Mr. M. Stuart Lynn, when will you summon up enough courage to respond to our posts
on this public forum? How long will you continue to hide behind the curtain
while we attempt to have an open dialogue with you. Your title is President,
yet, you say nothing directly to us. Even the President of the United States
takes the time to answer questions directly from the Joe Citizens of this country.
Yet, you remain silent on this public forum.
I’ve taken the time to read your abstract
on “A Unique, Authoritative Root for the DNS”. Provided below are extracts
of that abstract along with my responses. Can you at least return the favor
by responding to my perspectives? Just a simple, “I’ve read your response”
would even suffice.
The DNS is a globally distributed database of
domain name (and other) information. One of its core design goals is that it reliably
provides the same answers to the same queries from any source on the public Internet,
thereby supporting predictable routing of Internet communications. Achievement of
that design goal requires a globally unique public name space derived from a single,
globally unique DNS root.
Response to Extract 1
Instead of becoming the sole
root zone of the internet, why not institute a set of standards that could be adopted
by entities willing to establish a modularized root zone that could easily be added
to the A root zone and other competing roots. By doing so, you will bring additional
resources to ICANN via other constituents that can bring their ideas to the table.
In turn, the process of innovation will be accelerated. Furthermore, such standards
will bring about stability and reliability as these seem to be the main concerns
of ICANN (is it not?).
Although the Internet allows a high degree
of decentralized activities, coordination of the assignment function by a single
authority is necessary where unique parameter values are technically required. Because
of the uniqueness requirement, the content and operation of the DNS root must be
coordinated by a central entity.
Response to Extract 2
If coordination is what
ICANN seeks, then by all means coordinate a set of standards that can be adopted
by all entities willing to set up a competing root. There is no reason why
ICANN should be in the business of running a root zone. ICANN has better things
to do with its limited resources. Just think where Joe Citizen would be if
the United Postal Service had the ability to ban, or outlaw, Federal Express, United
Parcel Service, or DHL? Joe Citizen would have fewer choices in which to deliver
mail. So, why take the posture of banishing other competing roots when such
resources can be brought together in a coordinated fashion to achieve the goals of
ICANN, i.e. an easy-to-use and reliable means of unambiguously referring to web sites,
e-mail servers, and the Internet's many other services.
Over the past
several years, some private organizations have established DNS roots as alternatives
to the authoritative root. Frequently, these "alternative" roots have been established
to support for-profit top-level domain registries that have been unable to gain entry
into the authoritative root as managed in the public interest by the IANA or ICANN.
Other "alternative" roots have been established as expressions of the disagreements
some individuals have had with the policies developed by the broader community processes
for management of the authoritative root, or their disinterest in participating in
Response to Extract 3
You may want to ask yourself why they were
not given access to the A root zone. For every action, there is a reaction.
Market forces will not tolerate static conditions brought about by monopolistic business
practices. You refer to them as “alternative” roots when in reality they are
competing roots. You call the A root zone as the authoritative root which implies
that competing roots are run by none other than criminals, bandits of the internet.
Had ICANN implemented a set of standards from the very beginning, such implied bandits
would have become valuable partners to ICANN, thus, furthering innovation on the
Internet. If you are bent on saving face, then ICANN’s fate is sealed.
