ICANN ICANN Email List Archives


<<< Chronological Index >>>    <<< Thread Index >>>

On "Preserve DNS security and stability" and non-technical barriers to data collection

  • To: stratplan-2010@xxxxxxxxx
  • Subject: On "Preserve DNS security and stability" and non-technical barriers to data collection
  • From: Eric Brunner-Williams <ebw@xxxxxxxxxxxxxxxxxxxx>
  • Date: Sun, 20 Dec 2009 17:01:33 -0500


I would like to draw attention to the two relatively recent, and generally accessible documents, produced by kc claffey. "Ten things {the FCC, Lawyers} should know about the Internet", at [1] and [2], below.

In these Dr. Claffey makes the case that policy can be informed by research, and that research must be informed by data.

The trajectory of our industry, from the origins of the ARPANet project, have been policy made by belief -- a network could be funded, it could be operated by BBN and SRI, it could be institutionally transferred from ARPA to NSF to the DOC, the BBN function could be defunded and replaced by the CIX, the SRI function could be defunded and replaced by NetSol, and finally, monopoly replaced by competition.

Through out, with the exception of MILNet, an equivalent technology, connected to the ARPANet (in my offices at SRI, and at six other points), little "critical infrastructure" was implemented as an overlay network, or as dependent name space. That situation is no longer present.

I suggest that a strategic goal of ICANN for 2010 is to determine how the changes Dr. Claffey points out, changes in economics, ownership, and trust, can be made in the ICANN contractual, and non-contractual collection of operating procedures, so that researchers have greater access to data, and eventually, perhaps as early as 2011, the policy development processes within, and around ICANN, have the opportunity, now absent, of substituting private belief, some of which is very well informed where profit and loss issues are concerned, for public knowledge based upon real research based in turn upon real, and relevant, data.

Perhaps you could invite Dr. Claffey to address ICANN, perhaps at Bruxelles, and speak to the barriers economics, ownership and trust place to data collection, and the data that is needed to support research into policy questions about the operational behavior, and therefore the security and stability, not as belief systems, but as objects of scientific study.

As ICANN has grown, it may have lost some internal coherency. The phrase "security and stability" are used in the context of a market for "slots" by the EOI model authors, in the context of individual ASCII strings which might become TLDs by the gTLD process authors, in the context of individual IDN strings, which might also become TLDs by the IDN processes, by the authors of anti-phishing and anti-flux policy development processes, and so on.

Each of these uses appears to be data invariant, that is, while each has some supporting numbers, which may, or may not be actual data, none appear to motivate the users of the label "security and stability", on staff, or externally, to seek the general increase in data available from which to analyse policy outcomes or policy alternative claims. Moreover, it is possible that none of these uses of "security and stability" are correct.

In a nutshell, for all the "policy people" drawing a handsome salary at ICANN and in the institutional entities and corporate advocacy groups that enable or target policy formation by ICANN, and the public policy bodies informed by ICANN, no one appears to need any numbers.

As a strategic goal, moving from religion towards science, from unsupported beliefs to supported beliefs, seems a reasonable thing to attempt.

The old and new registrar accreditation agreements do not contain provisions for data collection, yet interesting data exists, particularly where the associated registry model is thick, at the registrar.

The existing and unfortunate draft registry agreements similarly do not contain provisions for data collection, yet interesting data exists, at the registries.

Similarly, there are potential sources of data from ASN and CIDR allocatees, as Dr. Claffey notes, and there are potential sources of data from DNS implementers, from search engine operators and implementers, and others, all of whom are dependent upon the long-term "security and stability" of the DNS, where that function has a technical meaning.

Examination of the existing items in the slide deck under the "security and stability" heading finds plenty of assertions, more "9's", more "secure", more "resilience", but no more data.

Lets make it a goal to assert less and observe more.


[1] Ten Things the FCC Should Know about the Internet - This slideset was presented to the Federal Communications Commission in Washington D.C. on May 29, 2009
kc claffy
Cooperative Association for Internet Data Analysis - CAIDA
San Diego Supercomputer Center,
University of California, San Diego

[2] http://www.caida.org/publications/papers/2008/lawyers_top_ten/lawyers_top_ten.pdf - top ten things lawyers should know about the Internet
kc claffy
written as a series of blog entries, at http://blog.caida.org/best_available_data/2008/04/16/top-ten-things-lawyers-should-know-about-internet-research-1/, et seq. April, 2008.

<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy