avarice, and its resilience is admirable. This proposal is not intended as a criticism of the people who have spent years working for or with ICANN. These people have worked hard in an incredibly unfriendly atmosphere. Unfortunately, the result hasn't worked for the Internet. As with any proposal for fixing the DNS root administration, the ideas put forth here are merely suggestions until the DNS root server administrators have agreed with them. Hopefully, they will agree that these proposals would lead to more stability and usefulness for the DNS and will want to move forwards with them. 2. Run the DNS root for the two most important constituenciesICANN was supposed to provide administration for two main groups: root server administrators and the people of the world. Over time, the business interests of domain name registrars, registries, and commercial name-holders became much more important to ICANN than the stability of the DNS root or the usefulness of the DNS for the masses. The severity of this misdirection is evident in the proposals to reform ICANN. Most have emphasized changing the composition of the board of directors or the supporting organization without showing how the change will help the DNS root or the people of the world. Simply having different people on the ICANN board won't necessarily change ICANN's focus or its methods. The overriding assumption is that ICANN should exist because it currently exists, although its existence has not yet helped the DNS's most important constituencies. DNS stability and usefulness should be the main focus of whoever administers the DNS root, without regard to profits for companies in the DNS market. Part of that stability is technical, but most of it is political. The ccTLDs are the natural focus for this stability. Mis-identifying an entire country is much worse than mis-identifying a company. ICANN's rough treatment of the ccTLD operators -- typified by charging countries for ICANN membership instead of slightly increasing fees for commercial vendors in order to support the ccTLDs for free -- shows that ICANN doesn't understand its constituency. Since ICANN's creation, people all over the world have been asking for a much broader selection of TLDs. ICANN responded by slowly creating a few new names that were supposed to be tightly controlled. ICANN then abandoned that control by failing to enforce the agreements that the new TLD administrators had promised to follow. Further, it has shown no interest in adding more useful names. ICANN doesn't plan to evaluate the success of the new TLDs for at least another year, though their failure is fairly obvious. There's been essentially no significant use of the new names. 3. Give the ccTLDs more say in the content of the DNS rootThe ccTLDs are the closest thing we have to names run by organizations (or rather, countries) that are responsible to regular people. Regardless of arguments over the state of democracy in the world, countries are more representative of the masses than are corporations. Countries should have a greater say in how country-related names appear in the DNS root. ICANN has been a terrible conduit for organizing countries. Fortunately, countries already have a long-standing, stable organization for which they have respect: the United Nations (UN). For all of its faults, the UN has proven stable and useful, and is certainly more widely recognized than ICANN. Given the massive problems that the UN has dealt with in the past 50 years, naming countries in the DNS root will be a minor task. The UN even has a political/technical affiliate that would be happy to take over the job: the International Telecommunication Union (ITU), which is a specialized agency of the UN's Economic and Social Council. While the ITU isn't well regarded in Internet circles, it's already internationally recognized because the ITU administers country-code numbers for the telephone system. The organization knows how to deal with international politics in the technical arena, and even has the legal right to do so. What's more, countries already have representatives in the ITU. In the past few years, the ITU has begun to understand the importance of the Internet and the problem of naming countries, possibly better than ICANN. Each country would continue to have control over its own ccTLD name. Further, a majority of the ccTLD body should be able to overrule any new TLDs added to the DNS root. For example, if an American company wanted to control a new TLD ".china", or if the government of China wanted to control a new TLD ".usa", the ccTLD body would most likely prevent those new names from being delegated. 4. Set up a TLD SecretariatWe've tried running the DNS root with a large, ponderous committee that lacks focus. Let's learn from the experiment, and return authority over the root zone to a single person who is trusted and respected by the main constituencies (the root server operators and the people of the world). A new TLD Secretariat would resemble the long-standing system that was in place before ICANN. The TLD Secretariat could easily be a single person. Her or his allegiance would be first to the root server operators, then to the ccTLDs, and lastly to the gTLDs. A stable, well-respected, international Internet organization would appoint the TLD Secretariat. While there are benefits to having the ITU organize the ccTLD administrators, it would be completely unsuited selecting the TLD Secretariat because it isn't well regarded in the Internet community or by the root server operators. The Internet Society (ISOC) would be a much better choice. Given ICANN's current penchant for secrecy and closed meetings, the new TLD Secretariat will have a harder time gaining the world's trust. Fortunately, it wouldn't be difficult to make all correspondence to and from the TLD Secretariat a matter of public record. Although this might initially cause some consternation for the commercial registries that have benefited from ICANN's methods, it will build trust in the system. 