ICANN's Lynn on alternative roots
Date: Tuesday May 29 2001, @04:34PM
Topic: Alternate Roots

tlr writes "According to a Note to the ICANN community (which is not included in my printed version of the text [this prefatory note appears to have been added to the original, unsigned, version after ICANN started getting questions and protests -mf]), the Discussion Draft titled A Unique, Authoritative Root for the DNS which was posted on the ICANN web site has been authored by ICANN's new president and CEO, M. Stuart Lynn.

This draft is not a masterpiece."

From the abstract on, the draft contains ample speculations on the insular motives alternative root advocates are suspected to have - but little evidence for this allegation. Lynn then claims that alternative roots' decisions to include particular top level domains have not been subjected to the same tests of community support and conformance with the public trust - as what? As the TLDs which will be included with the canonical root? He concludes that ICANN should give no preference to those who choose to work outside of (ICANN's) processes, and outside of the policies engendered by this public trust.

In the first section of the actual text, Lynn talks about technical needs for a single authoritative root. Among his various arguments, point 2 is particularly interesting:

typing in a web site address at two different computers configured to reference different roots can result in reaching different web sites - a particularly disturbing possibility if, for exampple, money is to change hands or privacy or security concerns are violated.

Of course, this argument is quite weak - after all, establishing the identity of your correspondent is a problem which is created by the very fact that DNS adds a layer of indirection between "I want to talk to ABC bank", and "I'm contacting abc-bank.de". (This is an actual case - there were two regional ABC banks established in the late 19th century, indepedently of each other. They clashed in the late 20th century over domain name questions. Ups.) If the use of the wrong root server directs your money the wrong way you certainly have other problems than the alternative roots.

Also quite interesting is argument number 5, cache poisoning. In particular, Lynn writes:

Because the DNS assumes a single-root system, resource records are not marked to distinguish them according to the root from which they emanate.

Keep this in mind: RRs don't carry information on the root from which they come. Says Lynn, in this section.

Section two of Lynn's draft is titled The Public Trust in Coordinated Assignment Functions. This section talks about the need for a central ICANN, and about the process which finally lead to the creation of the incarnation we are dealing with. What's not mentioned is more interesting: On the one hand, the fact that even ICANN depends on the consensus of users and system administrators who decide not to use an alternative root - or just don't decide and go with their software's default configuration. On the other hand the strong network effects which will occur quite naturally in the domain name market, and may indeed make ICANN's monopoly a natural one.

As a consequence of this, the White Paper and much of the process which should be used with ICANN, seems to be used as a justification for a single root - which is actually a circular argument. After all, we probably wouldn't need this entire process in a world in which reasonable competition to ICANN would be possible. Market forces could be relied upon instead.

Section three of the draft finally talks about the new TLDs. We find more references to the white paper, and about ICANN's accountability. Note, in particular, the following sentence from the White Paper which Lynn quotes:

As Internet names increasingly have commercial value, the decision to add new top-level domains cannot be made on an ad hoc basis by entities or individuals that are not formally accountable to the Internet community.

That part about formal accountability to the community is, I suppose, open for debate.

The usual proof of concept argument follows: Completely ignoring existing - say - pseudo-gTLDs such as .TV, the first round of new TLDs is described as a

proof of concept of the technical and business feasibility of introducing more TLDs into the DNS.

Of course, no experience was gathered about adding more TLDs over the past years, right?

The section concludes with praise for the SOs - which represent the consensus views of the technical and the user/business/other institutional communities, respectivel (where's that individuals' constituency again?) - and to those who participated in the TLD lottery in Marina del Rey:

They chose to work within the community-based ICANN process, even though they knew that only a "limited number" of TLDs would be selected - at least in the first round

After the white knights have been identified, the black ones can be dealt with in section four, Outside the Process:

There are those who are choosing or have chosen not to work within the ICANN process and within the ICANN policy framework. For their own insular motives, they have launched various "alternative" root systems

Mr Lynn: There's something between black and white. How about .WEB who are in the alternative roots and have applied for a place in the canonical root?