You will bring about a war between yourselves and competing roots. Is this
the most productive use of ICANN’s limited resources? Should we, the Internet
community, be made to suffer the consequences of face-saving tactics? I hope
Because these alternative roots substitute insular motives for
the community-based processes that govern the management of the authoritative root,
their decisions to include particular top-level domains have not been subjected to
the same tests of community support and conformance with the public trust. Indeed,
their introduction has been done with little regard for the public interest, since,
if they were broadly used, they could impair the uniqueness of the authoritative
DNS's name resolution. ICANN's stability-preservation mandate requires that it avoid
acting in a manner that encourages their proliferation. This means that ICANN should
continue to adhere to community-based processes in its decisions regarding the content
of the authoritative root, and should give no preference to those who choose to work
outside of these processes and outside of the policies engendered by this public
Response to Extract 4
In case you haven’t noticed, the so-called authoritative
root is not being governed by the Internet community. On the contrary, its
run by the Board of ICANN. How many messages can you point to on the public
forum where the Directors of the Board actually corresponded with us. I’m not
aware of any. Are you? You state that competing roots have operated without
any regard for the public interest. Market forces generally arise out of public
interests not being met. You failed to meet such public interests, thus, competing
roots sprang up. In addition, entities like New.Net came along trying to further
the needs of the public interest. The only one not adhering to the needs of
the public interest is ICANN. ICANN’s stability-preservation mandate is only
an attempt to further ignore the public interests of the Internet community.
Why not bring the Internet community together with a set of standards rather than
enacting an “all or nothing” posture. Don’t we have a say in these matters?
Don’t we represent the public interest?
None of this precludes experimentation,
provided it is done in a manner that does not threaten the stability of name resolution
in the authoritative DNS. Experimentation is essential to the vitality of the Internet.
Nor does it preclude the ultimate introduction of new architectures that may ultimately
obviate the need for a unique, authoritative root. But the translation of experiments
into production and the introduction of new architectures require community-based
approaches, and are not compatible with individual efforts to gain proprietary advantage.
to Extract 5
Wouldn’t the development of a set of standards by ICANN from the
Internet community representing the public interest be more favorable than running
experiments that may, or may not, be acceptable to ICANN? Why put faith in
a hit-or-miss strategy when a coordinated effort between ICANN and the Internet community
would be more efficient and productive? How do you think new architectures
will come about unless you brainstorm with ALL of your constituents rather than just
a chosen few that happen to have the eyes and ears of ICANN and Congress? If
Silicon Valley were managed by ICANN, it would still be a farming community.
Why? Because ICANN still does not want to relinquish its control. Until
this attitude changes, the Internet will continue to add competing roots. If
you want to avoid “individual efforts”, then start being proactive in listening and
responding to us. We are tired of being ignored!
the presence of alternative public DNS roots results in different answers being given
to the same DNS queries issued from different computers on the Internet, depending
on the pre-stored IP addresses in the inquiring computer. The fundamental DNS design
goal of providing consistent answers to DNS queries is therefore frustrated.
to Extract 6
You had many years to keep the public interest from becoming “frustrated”.
You ignored what you considered competing roots because you felt omnipotent given
your relationship with the Department of Commerce. Only now do you realize
the magnitude competing roots will have on ICANN. Instead of crying foul, you
should begin a process of creating a set of standards to embrace such entities so
that we may all benefit from their innovative ideas. To do otherwise is to
stifle the growth of the Internet. Consistent answers to DNS queries will come
from a set of standards that ICANN can coordinate.
also introduce the possibility of misdirected Internet activities due to cache poisoning.
For performance reasons, the DNS design calls for resource records to be passed around
among the nameservers on the Internet, so that a resolver can obtain quicker access
to a local copy of the resource record. Because the DNS assumes a single-root system,
resource records are not marked to distinguish them according to the root from which
they emanate. Thus, the presence of alternative roots introduces the possibility
that Internet activities by those intending to use the standard root could be misdirected
by a stray resource record emanating from an alternative root. Indeed, some malicious
hacking attacks have been based on this principle, prompting the Internet Engineering
Task Force to propose a series of not-yet-implemented improvements known as "DNS-Security".
to Extract 7
Look. You identified the potential harm that may come about
from competing standards brought about by competing roots. Shall we stand around
and mope about this issue, or shall we do something about it. Will ICANN become
proactive in bringing about a set of standards, or will it go into a fetal position
by maintaining its present isolationist attitude? How long can ICANN afford
to ignore the public interest of the Internet community? The more you ignore
us, the stronger we will grow and the more inept ICANN will appear in the eyes of
These potentially destructive effects of alternative roots
have long been accepted by the vast majority of Internet engineers. Despite this
broad-based recognition, some have sought to justify the alternative roots by downplaying
these effects. In response, and to document what it referred to as "some of the problems
inherent in a family of recurring technically naive proposals," in May 2000 the Internet
Architecture Board (IAB) issued RFC 2826, entitled "IAB Technical Comment on the
Unique DNS Root."
Response to Extract 8
If you knew there were potentially destructive
effects from alternative roots, then why didn’t ICANN do anything about it?
Who cares if such destructive effects are downplayed or not, your responsibility
is to deal with the technical aspects of the Internet. Why didn’t you try to
bring about a set of standards when the issue was not so big? Simply to state
an observation is not enough. We need resolutions. And if your not up
to the task, then assign someone to the position of President that is willing to
accept the challenge before him/her and get this issue resolved.
remain a global network, the Internet requires the existence of a globally unique
public name space. The DNS name space is a hierarchical name space derived from a
single, globally unique root. This is a technical constraint inherent in the design
of the DNS. Therefore it is not technically feasible for there to be more than one
root in the public DNS. That one root must be supported by a set of coordinated root
servers administered by a unique naming authority.
Response to Extract 9
say that there is a technical constraint inherent in the design of the DNS.
Is that it? Are you admitting defeat rather than looking for alternatives?
Great! You prance around and tell us that your concerned about the public interest
only to conclude that we must live with a technical constraint inherent in the DNS.
Ever consider working with competing roots to get their opinions? Is this technical
constraint really inherent, or simply manufactured to appear that way? Irregardless,
what matters is the public interest which you so eloquently repeat ad infinitum.
It’s time to say, “Where’s the beef?” Certainly not in a DNS that has an inherent
In the face of the destabilizing consequences
of alternative roots, as articulated by the IAB and others, ICANN's prime directive
of preserving the stability of the Internet and DNS requires an unwavering commitment
to promote the continued prevalence of a single authoritative root for the public
DNS. Any other course of action would be irresponsible.
Response to Extract 10
the prime directive is to support a DNS that has an inherent technical constraint,
then I’ll pass thank you very much. To seek this course of action is, as you
The Internet's proper operation requires
assignment of unique values to various identifiers for different computers or services
on the Internet. To be effective, these assigned values must be made broadly available
and their significance must be respected by the many people responsible for the Internet's
operation. For example, every computer on the public Internet is assigned unique
IP address; this address is made known to routers throughout the Internet to cause
TCP/IP packets with that destination address to be routed to the intended computer.
Without common agreement to respect the assignment, the Internet would not reliably
route communications to their intended destinations.
Response to Extract 11
state that “…these assigned values must be made broadly available and their significance
must be respected by many people responsible for the Internet’s operation.”
Doesn’t that apply to ICANN as well. So if .Biz is assigned to another set
of individuals in the Internet community, shouldn’t you respect their existence?
Are you not also responsible for the Internet’s operation? You go on to state
that “Without common agreement to respect the assignment, the Internet would not
reliably route communications to their intended destinations.” What do you
intend to do by awarding .Biz to somebody else when clearly this gTLD is already
taken? Stuart, you can’t have it both ways. You need to get out of the
habit of ignoring your own rules.
From the very beginnings of the
Internet, the technical community has recognized the need for central coordination
of the unique assignment of the values of identifiers. The Internet Assigned Numbers
Authority (the IANA, now operated by ICANN) was created to fill this need; it now
makes assignments of unique values for approximately 120 different identifier types.
This responsibility has always been understood to be a public trust, and the IANA
long ago adopted the motto: "Dedicated to preserving the central coordinating functions
of the global Internet for the public good."
Response to Extract 12
I see nothing
unique in the assigned identifiers. There just domain names that have been
handed out solely by ICANN for those appearing on the A root server. What’s
so unique about these domain names compared to those on competing roots? I
will agree that ICANN has dedicated its existence to “preserving” its central coordinating
functions, but at our expense. By maintaining an exclusive club, you ignore
the possibility of bringing about a set of standards that would allow other competing
roots to bring innovation to the Internet. Unfortunately, that is unique.
This dichotomy recognizes that the Internet is, after all, a network (albeit
a network of networks), and networks require coordination among their participants
to operate in a stable and efficient manner. It also reflects the phenomenal success
of the Internet's tradition of cooperatively developed open and non-proprietary standards.
Those standards have provided an environment of highly interoperable systems that
has allowed competition and innovation to flourish.
Response to Extract 13
there were, as you say, “standards” that “have provided an environment of highly
interoperable systems”, then why can’t I see competing roots on the various browsers?
How is this competition if the competing roots are now allowed to appear on the various
browsers? You call that innovation. You’re seriously mistaken.
Besides, why should ICANN even be in the root server business? Even more important
is why ICANN should favor one root over another when all could be running under the
same set of standards. Now that would bring about competition and innovation.
Similarly, coordination of the root server network is necessary if the whole
system is to work smoothly. While day-to-day operational tasks, such as the actual
operation and maintenance of the Internet root servers, can be dispersed, overall
policy guidance and control of the TLDs and the Internet root server system should
be vested in a single organization that is representative of Internet users around
Response to Extract 14
Care to explain why the “control of the TLDs
and the Internet root server system should be vested in a single organization?”
Let the invisible hand deal with the TLDs and the Internet root server systems.
You should just stick with your mandate, the technical aspects of the Internet.
Come up with a set of standards so all competing roots can be under one umbrella.
That should be your goal. Favoritism will only result if you go beyond such
Further, changes made in the administration or
the number of gTLDs contained in the authoritative root system will have considerable
impact on Internet users throughout the world. In order to promote continuity and
reasonable predictability in functions related to the root zone, the development
of policies for the addition, allocation, and management of gTLDs and the establishment
of domain name registries and domain name registrars to host gTLDs should be coordinated.
to Extract 14
Again, why do we need to have just one root server. It’s like
saying that we only need AT&T. Competing roots will push each other to provide
more innovative products and services as long as they operate under a set of standards.
Shouldn’t that also be the goal of ICANN. Wouldn’t we benefit from this type
of competition as well as “continuity and reasonable predictability in functions
related to the root zone?” What are you afraid of? That competing roots
will bring about the commoditization of root servers on the Internet? How will
that harm the consumer? You are representing the consumer, aren’t you?
There are those who are choosing or have chosen not to work within the ICANN
process and within the ICANN policy framework. For their own insular motives, they
have launched or are launching various "alternative" root systems or systems that
emulate alternative roots, without regard to the destabilizing consequences. Some
of them have characterized their efforts as an attempt to convince the user community
that it is possible to launch new TLDs rapidly. The underlying thesis is that if
it looks like a TLD, walks like a new TLD, and quacks like a new TLD—then it must
be a new TLD. Unfortunately, this is not the case. As a result a number of third
parties (fortunately not that many) are registering with these alternative systems
under the misguided belief that this entitles them to preferential rights to these
domain names as though they were part of the authoritative DNS.
Response to Extract
What does this say about ICANN’s inability to coordinate other competing roots
under one umbrella? If you’re concerned about the destabilizing effects of
competing roots, then don’t just stand there, do something about it. Bring
about a joint effort to create a set of standards so that if someone wants to add
a competing root, then fine. Let them. Just make sure that they operate
within a set of standards. If not, they don’t show up on the radar screen.
It’s that simple. Instead of crying foul, take initiative and bring about resolution.
You’re the President, act like one. If you walk like a President, and talk
like a President, then act like a President.
