Ukraine’s emotional plea to ICANN 73

A Ukrainian government representative has delivered a powerful speech at ICANN 73, calling on ICANN, the community, and the domain name industry to do more to help the war-ravaged country.

Speaking at the opening plenary session of ICANN’s Governmental Advisory Committee, Ukraine representative Andrii Nabok gave his personal account of coming under Russian fire at his home near Kyiv, and praised the “heroic” efforts of ISPs and local ccTLD registry Hostmaster in keeping the internet functional for many Ukrainians.

He went on to condemn the invasion in the strongest terms, calling the Russian Federation “the empire of evil, the terrorist state number one, the fascist of the 21st century”.

Nabok welcomed ICANN’s offer of $1 million to aid with connectivity, saying that Ukraine is in need of satellite terminals, but questioned ICANN’s decision to refuse the country’s request to disconnect .ru from the DNS root.

He went on to call for the domain industry to contribute to anti-Russian sanctions, and questioned whether it is still appropriate for ICANN to have a Russian as one of its DNSSEC “trusted community representative” key-holders.

His speech was followed by prepared expressions of solidarity from the UK, France, the European Union, Switzerland, Australia, the US, Canada, Burkina Faso, Argentina, and Burundi.

Russia took the floor briefly to say that it does not believe ICANN is a suitable forum to discuss “political issues”.

No government echoed Ukraine’s call for ICANN to use its DNS root management powers to sanction Russia, with most expressing support for the Org’s neutrality and the multi-stakeholder model.

I’m going to publish Nabok’s entire speech here, taken from the official transcript with only minor formatting edits. Recordings of the session can be found on its web page (registration required).

“One world, one Internet.” This slogan in our opinion is wonderful. Multistakeholder model, a community-based, consensus-driven approach to policymaking, this model is great. Ukraine admires both the slogan and this model. Ukraine believes both in this slogan and this model. The Ukrainian government showed its support for them in its numerous actions and statements before.

On February 24th at 5:00 am, my family woke up from explosions. We saw a little fire and smoke in the window. Our city near Kyiv was shelled by rockets. I cannot put into words the feeling when you have to explain to your seven-year-old daughter that we urgently need to leave home to save our lives. In a few minutes, my friends from all parts of Ukraine confirmed that there had been missile strikes in the whole country. At once, all the values you lived with yesterday cease to exist, and now the main task is to save our families, relatives, and friends.

So Russian missiles attacked Ukraine. Putin said it is a special military operation in the territory of independent country. Putin said the goal is demilitarization and denazification to ensure the security of Russia. Security of the largest country in the world with the most enormous nuclear potential seems to be defending itself against [inaudible] without nuclear weapons.

Logic has left our chat. Today is the 12th day of the war. Not some operation, but a war. A war in Europe, undeclared Russian war on Ukraine. It is the 12th day of Russian bombing in our peaceful Ukrainian cities and even villages, schools, kindergartens, maternity clinics, even nuclear stations. But Putin’s blitzkrieg became blitz failure. The whole world admires the courage of Ukrainian soldiers and civilians, on social media, in private messages, on TV. Unfortunately, thousand Ukrainians have been killed, including 38 children.

Millions of Ukrainians have been forced to leave their homes. Many of you sent us many words of support, sheltered us, and helped our army. Many thanks to you. Many of you understood that the real goal of Kremlin and Russian dictatorship is to destroy freedom, peace and human rights, right to life, right to dignity, right to freedom, and right to Internet.

Last year our team carried out a large state infrastructure project for deploying fiber optics networks in the most remote villages of our country. According to our last data, we had the highest level of coverage of high-capacity networks among all the European countries. About 97% of the Ukrainian population had the opportunity to connect to Internet based on fiber optic technologies.

Those settlements where the Russian army enters are cut off from the Internet. For example, in one of the villages where my relatives live, there are currently several thousand Russians. As soon as they captured the village, they immediately cut the optical cable and shot at the mobile operator’s base station with a machine gun. People are now cut off from the world.

Today is the 12th day of destroying Ukrainian Internet infrastructure by Russian bombs. Our heroic ISPs rebuild it under fire, risking their lives to save communications for people. Thanks to our heroic ISPs and Elon Musk’s support, people in bomb shelters still have a chance to know whether their relatives are safe or not, whether they are alive, or unfortunately, no more.

