Return to Unique Root for DNS Forum - Message Thread - FAQ

Username: Mario
Date/Time: Thu, May 31, 2001 at 10:36 PM GMT
Browser: Microsoft Internet Explorer V5.01 using Windows 98
Score: 5
Subject: To Mr. M. Stuart Lynn


Mr. M. Stuart Lynn, when will you summon up enough courage to respond to our posts on this public forum?  How long will you continue to hide behind the curtain while we attempt to have an open dialogue with you.  Your title is President, yet, you say nothing directly to us.  Even the President of the United States takes the time to answer questions directly from the Joe Citizens of this country.  Yet, you remain silent on this public forum.

I’ve taken the time to read your abstract on “A Unique, Authoritative Root for the DNS”.   Provided below are extracts of that abstract along with my responses.  Can you at least return the favor by responding to my perspectives?  Just a simple, “I’ve read your response” would even suffice.

Extract 1
The DNS is a globally distributed database of domain name (and other) information. One of its core design goals is that it reliably provides the same answers to the same queries from any source on the public Internet, thereby supporting predictable routing of Internet communications. Achievement of that design goal requires a globally unique public name space derived from a single, globally unique DNS root.

Response to Extract 1
Instead of becoming the sole root zone of the internet, why not institute a set of standards that could be adopted by entities willing to establish a modularized root zone that could easily be added to the A root zone and other competing roots.  By doing so, you will bring additional resources to ICANN via other constituents that can bring their ideas to the table.  In turn, the process of innovation will be accelerated.  Furthermore, such standards will bring about stability and reliability as these seem to be the main concerns of ICANN (is it not?).

Extract 2
Although the Internet allows a high degree of decentralized activities, coordination of the assignment function by a single authority is necessary where unique parameter values are technically required. Because of the uniqueness requirement, the content and operation of the DNS root must be coordinated by a central entity.

Response to Extract 2
If coordination is what ICANN seeks, then by all means coordinate a set of standards that can be adopted by all entities willing to set up a competing root.  There is no reason why ICANN should be in the business of running a root zone.  ICANN has better things to do with its limited resources.  Just think where Joe Citizen would be if the United Postal Service had the ability to ban, or outlaw, Federal Express, United Parcel Service, or DHL?  Joe Citizen would have fewer choices in which to deliver mail.  So, why take the posture of banishing other competing roots when such resources can be brought together in a coordinated fashion to achieve the goals of ICANN, i.e. an easy-to-use and reliable means of unambiguously referring to web sites, e-mail servers, and the Internet's many other services.

Extract 3
Over the past several years, some private organizations have established DNS roots as alternatives to the authoritative root. Frequently, these "alternative" roots have been established to support for-profit top-level domain registries that have been unable to gain entry into the authoritative root as managed in the public interest by the IANA or ICANN. Other "alternative" roots have been established as expressions of the disagreements some individuals have had with the policies developed by the broader community processes for management of the authoritative root, or their disinterest in participating in that process.

Response to Extract 3
You may want to ask yourself why they were not given access to the A root zone.  For every action, there is a reaction.  Market forces will not tolerate static conditions brought about by monopolistic business practices.  You refer to them as “alternative” roots when in reality they are competing roots.  You call the A root zone as the authoritative root which implies that competing roots are run by none other than criminals, bandits of the internet.  Had ICANN implemented a set of standards from the very beginning, such implied bandits would have become valuable partners to ICANN, thus, furthering innovation on the Internet.  If you are bent on saving face, then ICANN’s fate is sealed.  You will bring about a war between yourselves and competing roots.  Is this the most productive use of ICANN’s limited resources?  Should we, the Internet community, be made to suffer the consequences of face-saving tactics?  I hope not.

