It’s ICANN versus the blockchain in Kuala Lumpur

Internet fragmentation and the rise of blockchain-based naming systems were firmly on the agenda at ICANN 75 in Kuala Lumpur today, with two sessions exploring the topic and ICANN’s CTO at one point delivering a brutal gotcha to a lead blockchain developer.

Luc van Kampen, head of developer relations at Ethereum Name Service, joined a panel entitled Emerging Identifier Technologies, to talk up the benefits of ENS.

He did a pretty good job, I thought, delivering one of the clearest and most concise explanations of ENS I’ve heard to date.

He used as an example ICANN’s various handles across various social media platforms — which are generally different depending on the platform, because ICANN was late to the party registering its name — to demonstrate the value of having a single ENS name, associated with a cryptographic key, that can be used to securely identify a user across the internet.

Passive aggressive? Maybe. But it got his point across.

“We at ENS envisage a world where everyone can use their domain as a universal identifier,” he said. Currently, 600,000 users have registered 2.4 million .eth domains, and over 1,000 web sites support it, he said.

He described how ENS allows decentralized web sites, is managed by a decentralized autonomous organization (DAO) and funded by the $5 annual fee for each .eth name that is sold.

Van Kampen had ready responses to questions about how it would be feasible for ENS to apply to ICANN to run .eth in the consensus root in the next new gTLD application round, suggesting that it’s something ENS is thinking about in detail.

While not confirming that ENS will apply, he described how a gateway or bridge between the Ethereum blockchain and the ICANN root would be required to allow ENS to meet contractual requirements such as zone file escrow.

What did not come up is the fact the the string “eth” is likely to be reserved as the three-character code for Ethiopia. If the next round has the same terms as the 2012 round, .eth will not even enter full evaluation.

But the real gotcha came when ICANN CTO John Crain, after acknowledging the technology is “really cool”, came to ask a question.

“What kind of safeguards and norms are you putting in place regarding misbehavior and harm with these names?” Crain asked.

Van Kampen replied: “Under the current implementation of the Ethereum Name Service and the extensions that implement us and the integrations we have, domains are unable to be revoked under any circumstances.”

“So if I understand correctly, under the current solution, if I’m a criminal and I register a name in your space, I’m pretty secure today,” Crain asked. “I’m not going to lose my name?”

Van Kampen replied: “Under the current system, everything under the Ethereum Name Service and everything registered via us with the .eth TLD are completely censorship resistant.”

Herein lies one of the biggest barriers to mainstream adoption of blockchain-based alt-roots. Who’s going to want to be associated with a system that permits malware, phishing, dangerous fake pharma and child sexual abuse material? Who wants to be known as the maker of the “kiddy porn browser”?

If I were Crain I’d be feeling pretty smug after that exchange.

That’s not to say that ICANN put in a wholly reassuring performance today.

Technologist Alain Durand preceded van Kampen with a presentation pointing out the substantial problems with name collisions that could be caused by blockchain-based alt-roots, not only between the alt-root and the ICANN root, but also between different alt-roots.

It’s a position he outlined in a paper earlier this year, but this time it was supplemented with slides outlining a hypothetical conversation between two internet users slowly coming to the realization that different namespaces are not compatible, and that the ex-boyfriend of “Sally” has registered a name that collides with current boyfriend “John”.

It’s meant to be cute, but some of the terminology used made me cringe, particularly when one of the slides was tweeted out of context by ICANN’s official Twitter account.

To learn more about alternative naming systems, read #ICANN's OCTO publication >> https://t.co/LFYjy1KX3w | Emerging Identifier Technologies #ICANN75 pic.twitter.com/mWN7fCc7eR

— ICANN (@ICANN) September 21, 2022

Maybe I’m reading too much into this, but it strikes me as poor optics for ICANN, an organization lest we forget specifically created to introduce competition to the domain name market, to say stuff like “Market, you are a monster!”.

