Comments and question on the proposed revision to the IDN guidelines

[Paul Hoffman <phoffman@xxxxxxxxxx>]

The following are comments on the the proposal for "Guidelines for the
Implementation of Internationalized Domain Names version 2". They are in
response to the request for comments posted. These comments are a joint
posting from Paul Hoffman and Bret Fausett.

1) The proposal would benefit greatly from a statement of purpose. Many
parts of the proposal appear intended to deal with domain name spoofing
below the TLD; however, the proposal fall very short of that goal by
limiting itself to IDNs. If the proposal is intended to address domain
name spoofing, a problem not limited to IDNs, ICANN should state whether
it also intends to create new proposals about potential spoofing within
the ASCII character set (such as "paypa1.com", "icannn.org", and
"paypal.co"). If the proposal is not about name spoofing, a clear
statement of its purpose is greatly needed.

2) The proposal is titled "Guidelines," but it contains many statements
about what a registry must and must not do; the "Guidelines" are replete
with words such as "will" and "must." ICANN should either change the
title of the document or change the imperative verbs to ones that sound
more like guidelines. In specific, the proposal never says what will
happen if a particular TLD administrator does not follow the guidelines.
Will ICANN re-assign the TLD to an administrator that agrees to follow
the guidelines? If not, what possible penalties will be meted out for
variance from the guidelines? For example, both MuseDoma and VeriSign
contributed to the revisions for version 2, but both are out of
compliance with both version 1 and version 2 of the guidelines. In
addition, many large ccTLDs have ignored the requirements of version 1,
and yet no action appears to have been taken against them. The
"Guidelines" also refer to "top-level domain registries," a broad term
which encompasses both gTLD and ccTLD registries. If the "Guidelines"
were intended to apply to ccTLD registries, then the mandatory words
such as "will" and "must," as described above, should be revised to more
accurately reflect the role of ICANN in setting policy for ccTLDs.

3) Version 1 of the guidelines has been in existence for two years, and
now ICANN is proposing to change it by adding many more rules. To the
best of our knowledge, however, ICANN has not previously published a
report on the successes and failures in version 1. From the very small
number of TLDs represented at
<http://www.iana.org/assignments/idn/registered.htm>, it appears that
version 1 is thinly-implemented. The proposal for version 2 of the
guidelines are significantly more restrictive than version 1. It seems
unlikely that adding many new restrictions will make version 2 more
successful than version 1. A description of both ICANN's and TLD
registry operators' experience with Version 1 would provide necessary
information to evaluate the appropriateness of the new rules now under
consideration.

4) Not only do the proposed revisions not have a report about the
success or failure of the version 1 guidelines, they provide no list of
the changes between versions and why each was made. Giving the complete
list of additional restrictions and the logic behind them could help
bring out more useful discussion.


5) Paragraph 6 of the proposed "Guidelines" purports to place a
mandatory obligation on TLD registries to participate in a loose and
undefined "collaboration" with other entities. While collaboration and
consensus are laudable goals, the undefined obligation describes no
forum in which such discussions should take place and no process by
which to reach possible agreement on IDN implementation and registration
practices. We recommend that ICANN create an appropriate
cross-Supporting Organization forum, involving both the ccNSO and the
gNSO, designed to facilitate the recommended collaboration.

Thank you for considering these comments.