Some comments on the Thursday WDC session

[Eric Brunner-Williams <ebw@xxxxxxxxxxxxxxxxxxxx>]

Kurt,

Yesterday's meeting was unstructured, and I have some suggestions for 
better use of time. In two parts, and please relay my thanks to Becky 
for hosting, the office space at Wilmer Hale is without peer in the DC 
legal office space market (I hope we didn't pay for all of it).
There are distinct subjects -- the "single registrant" thing, initial 
thresholds for new registries, cross-ownership thresholds between 
established registries and registrars, gaming, equity, ...
Jon Nevett had a proposal, Richard Tyndall also had a proposal, and most 
of yesterday's meeting time was expended on these two men's oral 
arguments, which ment that the rest of us spent our time listening to 
Jon and Richard speak to what would benefit Network Solutions, Enom, and 
Jeff respond to what would benefit NeuStar, and picking at the separate 
strands of argument to try and isolate distinct issues.
It wasn't quite "chaos" but it was a good start at getting to it.

1. What are the issues, for and against, the "single registrant" model? 
Before we get to extended advocacy "for", we should know if we've caught 
all the pros and all the cons, and then exhaust the respective advocacies.
2. There is a "threshold" issue, or more generally, independent of 
mechanism, what exceptions to the rules developed around the fact 
situation in 1999 for the legacy TLDs should be considered, and why, 
based on the experience with the sponsored TLDs, for community-based 
applications in 2009?
3. There is a different "threshold" issue, or more generally, 
independent of mechanism, what exceptions to the rules developed around 
the fact situation in 1999 for the legacy TLDs should be considered, and 
why, for cross-ownership between registries and registrars? Does the 
2008 size of the parties have any bearing on the cross-ownership of the 
parties that don't exist in 2008, but which will exist in 2009? Is 
Enom+.shoe or GoDaddy+.sock similar to the single accredited registrar 
in Africa plus .africa?
4. What are the existing models of gaming the system, e.g., registrars 
which don't primarily serve registrants, whether "the public" or "brand 
managers" or "service providers", and which policy choices are positive, 
neutral or negative towards those gaming models and their expansion.
5. What terms and conditions, and for which contracts, may, should, 
must, be modified, and why, if the 2009 contracts differ in substance 
from prior contracts, and to get to that we have to
5a. Determine for which parties similarity of terms and conditions is 
consistent with policy, and  for which similarity is contrary to policy.
Both Carolyn and I, speaking about the histories of the .coop and 
.museum registries in accommodating to the vertical separation and equal 
access provisions of the 2000 sponsored TLD contracts, discussed a 
numeric threshold, and a temporal threshold, to allow new registries to 
meet their operational start-up costs and meet their communities 
existence requirements. This is a subject we're not done with, and 
relates to comments we've submitted the $75,000 per year recurring ICANN 
fee, distinguishing between registries which are in "survival" mode, and 
registries which are "stable", and which we initially discussed with 
Doug Brent at Cairo and which Marcus Fouré has sent, together with a 
supporting spreadsheet, to the GFA comments.
Then there are the meta-issues. Why are we taking time away from work on 
the GFA? Are any of the Charles River proposals important enough to 
postpone, complicate, or compromise the success of the 2009 round? What, 
if anything, has it got to do with the October '06 Resolution?
Part 2.

Now, an aside on end users and the regimes in question, what I called 
"private law" vs "public law", using the X example rather than some of 
the named suggestions offered during the discussion.
I don't think I made as clear as I'd hoped the problem a "private law" 
regime creates for users. Lets suppose Broadband Provider X (BPX) 
operates a "single registrant" model TLD. The rebuttal to the point I 
made during the meeting, that the users of the leaf nodes of one tree 
(the .BPX names) have different rights from the users of leaf nodes of 
another tree (the .COM names), different as in "no rights whatsoever", 
was that BPX Corp was the registrant, so the analysis of the question is 
ended, and the "user rights" claim is rebutted.
I suggest we should look at whether BPX encourages its subscribers to 
use a BPX name. If BPX encourages any reliance by its subscribers to use 
a BPX name, as if it is a domain name as understood by a reasonable user 
of the DNS, then BPX either transfers a right to the subscriber, or is 
exploiting the subscriber to promote BPX's brand.
I'll make it personal in hope that this helps. After NeuStar terminated 
the employer-employee relationship, I have never used the ".biz" brand. 
Not a single domain buy, not even mail to anyone (other than Jeff and 
Ed) with a .biz address. I _don't_ promote .biz. That is the value that 
I don't provide NeuStar.
If BPX exploits its subscribers to publish .BPX names to 3rd parties, 
whether other .BPX subscribers or "at large", to build its brand, that 
is a user exploit we should not ignore behind the curtain of "BPX is the 
registrant", and which therefore BPX may arbitrarily, and without 
recourse to any consensus policy created mechanism of user protection, 
modify or terminate. I suggest that the subscribers to BPX may number 
more than one, and their value as brand marketing affiliates, is the 
value BPX is attempting to secure, without creating any compensation to 
the subscribers, and without creating any rights as registrants in the 
subscriber relationship, from ICANN.
I'm making the case that we should consider "user", not just 
"registrant", a point I reject in the GNSO FastFlux PDP Working Group 
(gnso-pdp-may08@xxxxxxxxx) analysis when it is offered as an amorphous, 
all-encompassing definition of a harmed interest. I'm just looking at 
3rd-party use of nodes in the .BPX namespace, resolvers acting on behalf 
of SMTP and HTTP. The claim for the BPX as-registrant is that BPX may 
"flux" any point in the namespace, causing subscriber-3rd-party past, 
present, and future instances of communication via any communications 
protocol using the public DNS to fail to resolve, and that that is a 
"good thing".
As I pointed out in prior written comments, if the namespace is not 
intended to be public, there are alternate anchors, e.g., within 
existing, or new, second-level namespaces where many of the policy 
questions would be mooted, or in non-public namespaces, were all of the 
policy questions would be mooted, and the intent not to expolit 
3rd-party dependency upon published names would be easily accomplished. 
BPX has recursive nameservers, and it can provision as many private 
namespaces to its subscribers as it has the time to think about, without 
using its subscribers to market its brand.
I advised on a case once where an ISP mistakenly identified a subscriber 
as a spammer, and cut off the subscriber's access. The ISP also then 
intercepted all mail to the then-terminated-subscriber, all of which was 
related to the subscriber's business, and destroyed it, causing loss to 
the subscriber. I'll contact the attorney who handled the case, as it 
seems that the "rebuttal" to my comment that what was being proposed as 
a "private law" regime with no rights to the users (customers of BPX), 
is that what happened to his client is offered as a good general 
outcome, and I don't think it was.
I know I'm not the only one with an interest in the registrants, or the 
users of the public DNS, and I know I'm not the only one with an 
interest in the linguistic and cultural, or municipal, or regional, or 
"community identified" applicants and their users' interests, which 
includes their access to registrars. Other expressions of concerns, for 
or against, the "single registrant" thing, or cross-ownership of 
registries and registrars, whether established or new, by registrants -- 
and I don't mean just the BPXes but the users of their namespaces which 
they propose to promote to the IANA root, should be on the record as 
well. I'm sure we can find a better answer for the "single registrant" 
and its uses and users, we simply have to look past the 
"registry==registrar==registrant" pseudo-closed universe of interest.
End Part 2.

I don't have JJ's addess at hand or I'd cc him, and I've cc'd the 
crai-report@ list so (a) others would have some insight into what the 
call-in and face-to-face participants did for two hours, and (b) so that 
this communication between CORE and ICANN wouldn't be private, though 
I'm happy to communicate privately on issues of editorial significance 
only, or areas where public comment has, or will, revisit the issues openly.
Eric Brunner-Williams
CTO, CORE