The backers of these
systems seem to work under the philosophy that if they get there first with something
that looks like a TLD and invite many registrants to participate, then ICANN will
be required by their very presence to recognize in perpetuity these pseudo TLDs,
inhibiting new TLDs with the same top-level name from being launched through the
community's processes. Nothing could be further from the truth. Regardless of hyperbole
fueled by the self-interest of those who would advocate or, inadvertently or otherwise,
nurture the fragmentation of the DNS, ICANN is committed to stability, a unique DNS,
and orderly consensus-based processes for making policy decisions about the management
of that DNS.
Response to Extract 16
Nothing could be further from the truth
regarding the use of community processes to determine the selection of TLDs.
Did you ask my opinion? Did you ask anyone else’s opinion as to which should
be selected and who should have the right to administer them? No. So
let’s get one thing straight. You did not use community processes to determine
who received new TLDs. Please be objective and don’t resort to such exaggerations.
Maintaining this public forum is not “community processes.” If the DNS has
an inherent technical constraint, then let the fragmentation begin until we can find
a replacement. You can either control the process of replacement of the DNS,
or face being replaced yourself. Which will it be?
example, described in recent testimony before the US Congress, was the activation
of a previously dormant TLD within an "alternative" root after other companies had
already expressed interest in establishing a TLD of the same name through the ICANN
process, and after several detailed proposals were submitted for community consideration.
In an apparent effort to preempt the community-based process, a number of registrations
were created in the alternative TLD by a small number of registrants (indeed, 60%
of the first wave of registrations were made in the operator's own name), and various
public statements were made, including in Congressional testimony, that were clearly
intended to create the illusion of long-established and continuous operation. In
fact, an analysis of registrations in this "alternative" TLD shows that, as of April
2001, there were only slightly over 3,600 names registered, a significant number
of which are obviously names captured by speculators (such as cnn.biz and disney.biz).
On the basis of this opportunistic record, this operator has claimed global priority
over the community decisions through the ICANN process. This episode illustrates
the wisdom of the White Paper's warning that "decision[s] to add new top-level domains
[must not] be made on an ad hoc basis by entities or individuals that are not formally
accountable to the Internet community."
Response to Extract 17
If somebody is
willing to bring to market a workable competing root with domain names acceptable
to the market, then so be it. If you had developed a set of standards to allow
competing roots to join that of the A root server, then this would not be a problem.
The market would determine which competing roots survive, and which don’t.
Those that come to market first, get the name(s) as long as they adhere to a set
of standards. As for trademarks being taken, let the UDRP handle such issues.
One of the standards would be that conflicting domain names of trademarks be flushed
out unless there are extenuating circumstances, i.e. BA = Bob Alder rather than BankAmerica.
As previously stated, ICANN operates under a public trust that derives from
the wishes of the community. It would be a supreme violation of that trust for ICANN
to accede to any notion that those who bypass these community-based processes for
their own purposes (profit-driven or otherwise) should gain any preferential treatment
over those who work within these community processes.
Response to Extract 18
what community processes are you referring to? As for profit-driven motives,
would you rather we operate in a socialistic or communistic environment? Do
you believe for one second that the applicants selected by ICANN, not community processes,
aren’t in it for profit-driven motives. Come on! What kind of mumbo jumbo
is that? Speaking of public trust, should individuals within ICANN be allowed
to serve on Boards of applicants competing for domain names. Give me a break.
Who’s kidding who?
As already noted, "alternative" roots inherently
endanger DNS instability—that is, they create the real risk of name resolvers being
unable to determine to which numeric address a given name should point. This violates
the fundamental design of the DNS and impairs the Internet's utility as a ubiquitous
global communications medium. Some of these systems also employ special technologies
that—ingenious as they may be—may well conflict with future generations of Internet
standards. Those who choose to work outside the system now can make no credible claim
that their technologies can be adapted to these futures standards, or even that they
will be around to adapt them even if that were possible.