5. Add 25 new TLDs every six monthsICANN's failure to introduce a significant number of useful TLDs has led to speculation that there is no market for new TLDs. It's true that names in the new TLDs are barely being used, and that the vast majority of registrations in the new TLDs are to name-squatters. However, remember that ICANN saddled the new TLDs with rules that ICANN now doesn't enforce, and also restricted users to a small number of names. A TLD Secretariat could radically change this situation without much effort or politics. After the TLD Secretariat was in place, there would be an auction every six months. Everyone who wanted to own or manage a new gTLD (and was technically qualified to do so) would send an application for a particular name with a check to the TLD Secretariat. All checks would be validated. At a pre-defined date, the checks would be sorted by value and the name associated with each one of the biggest checks would be matched against the existing TLDs and the newly won names. The list would be approved by the ccTLD administration, and if the ccTLD administration removes some from the list, additional names will selected so that the result was a total of 25 new gTLDs were added. The minimum bid would be US$10,000 to make sure that the costs of running the auction don't become higher than the value of the new TLDs, and the winners would have to show that they could properly run the name servers for the new gTLD. The process of choosing the names would be completely open to observation, and decisions made by the TLD Secretariat would be simple and nonpolitical. On the date of the auction, all of the applications (not just the successful ones) would be published. The TLD Secretariat would give a monopoly on the name for 25 years from the date of auction. There are no rules on what the new gTLD owner can or cannot do with the TLD other than that they must properly run five geographically and topologically distributed name servers for the TLD. The name owner would be able to use registrars in a fashion similar to the gTLDs today, or they could manage the registration themselves. Just as with current second-level domains, each TLD name owner would have a monopoly on the name, although there would be nothing preventing someone else from getting similar name if they wanted to pay for it. (Getting ".coolname" would not prohibit someone else from getting ".cool-name" or ".koolname".) Also like current second-level domains, the monopoly would come with no strings attached. Each owner could run the business part of the TLD as well or as poorly as he or she wanted, as long as they ran the technical part adequately. ICANN has paid lip service to the idea that the business part of the new TLDs must be run well. However, it has consistently failed to impose any sanctions for the obvious transgressions on the part of gTLD operators. For example, the .name TLD has lots of registrations for domains that are obviously not personal names (such as "a.funny.name"), and registrations by people who don't have that name (look at the registrations for almost any famous person's name). Because of this, the TLD Secretariat would offer no customer service protections. As with most services in the commercial world, people who bought names from the new gTLD owners would have to enforce the rules through their local or national court systems. In fact, a new gTLD owner wouldn't even have to let anyone register under it. If someone were to pay a lot of money for a vanity gTLD that only he or she could use, that would be just fine. Allowing for such situations wouldn't reduce the stability of the DNS root, and trying to force a gTLD owner to allow registration under the gTLD without any good enforcement mechanism would lead to the silly situations that ICANN is currently fostering. Of course, the fact that only the 25 highest bidders will get names will probably reduce the number of successful vanity bids because most gTLD owners would want to sell names in order to recoup purchase costs. Initial auctions would probably raise US$millions, which is obviously more than enough funding for the TLD Secretariat. The auction income would first create an endowment that would keep the TLD Secretariat and IANA staffed for at least 25 years. If there were profit beyond those needs, and it's extremely likely there would be, the rest could go toward research in global DNS management and technologies, and development of the next generations of Internet naming services. At some point, people won't want to own new gTLDs. The auction process should be publicly re-evaluated after five years. (Why not sooner? ICANN's constant re-evaluation process is one of the major causes of its inability to move forward. Stability is a much more important goal.) After the auctions have stopped, if they ever do, the TLD Secretariat would continue to do maintenance, research, and writing. Remember that the TLD Secretariat is also responsible for handling name changes and additions for the ccTLDs, and those countries will be around for a lot longer than 25 years. Given that the TLD Secretariat-issued contracts are for 25 years, the office will need to be around for a very long time by Internet standards. 6. Let the current gTLDs continue as-isDespite the general animosity toward many of the current gTLD owners, there is no clear way to re-allocate the names over which they have a monopoly. They should retain their names for the next 25 years under terms similar to ICANN's, except that they wouldn't have to pay the TLD Secretariat. True, this would reward some companies that have shown incredible greed and incompetence, but there's no reasonable way to reapportion the names without falling into a hopeless pit of legalities. Oh, well. It should be noted that some people are so upset about the current gTLD owners that they would spend years trying to wrest control of the current gTLDs away from them. While such fights may be personally fulfilling, they would not build more stability into the DNS root and make more names available to the people of the world. Stability for everyone is much more important than personal satisfaction. One huge difference between the current gTLD owners and the proposed new gTLD owners is that the current owners would have to continue the registration procedures that they agreed upon with ICANN. If the current owners did not live up to that agreement, the TLD Secretariat would simply open their gTLD names for bidding in the next auction. This way, the registrar community that has built up around the current gTLDs would continue to exist (and possibly grow, if the new gTLD owners want to use registrars), and the gTLD owners would gain money that they aren't paying to ICANN. 