I’m also wondering whether “icannTLD” is terminology that plays into the alt-root narrative that ICANN is the Evil Overlord of internet naming. It does not, after all, actually run any TLDs (except .int).

The language used to discuss alt-roots came under focus earlier in the day in a session titled Internet Fragmentation, the DNS, and ICANN, which touched on blockchain alt-roots while not being wholly focused on it.

Ram Mohan, chief strategy officer of Identity Digital and member of ICANN’s Security and Stability Advisory Committee, while warning against ICANN taking a reflexively us-versus-them stance on new naming systems, wondered whether phrases such as “domain name” and “TLD” are “terms of art” that should be only used to refer to names that use the consensus ICANN-overseen DNS.

We ought to have a conversation about “What is a TLD”? Is a TLD something that is in the IANA root? Is a domain name an identifier that is a part of that root system? i think we ought to have that conversation because the place where I worry about is you have other technologies in other areas that come and appropriate the syntax, the nomenclature, the context that all of us have worked very hard to build credibility in… What happens if that terminology gets taken over, diluted, and there are failures in that system? … The end user doesn’t really care whether [a domain] is part of the DNS or not part of the DNS, they just say “My domain name stopped working”, when it may not actually be a quote-unquote “domain name”.

Food for thought.

ICANN to “stand up” to Russia at the ITU

ICANN is a non-political organization, but it cannot tolerate the platform of the Russian standing to be the secretary-general of the International Telecommunications Union.

CEO Göran Marby took a fairly bellicose tone in denouncing the platform at two sessions of ICANN 75 in Kuala Lumpur yesterday, warning that the election of Russian nominee Rashid Ismailov could not only destroy ICANN’s multistakeholder model but also internet interoperability in general.

Russia is pushing a position under which the powers of organizations such as ICANN, the Regional Internet Registries and standards-setting groups would be consumed by the ITU and managed in an multilateral, rather than multistakeholder, fashion.

Marby was asked a question about the election, due to take place at the ITU Plenipotentiary Conference in Bucharest starting next week, during an open-mic Q&A with the community yesterday.

“We are not campaigning against, but we are reflecting on the fact that one of the candidates does not like what you do here, your ability to walk up to the microphone and ask that question. You can’t do that in the UN setting,” he said.

“There’s a really really big risk that we will lose that ability for you,” he said, adding that he is concerned “that people around the world might not be able to connect to one single interoperable internet”.

“We are strictly neutral when it comes to who becomes the Secretary General,” he said. “We vividly oppose one of the platforms, that the Russian potential Secretary General stands for.”

“We are not a political organization, but we stand up one time… when we see proposals that would disconnect people from the internet or actually make it impossible for you to be here and make policies, that is when we go out and react. That’s the only time,” he said.

During remarks earlier in the day at the ICANN 75 opening ceremony, Marby addressed the same topic in slightly more evocative terms.

“What we do is like fighting for peace. You don’t fight for peace when war has broken out, you fight for peace before. We have to continue to work for the multistakeholder model now before it’s challenged too much,” he said.

Was this a deliberate allusion to the Russian invasion of Ukraine? Marby and/or his speechwriter can’t have been blind to the connotations.

Ismailov’s opponent in the election is Doreen Bogdan-Martin, an American with a much more acceptable policy platform.

ICANN earlier in the year published a paper (pdf) analyzing Russia’s stance on global internet policy. Marby’s remarks this week echo a warning he gave a year ago at ICANN 72.

In an explicit response to the opening ceremony remarks, on Tuesday Russia’s representative on the Governmental Advisory Committee offered a passionate defense of the Russian candidate, telling the GAC and ICANN’s board that his platform is about the “harmonization of ICT”.

He said that the role of the ITU secretary general is a neutral one, and not representative of any particular state.

During the same session Ukraine pleaded for more support, specifically in the form of satellite internet terminals, following ICANN’s donation of $1 million to support infrastructure projects in the war zone.

A million people are without internet access, he said, and rebuilding fiber networks destroyed by Russian missiles will take months because the fields are often mined.