Our cybersecurity is also under threat. Thanks to heroic efforts, the .UA domain is stable. All services have been moved to backup positions and function independently from the Ukrainian infrastructure. Hostmaster LLC strengthened Anycast secondaries to prevent possible attacks on domain service.

“ICANN has been built to ensure that the Internet works, not for its coordination role to be used to stop it from working.”

I fully support these words of Göran Marby, ICANN CEO. But I would like to ask you, will it be okay for you if Internet is working for all except Ukrainians? Just because Russian assassins will kill Ukrainians. Of course, this is an apocalyptic scenario that will not be implemented. Ukrainians will not allow this. Ukraine has already received invaluable support from nearly all ICANN constituencies and at individual level. We are grateful for your help in strengthening the cybersecurity of .UA as well as other items of our critical infrastructure. We welcome the decision of ICANN Board to allocate an initial sum of 1 million US dollars to be used to provide financial assistance to support access to Internet infrastructure in emergency situations.

It will be great to spend a part of this sum to buy more Starlinks for Ukrainian Internet users. Of course, ICANN cannot close the sky over Ukraine, but I would like to ask all of you to appeal to your governments to protect Ukraine, and the infrastructure of the Internet for that matter, from the barbaric actions of Putin’s Russia. We fully support ICANN’s commitment to ensure a single and global Internet. Moreover, we have already asked to limit the Kremlin’s influence on our common free digital space since the national Russian peculiarities of Internet governance are known worldwide. Kremlin wants and will be happy to get the sovereign Internet, and they will get it by destroying “one world, one Internet” if we do not unite against such threats.

On March 11th, Russia will completely disconnect from the global Internet but the Russian representative will retain his role as one of the 12 holders of the DNSSEC root key. Are you serious? That is why we call on ICANN community, IANA, registrars and registries and the vendors who make the Internet free and available for everyone on the Earth to join the enforcement to the sanctions of the civilized world recently imposed on Kremlin, Russian companies and individuals. Do not allow them to use the Internet as a cyber battlefield against fundamental human rights and do not allow them to attack critical infrastructure for bloody warfare.

We also call on public and private entities to make steps in technological exodus from the Russian Federation, the empire of evil, the terrorist state number one, the fascist of 21st century. Last person out turns off the lights. I hope it will not be ICANN.

Thank you, dear community, for your support. We believe that you are also on the side of freedom and light.

ICANN extends Covid-19 abuse monitoring to Ukraine war

ICANN has started monitoring domains related to the war in Ukraine for potential abuse, expanding an ongoing project related to the Covid-19 pandemic.

CEO Göran Marby has during multiple sessions at ICANN 73 this week said that the Org will soon announce an extension of its DNSTICR project — pronounced “DNS Ticker” and standing for Domain Name Security Threat Information Collection & Reporting.

The plan is to alert registrars about Ukraine-related domain names being used to scam people or drop malware.

“There will be coming up more information about this very soon, but we have decided to also add names in relationship to the conflict in Ukraine,” Marby said during a session with the Commercial Stakeholders Group.

DNSTICR was launched in March 2020, when the pandemic was in full swing, to find new domains containing keywords such as “covid”, “pandemic” and “coronavirus”, and check them against domain abuse lists.

From May 2020 to August last year, it flagged 210,939 pandemic-related domains, and found that 3,791 of them were malicious with “high confidence”.

CTO John Crain said in a session on Monday: “There’s a lot of stuff in the press and some technical papers out there that show clearly that the bad guys, as always, have, once again, pivoted to whatever is happening in the world. So if we can do a little bit to help, we will.”

ICANN’s Ukraine relief may extend to Russians too

Russian domain name registrants affected by sanctions could benefit from ICANN’s relaxation of its renewal rules.

ICANN on Monday announced that it was classifying the war in Ukraine as an “extenuating circumstance” under the terms of its standard Registrar Accreditation Agreement.

This means that Ukrainians cut off from the internet due to the invasion could be cut some slack, at their registrar’s discretion, when it comes to renewing their gTLD domains.

But ICANN’s executive team was asked, during a session at ICANN 73 later that day, whether the same benefits could be extended to Russian registrants, perhaps unable to pay due to Western sanctions on payment systems.

Visa, Mastercard, American Express and Paypal are among those to restrict Russian accounts in recent days.

ICANN mostly ducked the question.

Co-deputy CEO Theresa Swinehart responded by deferring to the original blog post, and general counsel John Jeffrey followed up by quoting some of the post’s language:

“I think we’re clear in that the events in Ukraine and the surrounding region are now considered by ICANN to be an extending circumstance under the Registrar Accreditation Agreement, under 3.7.5.1,” he said.

The words “surrounding region”, found in the original post alongside “affected region” and “affected area”, seem to be key here.

They could just as easily refer to Russia as they could to places such as Poland and Hungary, which are currently accepting hundreds of thousands of Ukrainian refugees.

It seems the registrars may have the discretion here; ICANN was apparently in no hurry to provide clarity.

The exchange came during a 90-minute session in which ICANN’s executive team were peppered with community questions, many related to the war and how ICANN might be affected by US-imposed sanctions.

Execs said that ICANN would comply with any US laws related to sanctions but that so far it had not seen anything that would affect its ability to contract with Russian companies.

A question apparently related to whether ICANN was reviewing its relationships with law firms and banks that may be involved with Russian oligarchs, much like Tucows is doing, was ducked.

They were also asked how the $1 million ICANN at the weekend earmarked to help keep Ukraine online might be spent, and while CEO Göran Marby alluded to a broad request from Ukraine for satellite terminals, he said it had been less than a day since the resolution was passed and it was too early to say.

“We obviously will focus on what we can do that makes the maximum impact as close to our mission as we possibly can,” added Sally Costerton, senior VP of stakeholder engagement.

ICANN offers $1 million to Ukraine projects, supports Ukrainian registrants

ICANN has allocated $1 million to help protect internet access in war-torn Ukraine.

Its board of directors at the weekend voted to set aside the “initial sum” of money “to provide financial assistance to support access to Internet infrastructure in emergency situations.”

There’s an expectation that the cash will be spent “on support for maintaining Internet access for users within Ukraine”, where the Russian invasion is described as “tragic and profoundly troubling”, over the next few months, the board said.

It’s not clear yet exactly how the money will be spent, though something related to the keeping the DNS up and running would seem to be the most probable. The resolution calls for the CEO to develop a process to figure it out.

Ukraine’s ccTLD manager, Hostmaster, moved its servers into other European countries shortly after the invasion, and signed up to Cloudlflare’s DDoS protection service. It’s not clear whether it had to spend money on these moves.

ICANN’s million will come from its regular operating budget, not the stash it has set aside from its new gTLD auctions. The auction money will probably be spent on similar things eventually, but the process for allocating that is still being worked out in a committee.

ICANN also said this week that it is, as I and others suggested, exercising section 3.7.5.1 of its Registrar Accreditation Agreement to declare the invasion an “extenuating circumstance”, meaning Ukrainians who are unable to renew their domain name registrations before they expire may not lose them.

Registrars now have the option to keep these domains registered after their usual expiration date and ICANN will not send its Compliance enforcers after them.

“We encourage registrars and registries to support this action and take these circumstances into consideration when reviewing impacted registrants’ renewal delinquencies in affected regions,” ICANN said.

It’s the first time ICANN has exercised this power in connection with a human-made disaster. It previously invoked 3.7.5.1 in response to Hurricane Maria in Puerto Rico and worldwide in response to the Covid-19 pandemic.

Hostmaster itself has extended the redemption period for .ua domains from 30 to 60 days.

Here’s a way ICANN could actually help the people of Ukraine

ICANN may have today decided to decline Ukraine’s request for Russian and Belarusian top-level domains to be taken down, but there’s still at least one way it could do a little bit to help the country’s citizens.

ICANN has the power to help make sure Ukrainian registrants’ domain names don’t expire, which would render their email and web sites unusable if they are unable to access the internet to pay for renewals for an extended period.

The Org is able to waive the contractual requirement for registrars to cancel domains that have not been renewed, in the event of “extenuating circumstances”.

ICANN has used this power twice before. The first time when Hurricane Maria hit the Caribbean in 2017. The second was when the ongoing coronavirus pandemic hit the world in April 2020.

In both cases, ICANN invoked section 3.7.5.1 of the standard Registrar Accreditation Agreement and said the circumstances amounted to a “natural disaster”.

But there’s nothing in the RAA that limits “extenuating circumstances” to just “natural disasters”. The term “natural disasters” does not appear in the contract.

The contract says “other circumstance as approved specifically by ICANN” is a good enough reason to waive the deletion requirements.