Response to Extract 19
DNS has already endangered itself with its own inherent technical constraint.
The DNS shouldn’t need competing roots to get your attention about finding solutions.
Yet, your inability to improve the DNS has brought about this dilemma which now puts
you on the defensive. Rather than trying to bring about radical changes from
the Internet community, you instead choose to divert our attention from the real
issue at hand by creating boogey men out of competing roots. The competing
roots are sending you a message. Yet, you refuse to pay attention to that message.
If progress can only be brought about by working outside YOUR system, then so be
it. Why should we allow excellent ideas to rot on the shelves while your sitting
idle on the sidelines?
Experimentation has always been an essential
component of the Internet's vitality. Working within the system does not preclude
experimentation, including experimentation with alternative DNS roots. But these
activities must be done responsibly, in a manner that does not disrupt the ongoing
activities of others and that is managed according to experimental protocols.
experiments should be encouraged. Experiments, however, almost by definition have
certain characteristics to avoid harm: (a) they are clearly labeled as experiments,
(b) it is well understood that these experiments may end without establishing any
prior claims on future directions, (c) they are appropriately coordinated within
a community-based framework (such as the IETF), and (d) the experimenters commit
to adapt to consensus-based standards when they emerge through the ICANN and other
community-based processes. This is very different from launching commercial enterprises
that lull users into a sense of permanence without any sense of the foregoing obligations.
to Extract 20
So, what are you going to do about it? Where in the above
paragraphs do you state how to achieve experimentation? Nowhere! What
is the time frame for experimentation? How will the ideas be brought about?
Do you care? The experimenters will commit to adapt to a consensus-based framework
if you would only invite them. Use this as your chance to create a set of standards.
But, there is nothing wrong with launching a commercial enterprise if ICANN is going
to sit idle on the sidelines. If you are only going to be a man of words, then
I hope competing roots flourish. I don’t want any part of your idealism if
it cannot be put into motion.
In an ever-evolving Internet, ultimately
there may be better architectures for getting the job done where the need for a single,
authoritative root is not an issue. But that is not the case today. And the transition
to such an architecture, should it emerge, would require community-based approaches.
In the interim, responsible experimentation should be encouraged, but it should not
be done in a manner that affects those who do not consent after being informed of
the character of the experiment.
Response to Extract 21
For once, you make sense.
Yet, what if you have someone that doesn’t consent to change? Shall we then
resign ourselves to just having a single root with a DNS that has an inherent technical
constraint? Your job is to be proactive, not submissive to a chosen few.
Do your job and competing roots will join you. If you don’t, then competing
roots will go after you. Who will encourage experimentation? You?
Again, you fail to take a position? Yet, you are the President. Do you
only have a title, or do you have authority to make decisions as well?
Community-based policy development is not perfect. It may proceed slower than
some would wish. The introduction of new TLDs has proceeded at deliberate speeds.
Impatience in the context of Internet timescales is perfectly understandable. The
outcome of orderly processes based on the wishes of the community, however, is assurance
that the Internet will continue to function in a stable and holistic manner that
benefits the global community, and not become captured by the self-interests of the
few. That, in the minds of most, is a price worth paying.
Response to Extract 22
don’t speak for me when you state, “Impatience in the context of Internet timescales
is perfectly understandable.” It’s not understandable when you proceed at a
pace that results from inability to made decisions on a timely basis. Such
inabilities on the part of ICANN are not, in my mind, worth the price we are paying.
Your statement, “It may proceed”, should read, “Has definitely proceeded”, at a slower
rate than we wish. Don’t pawn off the delays of ICANN on the self-interests
of a few when they are your responsibility alone as President. Competing roots
have no control over such activities. Furthermore, the winning applicants of
the new domain names also have self-interests. That’s capitalism. If
you don’t agree, then resign and let a real leader take control of the helm.
We need results, not more excuses.