Extract 4
Because these alternative roots substitute insular motives for the community-based processes that govern the management of the authoritative root, their decisions to include particular top-level domains have not been subjected to the same tests of community support and conformance with the public trust. Indeed, their introduction has been done with little regard for the public interest, since, if they were broadly used, they could impair the uniqueness of the authoritative DNS's name resolution. ICANN's stability-preservation mandate requires that it avoid acting in a manner that encourages their proliferation. This means that ICANN should continue to adhere to community-based processes in its decisions regarding the content of the authoritative root, and should give no preference to those who choose to work outside of these processes and outside of the policies engendered by this public trust.

Response to Extract 4
In case you haven’t noticed, the so-called authoritative root is not being governed by the Internet community.  On the contrary, its run by the Board of ICANN.  How many messages can you point to on the public forum where the Directors of the Board actually corresponded with us.  I’m not aware of any.  Are you?  You state that competing roots have operated without any regard for the public interest.  Market forces generally arise out of public interests not being met.  You failed to meet such public interests, thus, competing roots sprang up.  In addition, entities like New.Net came along trying to further the needs of the public interest.  The only one not adhering to the needs of the public interest is ICANN.  ICANN’s stability-preservation mandate is only an attempt to further ignore the public interests of the Internet community.  Why not bring the Internet community together with a set of standards rather than enacting an “all or nothing” posture.  Don’t we have a say in these matters?  Don’t we represent the public interest?

Extract 5
None of this precludes experimentation, provided it is done in a manner that does not threaten the stability of name resolution in the authoritative DNS. Experimentation is essential to the vitality of the Internet. Nor does it preclude the ultimate introduction of new architectures that may ultimately obviate the need for a unique, authoritative root. But the translation of experiments into production and the introduction of new architectures require community-based approaches, and are not compatible with individual efforts to gain proprietary advantage.

Response to Extract 5
Wouldn’t the development of a set of standards by ICANN from the Internet community representing the public interest be more favorable than running experiments that may, or may not, be acceptable to ICANN?  Why put faith in a hit-or-miss strategy when a coordinated effort between ICANN and the Internet community would be more efficient and productive?  How do you think new architectures will come about unless you brainstorm with ALL of your constituents rather than just a chosen few that happen to have the eyes and ears of ICANN and Congress?  If Silicon Valley were managed by ICANN, it would still be a farming community.  Why?  Because ICANN still does not want to relinquish its control.  Until this attitude changes, the Internet will continue to add competing roots.  If you want to avoid “individual efforts”, then start being proactive in listening and responding to us.  We are tired of being ignored!

Extract 6
Most apparently, the presence of alternative public DNS roots results in different answers being given to the same DNS queries issued from different computers on the Internet, depending on the pre-stored IP addresses in the inquiring computer. The fundamental DNS design goal of providing consistent answers to DNS queries is therefore frustrated.

Response to Extract 6
You had many years to keep the public interest from becoming “frustrated”.  You ignored what you considered competing roots because you felt omnipotent given your relationship with the Department of Commerce.  Only now do you realize the magnitude competing roots will have on ICANN.  Instead of crying foul, you should begin a process of creating a set of standards to embrace such entities so that we may all benefit from their innovative ideas.  To do otherwise is to stifle the growth of the Internet.  Consistent answers to DNS queries will come from a set of standards that ICANN can coordinate.

Extract 7
Alternative roots also introduce the possibility of misdirected Internet activities due to cache poisoning. For performance reasons, the DNS design calls for resource records to be passed around among the nameservers on the Internet, so that a resolver can obtain quicker access to a local copy of the resource record. Because the DNS assumes a single-root system, resource records are not marked to distinguish them according to the root from which they emanate. Thus, the presence of alternative roots introduces the possibility that Internet activities by those intending to use the standard root could be misdirected by a stray resource record emanating from an alternative root. Indeed, some malicious hacking attacks have been based on this principle, prompting the Internet Engineering Task Force to propose a series of not-yet-implemented improvements known as "DNS-Security".

