Latest news of the domain name industry

Recent Posts

US raises ITU bogeyman as Chehade pushes for exit

Kevin Murphy, October 22, 2013, Domain Policy

ICANN CEO Fadi Chehade and a US ambassador today both talked up the multistakeholder model as a cure to concerns about PRISM and related surveillance programs.

But the US warned against using the spying scandal to push internet governance into the hands of “centralized intergovernmental control”, which I’m taking to mean the International Telecommunications Union.

Chehade and Ambassador Danny Sepulveda, US coordinator for international communications and information policy, were speaking at the opening ceremony of the Internet Governance Forum in Bali, Indonesia.

Chehade went first, telling the audience that ICANN plans to set up legal structures in other countries in addition to the US, following on from the three-hub strategy he put in place earlier this year.

It’s part of his effort to internationalize ICANN, he said.

“While we are a California corporation today there is nothing that precludes us from being also, in addition to that, a legal organization in other places, and we intend to do that in order to make ICANN a more international organization,” he said.

He went on to say something that could be interpreted as his intention to get rid of or renegotiate the Affirmation of Commitments with the US government:

We also believe our commitment to the world should be indeed to the world and not to any particular stakeholder, and we will work towards that and change that.

Minutes later, Sepulveda took the stage to more or less agree with Chehade — at least at a high level — whilst simultaneously warning about too much governmental control over the internet.

He said:

The internet today is no more any one country’s than any others. It is no more any one stakeholder’s than any others.

We support an open dialogue on the modernization and evolution of the multistakeholder system that enables the operation of the global internet. Bottom-up, inclusive, cooperative efforts to empower users and enable innovation, free from arbitrary government control, is what the US has been pulling for all along.

He directly addressed the Montevideo declaration, which I wrote about earlier today, which he said was a call “to modernize the internet’s governing system and make it more inclusive”.

The declaration, he said, “should be seen as an opportunity to seek that broad inclusion and for organizing multistakeholder responses to outstanding internet issues”.

“We must work together with these organizations, in good faith, on these important issues,” he said.

“We should however guard against recent arguments for centralized intergovernmental control of the internet that have used recent news stories about intelligence programs for their justification,” he said.

This seems to be a reference to the ITU, the standard US bogeyman when it comes to control over ICANN.

Watch Chehade’s speech here, then fast forward to 1:25 to hear Sepulveda’s response.

ICANN using PRISM as excuse to break from the US

Kevin Murphy, October 22, 2013, Domain Policy

ICANN CEO Fadi Chehade, with backing from government leaders, is using the recent revelations about the PRISM mass surveillance program to try to speed up ICANN’s split from the US.

Speaking to an American radio station, Chehade said yesterday:

I think the current role the United States has with ICANN was always envisaged to change. The timing of that was the question — not if, it was just when. I think now it is clear that we need to talk about changing that role and evolving it to become a more global role where all stakeholders, not just governments, have an equal footing in the governance of the Internet. So the timing has been put into clear focus right now, that is what’s happening.

He was speaking from the latest Internet Governance Forum in Bali, where today he reiterated his calls for “all governments and all stakeholders” to work together “on equal footing”.

Similar rhetoric has been dribbling out of ICANN for the last couple of weeks.

Earlier this month, Chehade met in Montevideo, Uruguay, with the leaders of the five Regional Internet Registries, the World Wide Web Consortium, the IETF, ISOC and the IAB to discuss “current issues affecting the future of the Internet.”

They came out with the Montevideo Declaration, which states in part:

They reinforced the importance of globally coherent Internet operations, and warned against Internet fragmentation at a national level. They expressed strong concern over the undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance.

They identified the need for ongoing effort to address Internet Governance challenges, and agreed to catalyze community-wide efforts towards the evolution of global multistakeholder Internet cooperation.

They called for accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing.

The first and third paragraphs, taken together, suggested that ICANN was yet again ready to start talking about casting off the US government’s special oversight role, and that it would use Edward Snowden’s PRISM revelations as a way back into the conversation.

Milton Mueller of the Internet Governance Project first blogged about this, talking about ICANN “abandoning the US government”, prompting much media speculation about America’s future role in internet governance.

Chehade has been on the road, it seems, since Montevideo, first stopping off in Brazil to lend his encouragement to President Dilma Rousseff’s proposal for an April 2014 conference to discuss internet governance in light of the Snowden revelations.

Rousseff herself was targeted by the NSA and has become one of the most vocal government leaders in criticizing the US spy programs.

Lately it seems Chehade has been in India, where he told the Economic Times:

When any government decides to use a resource like the internet in ways that erodes the public trust, it is very regrettable. I feel like I’m the public trustee of the internet. All of us should be equal stewards of the public trust.

So when any one takes it away, it distresses all of us. It is not just by the recent revelations about PRISM, but there are other revelations that are coming out as well. Countries are employing millions of people to track the movements of their fellow citizens.

I would argue that the recent developments have emboldened people to make sure all stakeholders are participating on equal footing, including all governments.

All of this posturing raises a few basic questions, the first of which is: what does PRISM have to do with ICANN?

The answer, it seems, is “nothing”.

The PRISM revelations have implicated the likes of Google, Microsoft and Facebook — all apparently cooperating with the NSA’s mass gathering of data on civilian internet users — but no domain name players.

If the Guardian were to report tomorrow that major infrastructure players such as Verisign or Go Daddy were also involved, I would not be in the least surprised, but so far I have yet to see a connection between the domain name business and NSA spying.

In that light, if ICANN were to sever its special relationship with the US, there would be presumably no impact whatsoever on PRISM or any other surveillance program.

Chehade’s current campaign therefore seems to be politically opportunistic at best and a distraction from the underlying problem of US human rights violations at worst.

But what is meant when people speak of “splitting from the US” anyway?

It seems to me there are three important areas where the US government has undue power over ICANN: jurisdiction, the Affirmation of Commitments and the IANA contract.

ICANN is based in California and subject to US federal law. While that continues to be the case, it will always be subject to the possibility of having its work thwarted by a US court or spurious lawsuit.

It also hampers ICANN’s ability to do business with some nations unencumbered by US trade embargoes, though ICANN is usually able to secure the requisite licenses when it needs to.

It’s also always going to be at risk of being hauled over the coals by Congress every couple of years, due to lobbying by US special interest groups, which interferes with its credibility as a global organization.

ICANN has already started setting up shop in other parts of the world. New “hub” offices in Istanbul and Singapore are being characterized as being on equal footing with the LA headquarters.

But that characterization seems disingenuous.

The Affirmation of Commitments, signed by the US Department of Commerce and former ICANN CEO Rod Beckstrom in 2009 and largely negotiated under his predecessor Paul Twomey, is one of ICANN’s principal governing documents.

One of ICANN’s commitments under the AoC is to “remain a not for profit corporation, headquartered in the United States of America with offices around the world to meet the needs of a global community”.

Being US-based is baked into ICANN’s governance. If the US has to go, the AoC has to go, which means all the other accountability and review obligations in the AoC also have to go.

The third prong of US control is the IANA contract and the trilateral relationship between ICANN, Verisign and the US National Telecommunications and Information Administration.

The NTIA, essentially, controls the DNS root. Verisign actually manages the boxes it runs on, but it only makes changes — such as adding new gTLDs or redelegating ccTLDs to new registries — with NTIA authorization. That authorization, in turn, is basically a rubber stamp on an IANA/ICANN recommendation.

To the best of my knowledge, NTIA has never abused its authority to overrule an ICANN determination, or pressured ICANN into making a US-friendly recommendation.

But the process by which ICANN recommends changes to the root is pretty opaque.

I have to wonder why, for example, it took two years for Iran’s IDN ccTLD to get approved by ICANN’s board. Only the lack of any outcry from Iran suggests to me that the delay was benign.

When ICANN was founded in 1998, the original plan was for control of the root to enter ICANN’s hands before the end of the Clinton administration (ie 2000), but over the years that plan has been abandoned by the US.

The IANA contract was put up for renewal in 2011 — with a strict provision that only US-based organizations were able to apply — and then-CEO Beckstrom also pushed for more ICANN independence.

In 2011, Beckstrom was making many of the same noises Chehade is today, saying that the IANA function should be a looser “cooperative agreement” rather than a US procurement contract.

In March that year, calling for such an agreement he said at ICANN’s San Francisco meeting:

When all voices are heard, no single voice can dominate an organization – not even governments. Not even the government that facilitated its creation.

The NTIA’s response was, basically, to give Beckstrom the finger.

It said in June 2011 that it “does not have the legal authority” to do what was asked of it, then produced an IANA contract that gave itself and governments in general much greater powers to micromanage ICANN.

After delays, rejections and giving ICANN the general runaround, the NTIA finally signed off on its new IANA contract in July last year, on the final day of Beckstrom’s tenure as CEO.

It lasts until September 30, 2015, with two two-year renewals options.

If Chehade wants to unshackle ICANN from the US, the IANA contract will have to be a cornerstone of that project.

But NTIA’s past performance makes that possibility seem unlikely, unless Chehade can rally enough political pressure from the likes of Brazil and India to change his own government’s mind.

He faces an uphill battle, in other words, and at the end of the day whether breaking from the US government would be a good thing or not depends entirely on what, if anything, replaces it.

Whatever happens, let’s not pretend that ICANN’s independence has anything to do with PRISM, and let’s not allow ICANN to distract us from the wholesale violations of our rights that the US government is perpetrating.

New gTLD delegations probably not delayed by US government shutdown

Kevin Murphy, September 30, 2013, Domain Policy

If the US government shuts down tonight, would that delay the delegation of new gTLDs?

Probably not, from what I gather.

For reasons beyond the ken of most sane people*, the US legislature is currently deadlocked on a bill that would provide the funds to keep the executive wing of the government running.

It’s looking increasingly likely that the government is to shut down.

That’s a big deal for a whole range of important reasons, obviously, but it also has implications for new gTLD applicants.

The DNS root zone belongs to the US government, remember.

It’s managed by Verisign and ICANN’s IANA department suggests appropriate changes, but without USG the tripartite relationship that enables new TLDs to be delegated falls apart.

Without the NTIA in the mix, ICANN can make all the root zone change requests it wants and Verisign lacks the authority to execute them.

So there’s a reason to be worried if you’re a new gTLD applicant. If the National Telecommunications and Information Administration is out of the office for an indeterminate period, you may be looking at more delays.

However, it looks like the NTIA may have got that covered.

According to the Department of Commerce’s “Plan for Orderly Shutdown Due to Lapse of Congressional Appropriations”, (pdf) a “Telecomm. Policy Specialist”, tasked with “Emergency protection of internet management (ICANN)” is on the list of “Excepted Positions”.

I gather that this means that there’s going to be an NTIA person working during any possible shutdown to manage root zone changes, including gTLD delegations.

* It’s been several years since I lived in the States, and my grasp of the nuance of American political life has waned accordingly, but I gather the shutdown is somehow related to protecting insurance companies’ profit margins. Or defending the constitutional right to get better healthcare than people poorer than yourself. Something like that.

No, ICANN isn’t moving to Switzerland

Kevin Murphy, September 6, 2013, Domain Policy

There’s a rumor going around this morning that ICANN is planning to up sticks from its US base in California and become subject to Swiss jurisdiction instead.

While this would be a huge change for ICANN, which has been tethered to the US government since its formation in 1998, it’s almost certainly not what’s happening.

The rumor emerged following CEO Fadi Chehade’s speech at the Asia Pacific Regional Internet Governance Forum in Korea yesterday, during which he talked about setting up a “legal structure” in Switzerland.

Addressing long-standing criticisms that ICANN is too US-centric, he discussed the recent creation of “hub” offices in Istanbul and Singapore, then said:

You heard me announce recently in Durban that ICANN, for the first time, is setting up a legal structure in Switzerland. That means that ICANN is going to seek to become an international organization that is serving the world, not just as a private corporation in California. These are important fundamental steps that we are exploring in order for ICANN to take a new global posture.

That ICANN wants a Swiss presence is not news. At the Durban meeting in July Chehade said publicly that ICANN had opened an “engagement center” in Geneva, headed by his senior adviser Tarek Kamel.

But the version of the Chehade quote doing the rounds on mailing lists today capitalizes “International Organization”, which arguably changes the meaning and makes his remarks seem more profound.

A capitalized “International Organization” can mean one of two legal structures: either an International Non-Governmental Organization or an Intergovernmental Organization.

That would, indeed, imply a change of jurisdiction. ICANN is currently, legally, a California non-profit corporation.

However, if Chehade just said “international organization” with no implied upper-case letters, it just means it’s an organization with offices and legal entities internationally.

I think this is closer to the truth, and so do People In A Position To Know whom I’ve run this by this morning.

It’s important to note that ICANN’s Affirmation of Commitments with the US government forces it to stay headquartered in the US:

ICANN affirms its commitments to: … remain a not for profit corporation, headquartered in the United States of America with offices around the world to meet the needs of a global community;

While Chehade has expansionist plans on a scale beyond any of his predecessors, it seems unlikely that these include breaking the AoC, incurring the wrath of the US government.

UPDATE: ICANN has provided DI with the following statement:

ICANN is not currently planning to set up a headquarters office in Switzerland. We will have an engagement center in Geneva, along with others scattered around the world but our three main hubs, as Fadi has previously announced, will be in L.A., Istanbul and Singapore.

NTIA alarmed as Verisign hints that it will not delegate new gTLDs

Kevin Murphy, August 5, 2013, Domain Tech

Verisign has escalated its war against competition by telling its government masters that it is not ready to add new gTLDs to the DNS root, raising eyebrows at NTIA.

The company told the US National Telecommunications and Information Administration in late May that the lack of uniform monitoring across the 13 root servers means it would put internet security and stability at risk to start delegating new gTLDs now.

In response, the NTIA told Verisign that its recent position on DNS security is “troubling”. It demanded confirmation that Verisign is not planning to block new gTLDs from being delegated.

The letters (pdf and pdf) were published by ICANN over the weekend, over two months after the first was sent.

Verisign senior VP Pat Kane wrote in the May letter:

we strongly believe certain issues have not been addressed and must be addressed before any root zone managers, including Verisign, are ready to implement the new gTLD Program.

We want to be clearly on record as reporting out this critical information to NTIA unequivocally as we believe a complete assessment of the critical issues remain unaddressed which left unremediated could jeopardize the security and stability of the DNS.

we strongly recommend that the previous advice related to this topic be implemented and the capability for root server system monitoring, instrumentation, and management capabilities be developed and operationalized prior to beginning delegations.

Kane’s concerns were first outlined by Verisign in its March 2013 open letter to ICANN, which also expressed serious worries about issues such as internal name collisions.

Verisign is so far the only root server operator to publicly express concerns about the lacking of coordinated monitoring, and many people believe that the company is simply desperately trying to delay competition for its $800 million .com business for as long as possible.

These people note that in early November 2012, Verisign signed a joint letter with ICANN and NTIA that said:

the Root Zone Partners are able to process at least 100 new TLDs per week and will commit the necessary resources to meet all root zone management volume increases associated with the new gTLD program

That letter was signed before NTIA stripped Verisign of its right to increase .com prices every year, depriving it of tens or hundreds of millions of dollars of additional revenue.

Some say that Verisign is raising spurious security concerns now purely because it’s worried about its bottom line.

NTIA is beginning to sound like one of these critics. In its response to the May 30 letter, sent by NTIA and published by ICANN on Saturday, deputy associate administrator Vernita Harris wrote:

NTIA and VeriSign have historically had a strong working relationship, but inconsistencies in VeriSign’s position in recent months are troubling… NTIA fully expects VeriSign to process change requests when it receives an authorization to delegate a new gTLD. So that there will be no doubt on this point, please provide me a written confirmation no later than August 16, 2013 that VeriSign will process change requests for the new gTLD program when authorized to delegate a new gTLD.

Harris said that a system is already in place that would allow the emergency rollback of the root zone, basically ‘un-delegating’ any gTLD that proves to cause a security or stability problem.

This would be “sufficient for the delegation of new gTLDs”, she wrote.

Could Verisign block new gTLDs?

It’s worth a reminder at this point that ICANN’s power over the DNS root is something of a facade.

Verisign, as operator of the master A root server, holds the technical keys to the kingdom. Under its NTIA contract, it only processes changes to the root — such as adding a TLD — when NTIA tells it to.

NTIA in practice merely passes on the recommendations of IANA, the department within ICANN that has the power to ask for changes to the root zone, also under contract with NTIA.

Verisign or NTIA in theory could refuse to delegate new gTLDs — recall that when .xxx was heading to the root the European Union asked NTIA to delay the delegation.

In practice, it seems unlikely that either party would stand in the way of new gTLDs at the root, but the Verisign rhetoric in recent months suggests that it is in no mood to play nicely.

To refuse to delegate gTLDs out of commercial best interests would be seen as irresponsible, however, and would likely put its role as custodian of the root at risk.

That said, if Verisign turns out to be the lone voice of sanity when it comes to DNS security, it is ICANN and NTIA that will ultimately look like they’re the irresponsible parties.

What’s next?

Verisign now has until August 16 to confirm that it will not make trouble. I expect it to do so under protest.

According to the NTIA, ICANN’s Root Server Stability Advisory Committee is currently working on two documents — RSSAC001 and RSSAC002 — that will outline “the parameters of the basis of an early warning system” that will address Verisign’s concerns about root server management.

These documents are likely to be published within weeks, according to the NTIA letter.

Meanwhile, we’re also waiting for the publication of Interisle Consulting’s independent report into the internal name collision issue, which is expected to recommend that gTLDs such as .corp and .home are put on hold. I’m expecting this to be published any day now.