Surprise new chair for ICANN announced

The King is dead, long live the Queen!

(Too soon?)

ICANN announced today that Tripti Sinha will be taking over as chair of the organization’s board of directors this Thursday, with Maarten Botterman taking an unexpectedly early bath.

The news was delivered by Botterman this morning during the opening ceremony of ICANN 75, being held in Kuala Lumpur, Malaysia this week. He added that Danko Jevtovic will take over from Leon Sanchez as vice-chair.

No reason for the decision, which appears to have been made at a board meeting yesterday, was given.

While Botterman’s second term on the board ends this week, he was only recently reselected by the Nominating Committee for a third and final three-year term, a term he appears to be intent on serving as a regular director.

Sinha becomes ICANN’s seventh chair since its inception, and the third (after Vint Cerf and Steve Crocker) to come very much from a technology rather than legal or policy-making background.

She’s currently CTO at the University of Maryland, where among other things she oversees the university’s operation of D-root, one of the internet’s 13 DNS root servers.

On the ICANN board, she already sits on five committees and chairs the Board Governance Committee.

She was born in India, but seems to have lived in the US for most of her adult life. It’s not clear whether she’s in the North America or Asia-Pacific column for purposes of geographic diversity under ICANN bylaws.

Jevtovic comes from the ccTLD world in Serbia, first with Yugoslavia’s .yu and then with Serbia’s current .rs domain.

Sinha’s new role comes with a salary bump from $45,000 to $75,000 and, one presumes, much more stress.

Both Sinha and Jevtovic are NomCom appointees with two years left on their second terms.

Whois Disclosure System to cost up to $3.3 million, run for one year

ICANN has published its game plan for rolling out a Whois Disclosure System ahead of next week’s ICANN 75 public meeting in Kuala Lumpur.

The Org reckons the system will take nine months to build and will cost up to $3.3 million to develop and run for two years, although it might wind up getting shut down after just one year.

The Whois Disclosure System, previously known as SSAD Light, is a mechanism whereby anyone with an ICANN account — probably mainly IP lawyers in practice — can request unredacted private Whois data from registrars.

The system is to be built using retooled software from the current Centralized Zone Data Service, which acts as a hub for researchers who want to request zone files from gTLD registry operators.

ICANN’s design paper (pdf), which contains many mock-ups of the likely user interface, describes the new system like this:

Just as in CZDS, a requestor navigates to the WHOIS Disclosure System web page, logs into their ICANN Account, and is presented with a user experience much like the current CZDS. In this experience, requestors can see pending and past requests as well as metadata (timestamps, status, etc.) associated with those requests. For a requestor’s pending requests, they can see all the information related to that request.

Requests filed with the system will be routed to the relevant registrar via the Naming Services Portal, whereupon the registrar can choose how to deal with it. The system doesn’t change the fact that registrars have this discretion.

But the system will be voluntary for not only the requesters — who can still contact the registrar directly if they wish — but also the registrars. One can imagine smaller and frequently abused registrars won’t want the hassle.

The cost of this system will be $2.7 million in staffing costs, with $90,000 in external licensing costs and another $500,000 in contingency costs. Because ICANN has not budgeted for this, it will come from the Supplemental Fund for Implementation of Community Recommendations, which I believe currently has about $20 million in it.

This is far and away cheaper than the full-fat SSAD originally proposed by the GNSO, which ICANN in January estimated could cost up to $27 million to build over five years.

While cheaper, there are still substantial questions remaining about whether it will be popularly used, and whether it will be useful in getting private Whois data into the hands of the people who say they need it.

ICANN is saying that the Whois Disclosure System will run for one year “at which point the data sets collected will be analyzed and presented for further discussion between the GNSO Council and Board”.

The design paper will be discussed at multiple ICANN 75 sessions, starting this weekend.

ICANN rushes mystery directors onto board in apparent bylaws breach

ICANN is hurrying two new directors onto its board despite that fact that hardly anybody, apparently including the people who this week gave them the nod, seemed to know who they are.