It appears that ICANN can unilaterally decide whether the war in Ukraine is a sufficiently “extenuating circumstance” to give Ukrainian domain name owners a break when it comes to renewals.

ICANN says NO to Ukraine’s Big Ask

“ICANN has been built to ensure that the Internet works, not for its coordination role to be used to stop it from working.”

That’s ICANN’s response to Ukraine, which earlier this week asked for Russia to lose its top-level domains and IP addresses, to help prevent propaganda supporting its invasion of the country.

The request was arguably based on a misunderstanding of the extent of ICANN’s powers, and CEO Göran Marby says as much in his response last night (pdf) to Ukraine’s deputy prime minister Mykhailo Fedorov:

In our role as the technical coordinator of unique identifiers for the Internet, we take actions to ensure that the workings of the Internet are not politicized, and we have no sanction-levying authority

He goes on to warn about the “devastating and permanent effects” of ICANN suddenly deciding to take unilateral action against .ru, .рф and .su:

For country-code top-level domains, our work predominantly involves validating requests that come from authorized parties within the respective country or territory. The globally agreed policies do not provide for ICANN to take unilateral action to disconnect these domains as you request. You can understand why such a system cannot operate based on requests from one territory or country concerning internal operations within another territory or country. Such a change in the process would have devastating and permanent effects on the trust and utility of this global system.

He concludes:

Within our mission, we maintain neutrality and act in support of the global Internet. Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the Internet — regardless of the provocations. ICANN applies its policies consistently and in alignment with documented processes. To make unilateral changes would erode trust in the multistakeholder model and the policies designed to sustain global Internet interoperability.

The response is expected, and I believe broadly, if not unanimously, supported in the ICANN community.

In a line I wish I’d written, the Internet Society’s CEO Andrew Sullivan put it pretty succinctly in a blog post yesterday:

The idea of unplugging a country is as wrong when people want to do it to another country as it is when governments want to do it to their own.

And Sébastien Bachollet, chair of ICANN stakeholder group EURALO, insisted (pdf) that “the Internet must remain intact”.

RIPE NCC, which had been asked to revoke IP addresses supplied to Russian organizations, wrote that it “believes that the means to communicate should not be affected by domestic political disputes, international conflicts or war.”

ICANN may take a short-term PR hit in the wider world, which includes people who have a misunderstanding of how powerful ICANN is and how tenuous its grasp on the powers it does have.

While .ru appears to be safe, there’s nothing I read in Marby’s letter that would preclude it from initiating retirement proceedings against .su, when the proper policies have been approved.

CENTR kicks out Russia

CENTR, the association of European domain registries, has kicked out the Russian ccTLD operator due to the war in Ukraine.

In a brief statement today, the organization said:

The CENTR Board is following Russian military actions in Ukraine with concern and strongly condemns the violation of international law and Ukraine’s territorial integrity. Ukraine’s national TLD registry is a member of CENTR and we stand with Ukrainians in their efforts to resist Russia’s invasion. We hope for a swift and peaceful resolution of the conflict, and will continue to offer support and help to our Ukrainian colleagues.

Knowledge and information sharing are key to CENTR’s mission, and the CENTR Board needs to safeguard trust within the CENTR community. The Board has therefore decided to suspend the membership of the Coordination Center for TLD RU/РФ, effective immediately. The Board would like to underline that this is in no way targeted at our Russian colleagues. This suspension will be assessed by the CENTR General Assembly at their meeting in March.

I’m not sure the move will have much of an impact on the Coordination Center, but it’s a strong gesture of solidarity with the people of Ukraine, and the latest response from the domain industry to Russia’s insane war.

Ukraine asks ICANN to turn off Russia’s internet, but it’s a bad idea

Ukraine has asked ICANN to take down Russia’s top-level domains.

Andrii Nabok, the Ukrainian official on ICANN’s Governmental Advisory Committee made the request, asking the Org to “Revoke, permanently or temporarily, the domains .ru, .рф and .su” in a widely circulated email last night.

He also asked for DNS root servers in Moscow and St Petersburg to be shut down, and said he’s written to RIPE NCC to request IP addresses issued to Russian organizations to be withdrawn.

The request came on the fifth day of the Russian invasion, amid widespread, swingeing international sanctions targeting the Russian economy and high net worth individuals.

Accusing Russia of “war crimes”, Nabok wrote:

These atrocious crimes have been made possible mainly due to the Russian propaganda machinery using websites continuously spreading disinformation, hate speech, promoting violence and hiding the truth regarding the war in Ukraine. Ukrainian IT infrastructure has undergone numerous attacks from the Russian side impeding citizens’ and government’s ability to communicate.

Moreover, it’s becoming clear that this aggression could spread much further around the globe as the Russian Federation puts the nuclear deterrent on “special alert” and threatens both Sweden and Finland with “military and political consequences” if these states join NATO. Such developments are unacceptable in the civilized, peaceful world, in the XXI century.

Reaction in the community has been more mixed than I would have expected, but I think on balance more people are saying that turning off .ru et al would be a terrible idea, and I’m basically with that majority.

While there’s no doubt that Russia is spreading a lot of misinformation, I’m not sure there’s a direct, clear, demonstrable causal link between propaganda published on .ru domains and the missiles currently raining down on Kyiv that could be remedied by deleting a few lines from a database.

I’ve no doubt ICANN now has a painful decision to make, but I don’t think ICANN is the place to achieve this kind of goal and I think ICANN agrees with me.

We don’t want those clowns deciding what can and can’t be published on the internet, trust me.

Not even in the extraordinary circumstances we find ourselves in today.

ICANN is not competent enough, smart enough, or ethical enough to have that kind of power.

It is smart enough to accept its own limitations, however, and it has a strong enough sense of self-preservation to know that to accept Ukraine’s demands would be to sign its own death warrant.

ICANN only has power, and its execs only pull in the big salaries, because it has the consensus support of the internet community.

For 20 years outsiders, such as the ITU and more lately blockchain projects, have sought to chip away at that consensus and replace the multistakeholder model with multilateralism or crypto-based wish-thinking.

Turning off a nation’s TLD would play exactly into the narrative that DNS oversight is dangerously centralized, dangerously Americanized, and ripe for replacement.

That could not only lead to the death of ICANN but also the death of the open, interoperable, international internet.

As much as I support sanctions against Russia, and have nothing but respect and admiration for the people of Ukraine, I fear this is an ask too far.

Maybe now’s the time for ICANN to start dismantling the Soviet Union

Like I’m sure a great many of you, I spent much of yesterday listening to the news and doom-scrolling social media in despair, anger and helplessness.

War has returned to Europe, with Vladimir Putin’s Russia yesterday invading Ukraine on a flimsy pretext, in an apparent effort to begin to recreate the former Soviet Union.

I watched r/ukraine on Reddit, as its number of subscribers increased by tens of thousands in a matter of hours, with people from all over the world wondering what they could do to help, from volunteering to literally take up arms to hollow if well-meaning virtue-signalling.

Can I volunteer for the Ukrainian army? I live in Japan and can’t speak the language, does that matter?

Slava Ukraini!

It got me thinking: is there anything the domain industry or ICANN community can do? Is there anything I can do?

The only thing I could think of was to run this idea up the flagpole and see if anyone sets fire to it:

Maybe now’s the time for ICANN to start dismantling the Soviet Union.

It may sound ludicrous. The Soviet Union hasn’t existed outside Putin’s fantasies since 1991.

But it’s alive and well in the DNS, where the top-level domain .su has somehow managed to survive the death of its nation, evade any efforts to have it removed, and stick around in the root for over 30 years.

It currently has over 100,000 registered domains.

I’m not suggesting for a second that all of these domains were registered by people who support the return of the USSR, or are even aware of the connection, but it is the ccTLD of choice for sites like this gung-ho propaganda rag, and the Donetsk People’s Republic, the breakaway Ukrainian region.

Whenever I’ve asked people with better in-depth knowledge of ccTLD policy than me for an explanation of why .su continues to exist, despite not having a nation to represent, I generally get a lot of hand-waving and mumbling about a “lack of political will”.

Maybe there’s a political will now, if not at ICANN Org then perhaps in the ICANN community.

My understanding, based on a deep-dive through the public record, is that it might be possible to have .su deleted — the word ICANN uses is “retired” — but the rules are arguably open to interpretation.

A bit of background first

ICANN’s rules concerning ccTLDs are a bit like the UK constitution — they’re not written down in any one document, but have rather evolved over the years through a combination of habit, convention, case law and pure making-it-up-on-the-spot.

ICANN, and IANA before it, “is not in the business of deciding what is and what is not a country”. It has always deferred to the International Organization for Standardization, which maintains a list of names and corresponding country-codes called ISO 3166-1.

If a country or territory appears on the 3166-1 list, its corresponding “alpha-2” code is eligible to become a ccTLD.

SU was listed on 3166-1, the same as any other country, until September 1992, when it was broken up into 15 names and codes corresponding to the 15 former Soviet nations. Russia got RU and Ukraine got UA, for examples, and their ccTLDs are .ru and .ua.

SU was then given a “transitionally reserved” status by the ISO, which basically means it’s due to be phased off the list altogether (albeit not for 50 years) and organizations are discouraged from using it.

In corresponding ccTLDs, every string on the “transitionally reserved” list has either transitioned to a new ccTLD (such as East Timor’s .tp becoming Timor-Leste’s .tl) or split into a collection of new ccTLDs (such as the break-up of the Netherlands Antilles).

Since ICANN took over the root, these and other transitions typically happen with the consent of the local government and the local registry. But the Soviet Union dissolved long before ICANN existed, it doesn’t have a government, and the registry is in no hurry to give up its asset, which is a bit of a money maker.

ICANN stated its intention to retire .su as early as 2003, and the earliest archived IANA record, from 2006, said it was “being phased out”.

It launched a brief consultation on the retirement of ccTLDs in 2006, which prompted a flood of comments from outraged .su supporters.

The following year, there were face-to-face talks between ICANN and the two Moscow companies running .su at the time — the Foundation for Internet Development (FID) and Russian Institute for Public Networks (RIPN).

IANA’s Kim Davies, who now heads the division as an ICANN VP, blogged in 2007, partly in response to these comments, that .su had a chance to remain delegated:

To retain .SU, under current policy they would need to successfully apply for the code to be re-instated into the ISO 3166-1 standard, either as a regular two-letter country code, or as an “exceptionally reserved” code like UK and EU.

The “exceptionally reserved” list is another subdivision of ISO 3166-1. It currently includes four codes that are also ccTLDs — .ac for Ascension Island, a UK territory, .uk itself, and the European Union’s .eu.

The fourth is .su, because FID somehow managed to persuade the ISO 3166 Maintenance Agency to get SU on the list, reversing its 50-year sentence on the transitional list, in 2008. It appears to be the only example of a private, non-governmental, non-UN entity requesting and obtaining a special listing.

There’s been very little public discussion about .su’s fate since then. My suspicion is that it fell off the radar when ICANN CEO Paul Twomey, who made ccTLD relations a cornerstone of his administration, left the Org in 2009.

Or it could be that that the “exceptionally reserved” status was enough to satisfy IANA’s eligibility criteria. But there are several reasons why that might not be the case.

In Davies’ 2007 blog, post he said: “There are other issues that will need to be addressed for .SU to be a viable ccTLD designation, but recognition by the appropriate standard is a prerequisite.”

IANA currently has a web page in which it lays out seven ways a TLD can get into the root. This is what it says about exceptionally reserved strings:

Eligible under ICANN Board Resolution 00.74. This resolution provides for eligibility for domains that are not on the ISO 3166-1 standard, but that the Maintenance Agency deems exceptionally reserved, and requires that the Agency “has issued a reservation of the code that covers any application of ISO 3166-1 that needs a coded representation in the name of the country, territory, or area involved”. There is currently (as of June 2013) only one code eligible under these requirements, “EU” for the European Union.

The cited ICANN board resolution, now incorporated into IANA precedential law, dates from September 2000. It’s the resolution that hacked historical IANA practice in order to set the groundwork for eventually levering .eu into the root.

But the relevant part here is where IANA explicitly rules out any exceptionally reserved string other than EU meeting the requirements to be a ccTLD as of 2013. SU’s ISO 3166-1 status has not changed since 2008.

RIPN and FID explicitly acknowledged this in a joint letter (pdf) to ICANN then-CEO Paul Twomey in 2007. In it, they wrote:

we understand that should ISO-3166/MA add the two letter code “SU” to the exceptionally reserved or indeterminately reserved ISO3166-1 list will not be sufficient to clarify the status of .SU as current ICANN/IANA policies require a venue in which legality of actions can be determined.

To paraphrase: being on the list ain’t no good if you got no country.

They said that if ICANN went ahead and retired .su anyway, they would like 10 to 15 years to transition their registrants to alternative TLDs.

Which handily brings me to now

There has never been a formal community-agreed ICANN policy on retiring ccTLDs, until now.

By happy coincidence, the ccTLD Name Supporting Organization recently finished work on such a policy. It came out of public comment a few weeks ago and will next (I was going to write “soon”, but you know?) come before the ICANN board of directors for consideration.

The proposed policy (pdf) conspicuously avoids mentioning .su by name and seems to go out of its way to kick the can on .su’s potential retirement.

The silence is deafening, and the ambiguity is claustrophobic.

It defines ccTLDs as:

• 2-letter ccTLDs corresponding to an ISO 3166-1 Alpha-2 Code Element (the majority of ccTLDs).
• 2-letter Latin ccTLDs not corresponding to an ISO 3166-1 Alpha-2 Code Element
• IDN ccTLDs as approved by ICANN

The second bullet point is accompanied by a footnote that explains it’s referring to the “exceptionally reserved” codes UK, AC and EU, three of the four ccTLDs on the ISO’s exceptional list.

The ccTLDs .uk and .ac which refer to exceptionally reserved codes UK and AC are grandfathered as ccTLDs and .eu, which corresponds to the exceptionally reserved code EU, was delegated under the relevant ICANN Board resolution from September 2000

There’s no mention of SU, the fourth.

Under the proposed policy, the ball would start rolling on a possible retirement whenever a “triggering event” happens. The relevant trigger for .su (and .uk, .eu and .ac) is the ISO making a change — seemingly any change — to its 3166-1 listing.

IANA, referred to in the policy as the IANA Functions Operator or IFO, would then have to decide whether the change warranted initiating the retirement process, which would take at least five years.

As is so often the case in ICANN policy-making, the difficult decisions seem to have been punted.

Only one ccTLD operator filed a public comment on this proposed policy — it was RIPN, operator of .su. While generally supportive, it worried aloud that triggering events prior to the approval of the policy should not count. Its triggering events were in 2008 and the 1990s, after all.

The policy’s creators again ambiguously kicked the can:

The [Working Group] believes the applicability of the Policy to existing situations or those emerging before the proposed Policy becomes effective is out of scope of its mandate. For situations prior to this Policy coming into force, responsibility lies with the IFO to create a suitable procedure. The WG suggests that such a procedure could be based on and anticipates the proposed Policy.

So… does ICANN get to apply the policy retroactively or not?

My overall sense is that the .su situation, which the record shows was certainly on the minds of the ccNSO during the early stages of the policy-development process, was considered too difficult to address, so they took the ostrich approach of pretending it doesn’t exist.

The .su registry seems to think it’s safe from enforced retirement, but it doesn’t seem to be absolutely sure.

In conclusion

I think the record shows that .su doesn’t really deserve to exist in the DNS, and that there’s an opportunity to get rid of it. ccTLDs are for countries and territories that exist and the Soviet Union hasn’t existed for three decades.

IANA rules don’t seem to support its existence, and upcoming policy changes seem to give enough wiggle room for the retirement process to be kicked off, if the will is there to do so.

It would take years, sure.

Would it help stop innocent Ukrainians getting gunned down in the street this week? No.

Would it be more than simple virtue signalling? I think so.

And if not, why not just do it anyway?

In a world where an organization like UEFA considers Russia too toxic for poxy football match, what would it say about an organization that allows the actual Soviet Union’s domain to continue to exist online?

Cybersquatting cases down in .uk

The number of cybersquatting complaints, and the number of successful cybersquatting complaints, were down in .uk last year, according to new data from local registry Nominet.

Nominet said that its Dispute Resolution Service, which has a monopoly on .uk disputes, handled just 548 cases in 2021, the lowest number in the 20-year history of the DRS.

Only 43% of the complaints resulted in the domain being transferred, Nominet said. That’s down from 46% in 2020, 47% in 2019 and 49% in 2018, it said.

The trends fly in contrast to the UDRP, as least in WIPO’s experience in 2021, where cases were soaring.

General counsel Nick Wenban-Smith said in a press release:

Despite the worldwide shift towards online activity during the pandemic, and WIPO disputes on the increase, we haven’t seen a parallel pick up in the number of .UK domain name disputes for the past two years, but instead are reporting a record low in Complaints filed since the DRS launched back in 2001. We hope this is a result of our continued efforts to make .UK a safe place to be online.

Nominet has some pretty strict takedown practices in place — it will suspend a domain if the police’s intellectual property crime unit tells it to, which could clearly have an impact on the need to employ the DRS.