Section five finally talks about experimentation. After identifying a number of reasonable requirements for experimental services, the use of the RR class tag is suggested in order to distinguish alternative roots from the canonical root.

Then, Lynn claims this:

For resource records within the standard root-server system, this class tag is set to "IN". [...] Those that have deployed alternative roots have not used a different class designation, however, choosing instead to have their resource records masquerade as emanating from the standard root, and creating the potential for disruption of other's (sic!) operations.

Si tacuisses...

First, note that the interpretation of the IN class as "masquerading as emanating from the standard root" contradicts Lynn's argument from section two of the draft which we quoted above:

resource records are not marked to distinguish them according to the root from which they emanate

Second, this interpretation contradicts the normal - and generally accepted - use of class IN records within internal networks. Third, using different classes just doesn't make any sense if you want to try different name spaces: Among other things, the IN class is hardcoded into some resolver libraries (I checked the OpenBSD libc source which just skips over any non-IN entries when asked for an IP address - I'm sure they aren't the only ones with this kind of behaviour).

Thus, using RR classes in order to distinguish roots would basically mean that you may have to change a lot of software (not just configuration files) just if you want to use a different root server. This is, of course, not practical.

Let me summarize. The discussion draft tries to argue against alternative roots. Bad enough, we find circular arguments, blantant misinterpretations, and actually obvious contradictions within the draft itself, apparently added for the sake of polemics and empty rhetoric. Serious analysis is mostly missing, despite the announcements made in the introductory note.

There are indeed arguments why alternative, uncoordinated roots may be a bad idea, or may just not have a chance to take off due to network effects. There are arguments why ICANN can be considered as a natural monoply which is kind of controlled by the white paper process. And there are arguments why certain "alternative root TLDs" should be included with ICANN's root. All these arguments should be put onto the table.

Instead, all we are getting is this draft, with the URL threatening that it'll be presented in Stockholm. What a pity.

This discussion has been archived. No new comments can be posted.
ICANN's Lynn on alternative roots | Log in/Create an Account | Top | 7 comments | Search Discussion
Click this button to post a comment to this story
The options below will change how the comments display
Check box to change your default comment view
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Multiple submissions of this item!
by michael (froomkin@lawUNSPAM.tm) on Tuesday May 29 2001, @04:46PM (#682)
User #4 Info | http://www.discourse.net/
Many people, including 300baud and several anonymous, sent us links to and comments on this report. We are grateful to all of you. Notably, hofjes sent us the following:
Irony: ICANN's Discussion Draft About Unique A-Root and Why It Should Run Same
ICANN published its “Discussion Draft: A Unique, Authoritative Root for the DNS”. Its basic premise is (1) there should be only one A-Root; and (2) ICANN should operate that A-Root because it, unlike all alternative DNSes, operates for the public good, and is operated by the Internet community. Do the few people controlling ICANN really believe this?

I agree that there should be only one authoritative root. I have not seen a viable proposal for multiple A-roots, though I am open to suggestions.

However, I strongly disagree that ICANN operates the DNS for the public good, and I disagree even more that ICANN is run by the Internet community. To the contrary, ICANN is run by a few self-dealing individuals, and their actions are taken based on their personal beliefs - the ICANN policies are not based on any consensus.

The ICANN paper criticizes alternative roots as “substitut[ing] insular motives for the community-based processes” and having been created “to gain proprietary advantage” “with little regard for the public interest”. I believe the policies and goals of the Open Root Server Confederation and other alternative roots are much more reflective of the Internet community’s consensus, and of the public interest, than ICANN’s politically motivated policies and direction.

The ICANN paper is pure irony and hypocrisy. I hope the “discussion” it calls for comes to the same conclusion.

[ Reply to This | Parent ]
Re: ICANN's Lynn on alternative roots
by love@cptech.org on Tuesday May 29 2001, @06:08PM (#683)
User #1652 Info
If control over the root was only about stability of the net and
predictability, then it would seem that a single authoritative root
would be unambiguously the best policy.

But if those who control the root manage it in a monpolistic manner,
create huge economic rents to those get who get the scarce TLD
franchises, and impose all sorts of policies on the entire internet
community, for example to reduce privacy and to enforce anti free speech
policies, and who knows what next, then the issue of alternative roots
becomes more interesting, and yes, also political, because the control
of the single root has become way too political.

Jamie Love

[ Reply to This | Parent ]
Re: ICANN's Lynn on alternative roots
by joppenheimer on Wednesday May 30 2001, @08:14AM (#687)
User #5 Info | http://JudithOppenheimer.com
> Instead, all we are getting is this draft, with the URL threatening that it'll be presented in Stockholm. What a pity.



The ICANN Public Forum will begin on Sunday, 3 June 2001. The agenda currently includes the following discussion items and reports:

16:15 - 17:00 -- Presentation of Discussion Draft on A Unique, Authoritative Root for the DNS

[ Reply to This | Parent ]
ICANN Blog's Comments
by michael (froomkin@lawUNSPAM.tm) on Wednesday May 30 2001, @08:19AM (#688)
User #4 Info | http://www.discourse.net/
Here, in case you missed them, are Bret Fausett's comments in the ICANN Blog on the ICANN paper (reprinted with permission):
"Discussion Draft" on Unique Root. Contrary to the idea that policy pronouncements are made "bottom up" from the Supporting Organizations, ICANN Staff posted a draft paper yesterday on "A Unique, Authoritative Root." The paper claims to be a draft statement of policy, but neither the paper itself nor the concerns it purports to address originated with any Supporting Organization. It was not the product of any working group or task force and has not been adopted by the ICANN Board. Although titled a "Discussion Draft," ICANN provided no time on the Public Forum agenda in Stockholm for discussion of the subject and did not create a public forum for posting comments. 

More importantly, the paper interrupts a DNSO process meant to examine the issue of alternate roots and alternative naming systems. A General Assembly group of the DNSO is now discussing these issues, and the DNSO's Names Council will begin a discussion on the subject with a presentation in Stockholm (Forsyth paper/Mueller paper). The ICANN paper states what the DNSO's conclusion should be.

This is not the kind of "bottom up" policy development that is supposed to characterize the ICANN process. In a later added preface, ICANN President Stuart Lynn claims the draft as his own work and writes that he felt it necessary to publish it because he found a "lack of completeness" on the "documentation of the policy basis for ICANN's commitment to a unique, authoritative root." Of course the documentation was incomplete -- ICANN has never set an official policy on these issues. The DNSO's Names Council took the first steps in a possible policy process last month when it called for an informational presentation in Stockholm. But the prominent display on the ICANN web site of one draft contribution from ICANN's senior staff is inappropriate and, even in the best light, premature.

I agree. I expect to see an increasingly propagandistic tone to the ICANN home page as their PR person gets into the swing of the job--and as ICANN starts to feel more cornered. Indeed, last week's self-congratulatory press release on the VeriSign deal -- neither the text of which, nor even the key percentages negotiated at the last minute, has yet to grace ICANN's home page -- is a sign of the new trend.
[ Reply to This | Parent ]
Some notable things about this draft
by fnord (groy2kNO@SPAMyahoo.com) on Wednesday May 30 2001, @11:57AM (#693)
User #2810 Info

Read the rest of this comment...

[ Reply to This | Parent ]
Re: Some notable things about this draft
by Jon_Weinberg on Thursday May 31 2001, @03:02PM (#707)
User #16 Info | www.threecats.net
[Here, until we can fix the bug resulting in the broken link above, is the end of fnord's comment -- jon]

And 2., in response to the question: What do you wish you had invented? Paul replies: A directory system for the Internet that wouldn't be controlled by the politicians, lawyers and bureaucrats. Amen. -g

[ Reply to This | Parent ]

This article comes from ICANNWatch

The URL for this story is: