[CCWG-ACCT] The Internet's design and ICANN responsibility (was Re: GPI)
ajs at anvilwalrusden.com
Sat Jan 2 21:19:32 UTC 2016
On Sat, Jan 02, 2016 at 07:47:31AM +0000, Mueller, Milton L wrote:
> The Internet and particularly the DNS is a global infrastructure.
>In this context, there is a global Internet-using public and DNS
>governance should reflect and respond to this globalized community,
>not a collection of national communities with their own distinct and
>possibly incompatible notion of what is in the public interest.
I don't think that Milton and I really disagree about this, but I'd
like to draw out a point. This point is why I believe it to be
important that ICANN's role be clearly limited. The limitation is
based on the fundamental design of the Internet. Those who do not
accept this sort of limitation are, in effect, arguing for something
other than the Internet. I apologise that this is long, but I thought
it more important to be explicit.
Both the Internet and the DNS are at once global and local. The
nature of internetworking means that the global Internet is built only
of other (inter)networks. Similarly, we usually think of the DNS as a
tree structure and we often emphasise the common root as a result.
But we can think if it another way: the DNS is made up of a collection
of zones operated mostly independently from one another. The Internet
is a radically distributed system: almost all of the technical
operation is undertaken without any direct co-ordination with anyone,
performed by an enormous number of independent operators. This means
that interoperation is fundamentally a voluntary thing. In your
network, you make your rules, and there is no stick (outside of
national law) to make you interoperate with others. Instead, there is
only the carrot: if you interoperate, you get the benefits of that
interoperation. This is the near-magic that is the functioning of the
It turns out that the magic is made a little easier if we have a
minimal amount of central co-ordination. In principle, you could do
this some other way, but this is how we do it now. IANA's job is the
So, to allow packets to go from one network to another, it's necessary
to be able to tell one another what network you're operating (that's
how routing works -- BGP announcements do this). And in order that,
when you say, "I'm running this network," everyone else needs to know
what "this network" means. The way we do that is a common number
space, and to have a common number space it is convenient to have a
registry of the source of commonality, and IANA does it.
Similarly, to make it easy for the various networks to connect to one
another in a reliable way, they can use common protocols set up in a
particular way. To know how to set up the protocols, it's convenient
to have a single place to look up the settings. Keeping the list of
those settings -- the protocol parameters -- is another IANA job.
Finally, names that are assigned locally won't be any use to those on
other networks unless the other network users know how to get to those
names. To know how to do that, it is convenient to have a place to
start looking. Mathematically, a way to do that (and one that is not
too hard to implement in computers) is a tree structure, which by
definition starts from a common root. That common root is IANA's job.
This job turns out to be special, too, because while the other two
registry types have a well-defined policy source, the policy source
for the root zone turns out to be ICANN as well. This fact is (I
guess we all know) how we got into the current controversy.
But notice that the DNS itself is a matter of convenience. We _could_
have other naming systems on the Internet. There are peer-to-peer
systems that have already been invented and are in fact deployed.
There are alternatives that have been proposed but turn out for
practical purposes to depend on the DNS anyway (e.g. the "handles"
system from DONA), but that need not. And so on.
Now, because of the nature of the Internet, which relies on all those
interconnected networks voluntarily interoperating, the convenience of
centralization is a trade-off. You trade a central point of control
(IANA) for the advantages of simplicity in protocol design,
implementation, and operation. But if the central control is too
great -- if, for instance, it starts trying to impose controls down
through the DNS tree, or it starts trying to demand strict
interconnection regimes along geopolitical lines, or whatever -- then
all the independent networks that are now gaining the benefit of easy
interoperation will get less "carrot" than they do today.
The Internet scales the way it does because the overwhelming majority
of interconnections from large ISPs are done with a handshake: I want
your packets and you want mine, and we peer. If the world decides to
make that hard, it changes the business models of all the ISPs.
Similarly, the domain name system is a terrible user experience,
really, and that's the reason we have so many hacks on it. But part
of the reason it scales so well is because the co-ordination ends at a
delegation point: the root zone delegates com to Verisign, and after
that has basically nothing to say about what happens inside com.
Similarly, Verisign delegates anvilwalrusden.com to me, and they don't
have anything to say about what I do in my zone.
If we start to chip away at that distributed operation by attempting
to use ICANN's policy conrtrol over the root zone to impose
regulations down the tree, we are attacking the model that has made
the Internet work at all. Moreover, we risk driving people away from
the domain name system into some other technology -- a change that
will certainly not happen overnight, and which will lead to
balkanization and damage to the system's usability.
So, I don't think "the global public interest", whatever that means,
does anything to help us to understand what ICANN should do. ICANN
should pay attention to its well-understood and needed functions. It
should not go adventuring out into global governance issues that
distract from that narrow set of responsibilities. And it should not
embrace language that distracts from the narrow responsibilities --
lest such language become an attractive nuisance that encourages
people to think ICANN has power it never has had and (given the design
of the Internet) can't get.
ajs at anvilwalrusden.com
More information about the Accountability-Cross-Community