7. Let the ASO run itselfOriginally, many of us who formed ICANN thought that it would be able to focus on multiple technical topics simultaneously. We were grievously mistaken. ICANN as a group has never fully grasped the goals or problems of the three regional Internet registries (RIRs), such as IP route table growth, address allocation policies, and so on. (An excellent overview of the RIRs can be found in the December 2001 issue of the Internet Protocol Journal.) The three RIRs that make up ICANN's Address Supporting Organization -- Réseaux IP Européens (RIPE), Asia Pacific Network Information Center (APNIC), and American Registry for Internet Numbers (ARIN) -- haven't gotten much, if anything, out of being organized by ICANN. They already have lots of formal cross-NIC ties, so nothing will be lost if there's no ASO in ICANN. These are mature, well-run organizations; they'll form their own independent group with their own leadership if need be. Saddling them with the ICANN mess won't help them, nor will it help the Internet deal with IP address allocation issues, nor will it help the stability of the DNS root. 8. Let the PSO run itselfSimilarly, the organizations in ICANN's Protocol Supporting Organization -- Internet Engineering Task Force (IETF), World Wide Web Consortium (W3C), International Telecommunications Union (ITU), and European Telecommunications Standards Institute (ETSI) -- haven't gained much value, if any, from being organized by ICANN. These groups already have lots of cross-organization ties and official liaisons, so nothing will be lost for them if there's no PSO. 9. Stop perpetuating the hoax of Internet user "representation"Governmental representation requires reasonably accurate voter registration and solid measures against cheating in the elections. People who understand the Internet and security know that it's impossible to accurately register human Internet users if there's much incentive for false registration. Election fraud would also be trivial; even if votes couldn't be forged, denial-of-service attacks in electronic elections are much easier to carry out than in physical elections. Preventing registration and election fraud for an international online election with hundreds of millions of potential voters would easily cost US$billions. As Harald Alvestrand points out in his excellent essay on ICANN reform:
Many of us wanted to believe that elections were possible, but we now know that if there were more than a few tens of millions of eligible voters, such elections would be a security nightmare. It's cruel to tell Internet users who don't fully understand security concerns that they should be represented in Internet governance, and then later say "we couldn't figure out a way to hold the elections." Of course users wills be frustrated and angry, particularly if they cannot understand why it's so much harder to hold elections on the Internet than it is face to face. Internet users don't need direct representation in the TLD naming process. Instead, they need venues for learning about, and affecting, their own governments' regulation of the Internet. Let's face it, gTLD names are far less important than content suppression and restricting Internet access to certain groups of people. Getting Internet users to focus on ICANN because it was the only game in town has done a disservice to those users, particularly when it became clear that ICANN elections for end-user representatives would either cost hundreds of times of ICANN's budget or would be easy targets for fraud. The good news is that there are growing venues for Internet users to learn and become active about important Internet issues. The At-Large Membership Study Committee did an admirable job in looking at what the concerns of Internet users would be if they could elect representatives to ICANN, or more likely, some other Internet governance body. Lots of the information they gathered is probably more relevant outside than inside ICANN. Recently, the Internet Society (ISOC) has made its individual membership free and has increased the value and power of its local chapters. ISOC represents the best chance for individuals throughout the world to listen and be heard on the important topics that affect the Internet. 10. Let ICANN gracefully shut down as soon as the TLD Secretariat is operationalThe folks at ICANN know that they have a thankless job, they hear it from a zillion people every day. They can see how little they've accomplished over the past three years, even though many of them have worked incredibly hard during that time. Why force this group through a major overhaul of the ICANN structure when the evidence suggests that two years from now we'd still have as little to show for it? As soon as the TLD Secretariat is set up, ICANN can start to shut down. As that happens, the less civil participants may try to make ICANN leadership feel bad about the somewhat tortuous experiment, or to make them look bad in public. The heightened level of animosity and competitiveness in the ICANN process can be addictive to those involved, and old disputes may be hard to give up. However, neither of the real goals here (stability of the DNS root and usefulness to the people of the world) would be served by giving ICANN staff or board members another kick on the way out the door. Let's be civil, and begin to clean up the mess that all of us have helped make.
|