The Org also seems to have technically breached its bylaws with the timing of the move, which also sees chair Maarten Botterman appointed for another three-year term.

Earlier this week the Empowered Community Administration, which has broad powers to hire and fire directors, submitted ICANN-drafted letters formally approving this year’s Nominating Committee picks — Botterman, Christopher Chapman and Sajidur Rahman.

But I’m told that the ECA, like the rest of us, were not given any information by ICANN about the two newcomers beyond their names and the geographic regions they hail from. They were basically waved onto the board blind, it seems.

Photographs subsequently published on the NomCom web site confirm the two directors’ identities. They’re the former head of the Australian Communications and Media Authority Chris Chapman, and Indonesian venture capitalist Sajid Rahman of MyAsiaVC.

Judging by the ICANN bylaws, approval by the ECA — which comprises one person from each of the ASO, the ccNSO, the GNSO, the ALAC and the GAC — is pretty much just a rubber-stamp. All the due diligence is done by NomCom and the Org.

But the appointments appear to amount to a technical bylaws breach on timing grounds, coming about a month late. The bylaws state:

At least two months before the commencement of each annual meeting, the Nominating Committee shall give the EC Administration (with a copy to the Decisional Participants and Secretary) written notice of its nomination of Directors for seats with terms beginning at the conclusion of the annual meeting, and the EC Administration shall promptly provide the Secretary (with a copy to the Decisional Participants) with written notice of the designation of those Directors.

This year’s AGM will be held in Kuala Lumpur from September 17, with the new directors taking their seats at its conclusion on September 22. So NomCom seems to have missed its “at least two months before” deadline by a month. ECA approval came August 15.

This year’s AGM is a little earlier than usual, which may help explain the problem. They’re usually held in October or November, and there hasn’t been one held in September since 2001.

NomCom also missed the two-month window in 2020, by an even bigger margin, for entirely understandable pandemic-related reasons. It announced its selections just a couple of weeks before the AGM.

Diversity takes a hit as NomCom replaces two ICANN directors with newcomers

ICANN will be left with fewer women and Africans on its board of directors following this year’s Nominating Committee selections, after which apparent community newcomers will take seats.

NomCom last night announced that its three picks for the board, due to take or retake their seats at the Annual General Meeting in Kuala Lumpur next month, are Maarten Botterman, Christopher Chapman and Sajidur Rahman.

Botterman is of course the current chair, and his reappointment was surely never in any doubt. He’ll be entering his third and final term at the AGM.

Less is known about the two newcomers. ICANN has so far provided no biographical information about them beyond the geographic region they represent. Botterman is European and both Chapman and Rahman are from Asia-Pacific.

Both new appointees have very common, google-resistant names, and neither appears to have a track record of vocal ICANN community participation.

Chapman, if I had to guess, would be Chris Chapman, the former long-term independent media regulator from Australia. Sajid Rahman is such a common name I don’t think I could confidently make a call on his identity early doors.

What we do know is that they’re both Asia-Pac, and they’re both replacing one-term African directors.

Leaving the board at the AGM will be NomCom’s 2019 picks Mandla Msimang from South Africa and Ihab Osman from Sudan. This means the sole remaining voting African on the board come October will be South African Alan Barrett.

Msimang leaving and being replaced by a man of course changes the gender mix. After the AGM, there will be six women on the 20-seat board, five out of the 16 voting seats.

Note that I’m not analyzing the picks by some subjective “woke” criteria — ICANN has strict rules about geographic representation in its bylaws and every year its board of directors encourages NomCom to consider the gender mix when making its selections.

The bylaws state that each of the five geographic regions must have at least one seat on the board, and that no one region can have more than five directors.

That said, ICANN doesn’t make it easy to figure out which directors hail from which regions. There’s no published breakdown that I’m aware of and many directors have multiple citizenships and/or are long-term residents of nations outside their birth region.

Two other directors have their current terms ending next month — GNSO appointee Becky Burr (North America), who has been reappointed for a third term, and Akinori Maemura (Asia-Pac) who is being replaced by Christian Kaufmann (Europe) as an ASO appointee.

NomCom broke down the gender and geographic mix of applicants for all the open board and non-board positions here.

Malaysia relaxes travel restrictions ahead of ICANN 75

Malaysia has made it easier for foreign travelers to enter the country, which should take some of the headaches out of going to ICANN 75 next month.

According to local reports, the Malaysian government web site, and official UK travel advice, those entering Malaysia are no longer required to fill out a “travelers card” on the government’s contact-tracing app, MySejahtera.

It’s not clear whether MySejahtera is still mandatory for entry. The UK says you “may” be required to install it,

On-arrival tests have been scrapped, regardless of vaccination status, the Malaysian government said:

From 1st August 2022, all travellers are allowed to enter Malaysia regardless of their COVID-19 vaccination status and do not require a pre-departure or on-arrival COVID-19 test. There are no quarantine orders related to COVID-19 enforced by the Malaysian Government upon arrival.

If you test positive for Covid-19 while in Malaysia, you’re still required by law to quarantine for four days (if you subsequently test negative) to seven days (regardless of the test result) at your own expense.

While the government rules may take some of the red tape out of entering the country, ICANN’s still has rules about entering the meeting venue.

To obtain entry to the Kuala Lumpur Convention Center, you’ll need to have proof of vaccination under the current version of ICANN’s health guidelines, which were last updated July 20.

Thanks to Richard Wein for the tip.

More rules, but cozier ICANN 75 expected

There will be more rules to follow at ICANN 75 next month, but attendees might be able to expect a more intimate event, with less stringent seating restrictions.

The gathering, ICANN’s 2022 Annual General Meeting, will be held in Kuala Lumpur from September 17 to 22, the second pandemic-era meeting to have a face-to-face component, but in-person attendees need to register by September 14.

The new rules are largely a result of local laws, according to ICANN.

The first thing to note is that if you don’t have a smart-phone, you’re out of luck. Malaysia requires people entering the country to install a government Covid-control track-and-trace app called MySejahtera.

The law also says you have to wear masking indoors and self-isolate for four to seven days if you test positive. ICANN’s mandatory legal waiver makes the attendee responsible for associated costs.

But at the venue itself, ICANN is relaxing its session rules, saying it may halve the social-distancing requirement in half to a meter, which will allow more people into each room and could reduce the need for waiting lists and overflow rooms.

Many of the sessions at ICANN 74 in June were over-booked.

ICANN backtracks on legal waiver for ICANN 75

ICANN has softened the language in the legal waiver it requires all of its public meeting attendees to agree to.

The waiver for ICANN 75, due to take place in Kuala Lumpur in September, no longer requires you to absolve ICANN from blame if you get sick due to the Org’s own gross negligence.

For last month’s ICANN 74 in The Hague, the waiver stated:

I knowingly and freely assume all risks related to illness and infectious diseases, including but not limited to COVID-19, even if arising from the negligence or fault of ICANN.

The Kuala Lumpur waiver states:

I knowingly and freely assume all risks related to illness and infectious diseases, including but not limited to COVID-19.

So if an infected ICANN staffer spits in the coffee, this time you could probably sue.

The 74 waiver caused a fair few complaints when it first emerged. It was accused of being “excessive” by the CEOs of Blacknight and the Namibian ccTLD registry in a Request for Reconsideration that was eventually dismissed by the ICANN board of directors.

It also caused the At-Large Advisory Committee to issue a withering takedown accusing ICANN of insensitivity and intimidation, which ICANN’s chair brushed off (pdf) a couple weeks ago.

There are other language changes in the new waiver, but none seem to be as significant as ICANN making itself legally bullet-proof.

Kuala Lumpur will have substantially the same Covid-19 precautions as The Hague, which includes mandatory mask-wearing indoors, testing, and social distancing, ICANN has confirmed.