Comments on the Department Of Commerce
National Telecommunications and Information Administration
15 CFR Chapter XXIII
[Docket No. 980212036-8036-01] ( "Green Paper" )
"Improvement of Technical Management of Internet Names and Addresses."

Scott Bradner
     Harvard University
     Internet Engineering Task Force / Internet Engineering Steering Group
     Internet Society trustee
     ARIN trustee

1. Introduction

The U.S. government has published a Green Paper describing a proposal for the migration to a new corporation of the functions that the Internet Assigned Numbers Authority (IANA), operating under the direction of Jon Postel, has been performing for many years. These are some comments on that proposal.

In the way of background, I am an employee of Harvard University, the co-Area Director for the Transport Area in the Internet Engineering Task Force (IETF) and a member of the IETF Internet Engineering Steering Group. I am also an elected trustee of the Internet Society(ISOC) and a member of the Board of Trustees of The American Registry of Internet Numbers (ARIN)

2. Summary

The establishment of an independent international corporation to continue the work of the IANA is vital to the continued health and expansion of the Internet.

The detailed structure of the proposed new corporation should be determined using the consensus-based process that has proven to be so successful in developing the Internet to date.

For-profit registries are a exceedingly bad idea and could cause significant harm to the well-being of the Internet.

The description of the continuing role of the U. S. government in the new corporation is confusing and troubling to many people.

The broadly supported, ISOC initiated, IAHC process and the resulting POC/CORE proposal should be part of the solution.

3. Specific comments

3.1 A new independent corporation

The Green Paper proposes a new independent corporation to carry on the work that the IANA has been performing for many years. I think it is very important to have such an organization for a number of reasons:

1/ historical continuity - There has always been a single coordination organization for the Internet and that organization (the IANA) has been instrumental in bringing the Internet to the point that it is today and has, through its actions, earned the trust of most of the Internet community. Moving away from having a single coordinating organization would lead to the perception of a power vacuum and the risk that a number of organizations will try and fill that vacuum.

2/ prevent proliferation of infrastructure organizations - Too many organizations, each representing part of the global Internet infrastructure, will be confusing to Internet users, governments and the press. Too many organizations would also confuse the industrial partners which these organizations will have to depend on for their legitimacy and their support.

3/ provide outside review of infrastructure policies - Each of the different infrastructure organizations will have to develop their own procedures to deal with their area. If these procedures are developed in isolation, without any external check & balance, it is very likely that the rules will be seen as unfair by some part of the Internet community. Having a structure whereby "outsiders" can be involved in the process setting deliberations within a specific group and having an oversight organization that must give final approval to the processes will help ensure that the rules are seen as fair.

4/ default home for new functions - There are many additional global Internet infrastructure functions on the near horizon. For example, there is talk of an organization to organize the certificates needed for secure DNS, an organization to deal with certificates for e-commerce, an organization to be the root of a hierarchy of routing registry certificates, and an organization to hold and carefully make public selected Internet traffic statistics. If there is not a default home for these new functions a power struggle will develop every time that a new function is needed and this will delay the development of those new functions that will be needed to support the next generation Internet.

3.2 specific details of the new corporation

The Green Paper proposes a number of specifics about the organization and makeup of the new organization. I suggest that most of the specifics should be worked out using the consensus-based deliberative process that has been a hallmark of the development of Internet standards. Some guidelines may be useful but the specific board makeup, membership selection process and decision processes would be better developed rather than dictated. I

3.3 The relationship between the new corporation and the IETF

The specific wording of the Green Paper's description of the role of the new corporation in relation to the IETF is in error. It implies that the new corporation will have some form of control over the standards development activity of the IETF. This is not the current relationship and is not a relationship that the IETF would be comfortable with. It is completely reasonable and constant with the existing relationship to say that the new corporation will coordinate the assignment of technical protocol parameters.

3.4 U. S. government oversight

The Green Paper says that "the U. S. government would participate in policy oversight to assure stability until the new corporation is established and stable." There is a clear need for there to be some form of safety net function to be ready to rescue the Internet infrastructure functions in the unlikely event that the new corporation were to fail in some way. But the specific wording of this section has caused a great deal of confusion and concern about the extent of U.S. government control of the new corporation and its activities. I would suggest that this be reworded to make it clear that the U. S. government role will be only a safety net one and that the development of policies by the new corporation will not be under the control of the U. S. government.

3.5 for-profit gTLD registries

The Green Paper notes the arguments for and against the idea of for-profit registries for gTLDs and concludes that for-profit registries are a reasonable path to follow, making the assumption that the marketplace will be an effective counter force against any tendency of the operator of a gTLD registry to exploit their position. I think that the conclusion is seriously incorrect. It assumes that if someone does not like the service or price that a particular gTLD registry is charging then they can just move to another registry. But moving to another registry entails changing one's domain name, a very expensive proposition at best and likely impossible for all but the smallest of domain name owners.

Changing one's domain names is not as easy as changing a phone number. In addition to changing all the stationary and literature one also has to change corporate identity at least to some degree. The worst case of this would be a corporation that includes the TLD as part of their corporate name - Boston.com is an example of this - the entire corporate concept would have to be redone to move to Boston.firm for example, including changing their legal name. The closest example in the telephone world would be if 1-800-flowers were forced to change its name to 1-800-blossoms and then have someone else take the 1-800-flowers phone number.

Even worse in this age of the web is the fact that there are thousands or even hundreds of thousands of URLs pointing at on-line information offered by large corporations. The corporation is not in charge of these URLs, they are in web search engines, on-line documents authored by others and saved as bookmarks in millions of web browsers all over the world. For a major Internet-based corporation to change its domain names it would have to unwind the web, an impossible task.

For these reasons the idea that the threat of domain name owners moving to other domain names would have any useful market-place function is clearly incorrect. One can even imagine a scenario where governments passed regulations to require that the operators of sexually explicit web sites to use domain names in a .sex gTLD. If the registry for .sex were a for-profit one they would have a captive clientele and could charge just about anything they wanted.

It is clear to me that for-profit registries for gTLDs are a very bad idea that would do significant harm to the Internet and should not be permitted. Instead the new corporation should be able to contract for registry services to be delivered on a cost recovery basis.

3.6 for-profit registrars

The Green Paper proposes that registrars be permitted to be for-profit and that all registrars would have access to all gTLDs. This makes a great deal of sense and should be done.

3.7 POC/CORE

The Green Paper relegates the long and very good work done by the ISOC initiated International Ad Hoc Committee (IAHC) in proposing a structure, now refereed to as POC/CORE, for the introduction of additional gTLDs and the management of all gTLDs, to be on a par with the efforts of some individuals. This is at best unfortunate. The gTLD-MOU that the IAHC drafted now has more than 200 signatories and close to 100 organizations have signed up to be registrars under their plan. It has a great deal of international support and should not be ignored or denigrated to be equal to the efforts of a few people working mostly on their own and which have garnered very little support. The POC/CORE plan is not the only reasonable plan for creating a stable environment for the creation and management of gTLDs but it is far better than any other that I have seen and the new corporation should take this into account in deciding who should play major roles in the future structure of domain name management.

3.8 ownership of gTLD data

The Green Paper says that the contents of the database that NSI uses to operate .com, .net and .org will be turned over to the new corporation. I would extend this to recommend that the owner of the data for all gTLDs would be the new corporation proposed in the Green Paper and that this corporation would contract with individual registries to provide the required database services. The new corporation would at all times be provided an up to date shadow copy of the gTLD data. If a registry fails, or if the new corporation finds that the service being delivered by a registry is inadequate, the new corporation could immediately contract with another registry to provide the support services.

In addition these databases include a great deal of information about individuals and organizations. A careful determination should be made as to what parts of the data are required to be public to ensure the reliable operation of the Internet and the privacy of the rest of the data should carefully guarded.

3.9 .gov and .mil gTLDs

Unlike the other gTLDs, .mil and .gov have been restricted to U. S. military and government organizations. It might be reasonable to establish a timetable to migrate the existing .mil and .gov domains under the .us country code TLD. For an extended transition time existing registrations could be reachable through both old and new domain names while all new registrations would be under the .us TLD. The transition time could be quite long to allow for the URLs on the web pointing to the old gTLD to be replaced by the news ones and at the end of the transition period .mil and .gov would be retired as gTLDs.

4. Conclusions

The proposed establishment of a new corporation to be the home of the top of a number of Internet infrastructure functions is a vital step in the development of the Internet. Alternatives to this proposed independent corporation are painful to imagine. The Internet has prospered in no small part because it was not managed using traditional telephony regulatory processes. To attempt to start that type of regulation at this point could easily badly stunt the potential of this exciting technology development environment.

While some of the details in the Green Paper are questionable, the basic philosophy is to be applaud and strongly supported.