in response to NTIA on IANA functions

August 2nd, 2011 by kc

In response to the U.S. National Telecommunications and Information Administration’s recent Further Notice of Inquiry on the Internet Assigned Names and Numbers Authority (IANA) Functions [Docket No. 110207099-1319-0], I submitted the following comment:

In response to Question (5), Provision C.2.2.1.3.2 Responsibility and Respect for Stakeholders, the public comments posted so far (19:28PM 29 July 2011) demonstrate the need for language similar to that proposed. Several of the commenters, including the ccNSO, believe that “global consensus” and “public interest” are already in the evaluation criteria for new gTLDs, and so do not need to be called out explicitly in the IANA contract. Other commenters, including ICANN itself, insist that these are not requirements for a new gTLD, a damning admission given that the Affirmation of Commitments clearly states the commitment to: “(a) ensure that decisions made related to the global technical coordination of the DNS are made in the public interest and are accountable and transparent”.

That stakeholders do not even agree to what has been agreed is another symptom of failure of ICANN’s process. ICANN Board member George Sadowsky noted this failure in his dissent to ICANN’s gTLD expansion decision, acknowledging that ICANN never fulfilled its obligation to complete the multi-stakeholder deliberation process, choosing instead to unilaterally declare the process over, amidst a wide range of unresolved objections and concerns. This strategy is reminiscent of Kurt Pritz’s (ICANN’s top staffer on the gTLD launch) admission in 2010 that the “intensive bottom-up multistakeholder deliberation” really amounts to “a lot of comment and noise…we iterate.. and over time..we get to a place where there is either consensus or people are worn out and we launch.” This self-declared ICANN strategy is an offense to the spirit of the Affirmation of Commitments.

In response, Provision C.2.2.1.3.2 is a valiant attempt by NTIA to recover some oversight capability in the face of ICANN’s failure to meet this Commitment. ICANN had every public interest justification, including an obligation as well as opportunity with .XXX to demonstrate accountable policy development, to delay the new generic TLD program until many of these concerns were resolved, including independent peer-reviewed research demonstrating that it would not be antagonistic to the technical and economic security and stability of the Internet. That ICANN chose to relinquish this responsibility puts the U.S. government in the awkward position of trying to tighten the few inadequate controls that remain over ICANN. Use of the IANA contract for this purpose is admittedly awkward and marginal at best, as some have pointed out, but it is the best NTIA can do in the current circumstances. The public comments, aside from those written by stakeholders that stand to gain financially from ICANN’s haste (which includes ICANN itself and its recently departed Chairman) are dominated by concerns that NTIA is trying to address in this provision.

(The concern that the proposed provision might subject IANA to lobbyists trying to influence the process is particularly suspicious in light of the industry lobbying that caused the gTLD program to exist in the first place.)

In response to Question (9), Section C.4 on “Performance Standards Metric Requirements” could use more detail.

In C.4.2, what specifically is to be tracked by the “dashboard to track the process flow for root zone management”, and who is to have access, and how?

In C.4.3, there is some awkward sweeping wording. What “developed performance standards and metrics” are meant? Many provisions in C.2 do not have any “developed performance standards and metrics”, to my knowledge, so additional detail is needed. Discussion of metrics and measurements to gauge root zone integrity and performance has occurred in various workshop settings for a couple of years now, but little progress has been documented. Thus, this section of the SOW should include the capability to iterate reporting requirements each year based on formal structured feedback from the operations and research communities, e.g., dedicated annual workshops focused on the reports.

With respect to specific reporting on global IPv6 and DNSSEC deployment, these are important transitions that merit data collection and analysis, but IANA is not necessarily in the best position to measure them. IANA can measure some indications of these capabilities in root servers and TLDs, and should publish what they measure, but comprehensive tracking of IPv6 and DNSSEC evolution is likely going to have to be funded by interested governments.


[Disclosure: Dr. Claffy leads Internet research projects funded by the Department of Homeland Security and the National Science Foundation. She also serves on two advisory committees to ICANN: the Security and Stability and Root Server System Advisory Committees. These opinions are informed by her experiences serving on these committees, in particular by the committee’s failed attempts to demonstrate that the proposed gTLD expansion would not be antagonistic to the technical and economic security and stability of the Internet. Her objection to the SSAC report on this issue is available in the blog entry “thoughts on ICANN’s plans to expand the DNS root zone by orders of magnitude” ]

Leave a Reply