Response to Extract 7
Look.  You identified the potential harm that may come about from competing standards brought about by competing roots.  Shall we stand around and mope about this issue, or shall we do something about it.  Will ICANN become proactive in bringing about a set of standards, or will it go into a fetal position by maintaining its present isolationist attitude?  How long can ICANN afford to ignore the public interest of the Internet community?  The more you ignore us, the stronger we will grow and the more inept ICANN will appear in the eyes of EVERYONE.

Extract 8
These potentially destructive effects of alternative roots have long been accepted by the vast majority of Internet engineers. Despite this broad-based recognition, some have sought to justify the alternative roots by downplaying these effects. In response, and to document what it referred to as "some of the problems inherent in a family of recurring technically naive proposals," in May 2000 the Internet Architecture Board (IAB) issued RFC 2826, entitled "IAB Technical Comment on the Unique DNS Root."

Response to Extract 8
If you knew there were potentially destructive effects from alternative roots, then why didn’t ICANN do anything about it?  Who cares if such destructive effects are downplayed or not, your responsibility is to deal with the technical aspects of the Internet.  Why didn’t you try to bring about a set of standards when the issue was not so big?  Simply to state an observation is not enough.  We need resolutions.  And if your not up to the task, then assign someone to the position of President that is willing to accept the challenge before him/her and get this issue resolved.

Extract 9
To remain a global network, the Internet requires the existence of a globally unique public name space. The DNS name space is a hierarchical name space derived from a single, globally unique root. This is a technical constraint inherent in the design of the DNS. Therefore it is not technically feasible for there to be more than one root in the public DNS. That one root must be supported by a set of coordinated root servers administered by a unique naming authority.

Response to Extract 9
You say that there is a technical constraint inherent in the design of the DNS.  Is that it?  Are you admitting defeat rather than looking for alternatives?  Great!  You prance around and tell us that your concerned about the public interest only to conclude that we must live with a technical constraint inherent in the DNS.  Ever consider working with competing roots to get their opinions?  Is this technical constraint really inherent, or simply manufactured to appear that way?  Irregardless, what matters is the public interest which you so eloquently repeat ad infinitum.  It’s time to say, “Where’s the beef?”  Certainly not in a DNS that has an inherent technical constraint.

Extract 10
In the face of the destabilizing consequences of alternative roots, as articulated by the IAB and others, ICANN's prime directive of preserving the stability of the Internet and DNS requires an unwavering commitment to promote the continued prevalence of a single authoritative root for the public DNS. Any other course of action would be irresponsible.

Response to Extract 10
If the prime directive is to support a DNS that has an inherent technical constraint, then I’ll pass thank you very much.  To seek this course of action is, as you state, “irresponsible.”

Extract 11
The Internet's proper operation requires assignment of unique values to various identifiers for different computers or services on the Internet. To be effective, these assigned values must be made broadly available and their significance must be respected by the many people responsible for the Internet's operation. For example, every computer on the public Internet is assigned unique IP address; this address is made known to routers throughout the Internet to cause TCP/IP packets with that destination address to be routed to the intended computer. Without common agreement to respect the assignment, the Internet would not reliably route communications to their intended destinations.

Response to Extract 11
You state that “…these assigned values must be made broadly available and their significance must be respected by many people responsible for the Internet’s operation.”  Doesn’t that apply to ICANN as well.  So if .Biz is assigned to another set of individuals in the Internet community, shouldn’t you respect their existence?  Are you not also responsible for the Internet’s operation?  You go on to state that “Without common agreement to respect the assignment, the Internet would not reliably route communications to their intended destinations.”  What do you intend to do by awarding .Biz to somebody else when clearly this gTLD is already taken?  Stuart, you can’t have it both ways.  You need to get out of the habit of ignoring your own rules.

Extract 12
From the very beginnings of the Internet, the technical community has recognized the need for central coordination of the unique assignment of the values of identifiers. The Internet Assigned Numbers Authority (the IANA, now operated by ICANN) was created to fill this need; it now makes assignments of unique values for approximately 120 different identifier types. This responsibility has always been understood to be a public trust, and the IANA long ago adopted the motto: "Dedicated to preserving the central coordinating functions of the global Internet for the public good."

Response to Extract 12
I see nothing unique in the assigned identifiers.  There just domain names that have been handed out solely by ICANN for those appearing on the A root server.  What’s so unique about these domain names compared to those on competing roots?  I will agree that ICANN has dedicated its existence to “preserving” its central coordinating functions, but at our expense.  By maintaining an exclusive club, you ignore the possibility of bringing about a set of standards that would allow other competing roots to bring innovation to the Internet.  Unfortunately, that is unique.

Extract 13
This dichotomy recognizes that the Internet is, after all, a network (albeit a network of networks), and networks require coordination among their participants to operate in a stable and efficient manner. It also reflects the phenomenal success of the Internet's tradition of cooperatively developed open and non-proprietary standards. Those standards have provided an environment of highly interoperable systems that has allowed competition and innovation to flourish.

Response to Extract 13
If there were, as you say, “standards” that “have provided an environment of highly interoperable systems”, then why can’t I see competing roots on the various browsers?  How is this competition if the competing roots are now allowed to appear on the various browsers?  You call that innovation.  You’re seriously mistaken.  Besides, why should ICANN even be in the root server business?  Even more important is why ICANN should favor one root over another when all could be running under the same set of standards.  Now that would bring about competition and innovation.

Extract 14
Similarly, coordination of the root server network is necessary if the whole system is to work smoothly. While day-to-day operational tasks, such as the actual operation and maintenance of the Internet root servers, can be dispersed, overall policy guidance and control of the TLDs and the Internet root server system should be vested in a single organization that is representative of Internet users around the globe.

Response to Extract 14
Care to explain why the “control of the TLDs and the Internet root server system should be vested in a single organization?”  Let the invisible hand deal with the TLDs and the Internet root server systems.  You should just stick with your mandate, the technical aspects of the Internet.  Come up with a set of standards so all competing roots can be under one umbrella.  That should be your goal.  Favoritism will only result if you go beyond such responsibilities.

Extract 14
Further, changes made in the administration or the number of gTLDs contained in the authoritative root system will have considerable impact on Internet users throughout the world. In order to promote continuity and reasonable predictability in functions related to the root zone, the development of policies for the addition, allocation, and management of gTLDs and the establishment of domain name registries and domain name registrars to host gTLDs should be coordinated.

Response to Extract 14
Again, why do we need to have just one root server.  It’s like saying that we only need AT&T.  Competing roots will push each other to provide more innovative products and services as long as they operate under a set of standards.  Shouldn’t that also be the goal of ICANN.  Wouldn’t we benefit from this type of competition as well as “continuity and reasonable predictability in functions related to the root zone?”  What are you afraid of?  That competing roots will bring about the commoditization of root servers on the Internet?  How will that harm the consumer?  You are representing the consumer, aren’t you?

Extract 15
There are those who are choosing or have chosen not to work within the ICANN process and within the ICANN policy framework. For their own insular motives, they have launched or are launching various "alternative" root systems or systems that emulate alternative roots, without regard to the destabilizing consequences. Some of them have characterized their efforts as an attempt to convince the user community that it is possible to launch new TLDs rapidly. The underlying thesis is that if it looks like a TLD, walks like a new TLD, and quacks like a new TLD—then it must be a new TLD. Unfortunately, this is not the case. As a result a number of third parties (fortunately not that many) are registering with these alternative systems under the misguided belief that this entitles them to preferential rights to these domain names as though they were part of the authoritative DNS.

Response to Extract 15
What does this say about ICANN’s inability to coordinate other competing roots under one umbrella?  If you’re concerned about the destabilizing effects of competing roots, then don’t just stand there, do something about it.  Bring about a joint effort to create a set of standards so that if someone wants to add a competing root, then fine.  Let them.  Just make sure that they operate within a set of standards.  If not, they don’t show up on the radar screen.  It’s that simple.  Instead of crying foul, take initiative and bring about resolution.  You’re the President, act like one.  If you walk like a President, and talk like a President, then act like a President.

Extract 16
The backers of these systems seem to work under the philosophy that if they get there first with something that looks like a TLD and invite many registrants to participate, then ICANN will be required by their very presence to recognize in perpetuity these pseudo TLDs, inhibiting new TLDs with the same top-level name from being launched through the community's processes. Nothing could be further from the truth. Regardless of hyperbole fueled by the self-interest of those who would advocate or, inadvertently or otherwise, nurture the fragmentation of the DNS, ICANN is committed to stability, a unique DNS, and orderly consensus-based processes for making policy decisions about the management of that DNS.

Response to Extract 16
Nothing could be further from the truth regarding the use of community processes to determine the selection of TLDs.  Did you ask my opinion?  Did you ask anyone else’s opinion as to which should be selected and who should have the right to administer them?  No.  So let’s get one thing straight.  You did not use community processes to determine who received new TLDs.  Please be objective and don’t resort to such exaggerations.  Maintaining this public forum is not “community processes.”  If the DNS has an inherent technical constraint, then let the fragmentation begin until we can find a replacement.  You can either control the process of replacement of the DNS, or face being replaced yourself.  Which will it be?

Extract 17
One prominent example, described in recent testimony before the US Congress, was the activation of a previously dormant TLD within an "alternative" root after other companies had already expressed interest in establishing a TLD of the same name through the ICANN process, and after several detailed proposals were submitted for community consideration. In an apparent effort to preempt the community-based process, a number of registrations were created in the alternative TLD by a small number of registrants (indeed, 60% of the first wave of registrations were made in the operator's own name), and various public statements were made, including in Congressional testimony, that were clearly intended to create the illusion of long-established and continuous operation. In fact, an analysis of registrations in this "alternative" TLD shows that, as of April 2001, there were only slightly over 3,600 names registered, a significant number of which are obviously names captured by speculators (such as and On the basis of this opportunistic record, this operator has claimed global priority over the community decisions through the ICANN process. This episode illustrates the wisdom of the White Paper's warning that "decision[s] to add new top-level domains [must not] be made on an ad hoc basis by entities or individuals that are not formally accountable to the Internet community."

Response to Extract 17
If somebody is willing to bring to market a workable competing root with domain names acceptable to the market, then so be it.  If you had developed a set of standards to allow competing roots to join that of the A root server, then this would not be a problem.  The market would determine which competing roots survive, and which don’t.  Those that come to market first, get the name(s) as long as they adhere to a set of standards.  As for trademarks being taken, let the UDRP handle such issues.  One of the standards would be that conflicting domain names of trademarks be flushed out unless there are extenuating circumstances, i.e. BA = Bob Alder rather than BankAmerica.

Extract 18
As previously stated, ICANN operates under a public trust that derives from the wishes of the community. It would be a supreme violation of that trust for ICANN to accede to any notion that those who bypass these community-based processes for their own purposes (profit-driven or otherwise) should gain any preferential treatment over those who work within these community processes.

Response to Extract 18
Again, what community processes are you referring to?  As for profit-driven motives, would you rather we operate in a socialistic or communistic environment?  Do you believe for one second that the applicants selected by ICANN, not community processes, aren’t in it for profit-driven motives.  Come on!  What kind of mumbo jumbo is that?  Speaking of public trust, should individuals within ICANN be allowed to serve on Boards of applicants competing for domain names.  Give me a break.  Who’s kidding who?

Extract 19
As already noted, "alternative" roots inherently endanger DNS instability—that is, they create the real risk of name resolvers being unable to determine to which numeric address a given name should point. This violates the fundamental design of the DNS and impairs the Internet's utility as a ubiquitous global communications medium. Some of these systems also employ special technologies that—ingenious as they may be—may well conflict with future generations of Internet standards. Those who choose to work outside the system now can make no credible claim that their technologies can be adapted to these futures standards, or even that they will be around to adapt them even if that were possible.

Response to Extract 19
The DNS has already endangered itself with its own inherent technical constraint.  The DNS shouldn’t need competing roots to get your attention about finding solutions.  Yet, your inability to improve the DNS has brought about this dilemma which now puts you on the defensive.  Rather than trying to bring about radical changes from the Internet community, you instead choose to divert our attention from the real issue at hand by creating boogey men out of competing roots.  The competing roots are sending you a message.  Yet, you refuse to pay attention to that message.  If progress can only be brought about by working outside YOUR system, then so be it.  Why should we allow excellent ideas to rot on the shelves while your sitting idle on the sidelines?

Extract 20
Experimentation has always been an essential component of the Internet's vitality. Working within the system does not preclude experimentation, including experimentation with alternative DNS roots. But these activities must be done responsibly, in a manner that does not disrupt the ongoing activities of others and that is managed according to experimental protocols.
DNS experiments should be encouraged. Experiments, however, almost by definition have certain characteristics to avoid harm: (a) they are clearly labeled as experiments, (b) it is well understood that these experiments may end without establishing any prior claims on future directions, (c) they are appropriately coordinated within a community-based framework (such as the IETF), and (d) the experimenters commit to adapt to consensus-based standards when they emerge through the ICANN and other community-based processes. This is very different from launching commercial enterprises that lull users into a sense of permanence without any sense of the foregoing obligations.

Response to Extract 20
So, what are you going to do about it?  Where in the above paragraphs do you state how to achieve experimentation?  Nowhere!  What is the time frame for experimentation?  How will the ideas be brought about?  Do you care?  The experimenters will commit to adapt to a consensus-based framework if you would only invite them.  Use this as your chance to create a set of standards.  But, there is nothing wrong with launching a commercial enterprise if ICANN is going to sit idle on the sidelines.  If you are only going to be a man of words, then I hope competing roots flourish.  I don’t want any part of your idealism if it cannot be put into motion.

Extract 21
In an ever-evolving Internet, ultimately there may be better architectures for getting the job done where the need for a single, authoritative root is not an issue. But that is not the case today. And the transition to such an architecture, should it emerge, would require community-based approaches. In the interim, responsible experimentation should be encouraged, but it should not be done in a manner that affects those who do not consent after being informed of the character of the experiment.

Response to Extract 21
For once, you make sense.  Yet, what if you have someone that doesn’t consent to change?  Shall we then resign ourselves to just having a single root with a DNS that has an inherent technical constraint?  Your job is to be proactive, not submissive to a chosen few.  Do your job and competing roots will join you.  If you don’t, then competing roots will go after you.  Who will encourage experimentation?  You?  Again, you fail to take a position?  Yet, you are the President.  Do you only have a title, or do you have authority to make decisions as well?

Extract 22
Community-based policy development is not perfect. It may proceed slower than some would wish. The introduction of new TLDs has proceeded at deliberate speeds. Impatience in the context of Internet timescales is perfectly understandable. The outcome of orderly processes based on the wishes of the community, however, is assurance that the Internet will continue to function in a stable and holistic manner that benefits the global community, and not become captured by the self-interests of the few. That, in the minds of most, is a price worth paying.

Response to Extract 22
Please don’t speak for me when you state, “Impatience in the context of Internet timescales is perfectly understandable.”  It’s not understandable when you proceed at a pace that results from inability to made decisions on a timely basis.  Such inabilities on the part of ICANN are not, in my mind, worth the price we are paying.  Your statement, “It may proceed”, should read, “Has definitely proceeded”, at a slower rate than we wish.  Don’t pawn off the delays of ICANN on the self-interests of a few when they are your responsibility alone as President.  Competing roots have no control over such activities.  Furthermore, the winning applicants of the new domain names also have self-interests.  That’s capitalism.  If you don’t agree, then resign and let a real leader take control of the helm.  We need results, not more excuses. 



Message Thread:

Privacy Policy | Terms of Service | Cookies Policy