insight 

Back in February I wrote about the ‘Perfect Storm’ developing in the area of international and national Internet Governance. Whilst weather prediction is a notoriously difficult and sometimes dangerous business, recent developments suggest there may be a calmer period with a few sunny intervals ahead.

What has provoked this unseasonal optimism, you may ask? It’s mainly due to the announcement that the Joint Project Agreement between the US Department of Commerce and ICANN has come to an end.  In its place are a series of commitments such as ensuring that decisions are made in the public interest, preserving the security and stability of the Domain Name System and promoting consumer trust and choice. A series of ongoing regular reviews will also be introduced with the aim of ensuring ICANN’s accountability to the wider Internet community, and Internet users in particular.

Nominet strongly supports the private-sector led, bottom-up model for the technical co-ordination of the domain name system, and we believe the end of the JPA confirms that this model is the right one for such a fast-moving, innovative sector.

There’s clearly an interesting parallel here with what’s happening in the UK Internet industry. The outcomes of Nominet’s Independent Governance Review and the Digital Britain Report, suggest that there is strong support for Nominet to commit to a ‘public purpose’ role. So, I guess my forecast that representation and protection of end-users would become a major Government focus appears to have been quite accurate (albeit that was rather easy to predict).

I’m clear that this is the right way forward, but this approach will certainly bring its own challenges. Working for a public purpose means balancing an even wider range of conflicting interests from the many different groups involved in the Internet and the Internet governance process. In particular, it will mean balancing commercial pressures and end user interests - always tricky on a national scale, even more so when these are on a global scale. However, responding responsibly to the dynamic and ever changing demands of Internet stakeholders is essential to both keep pace with developments and to make the Internet a trusted and safe place going forward.

The Internet governance landscape is changing and there are some bright patches appearing over the horizon, but the many challenges of engaging with and seeking to satisfy such a wide range of users suggests that there may be some cloudy patches on the way too!

I participated in a public hearing in Brussels last week on the Future of Internet Governance. The hearing brought together representatives from Internet players such as ISOC, ICANN, IGF, CENTR etc. with business and civil society representatives to gather inputs on key questions posed by The Commission. These will inform its ‘official’ position on Internet Governance, which should be announced shortly.

Viviane Reding, EU-Commissioner for Information Society and Media, released her personal thoughts on the subject via a video message and press release earlier in the week. She called for a new governance model for the Internet that would include a fully privatised ICANN, as well as a “G12 for Internet Governance.” This confused people somewhat as they believed Viviane’s views and the EU Commission’s views were one and the same. This is clearly not the case and the timing of the statement in advance of the hearing was rather unfortunate (!).

Having said that, many agreed with Reding’s view that ICANN should be independent of the US Government, provided that ICANN accountability can be fully established. However, the notion of ICANN being answerable to an “Internet G12” was not popular. It just would not be suitable for a small group of only twelve selected Governments to set global Internet policies.

At the hearing itself, there was strong support for the continuation of the IGF and numerous interventions about ICANN, particularly in view of the status of the Joint Project Agreement. There were some suggestions that there should be a new Internet Governance model for a new era of the Internet, with some pushing for  an over-arching inter-governmental role. I cannot yet understand why new would necessarily be better.  Surely it would be easier to identify what the issues are and how they can be better addressed, rather than seek new structures.

It is widely recognised that the Internet is now fundamantal to global economies and therefore governments have a strong interest and a role to play going forward. But it is important to also recognise that the usual timescales for government and inter-government actions, the difficulty of developing effective legislation and the international nature of many of the issues, just do not fit easily with the nature of the Internet.

Therefore, no single universal regulatory or purely inter-governmental global oversight can ever align itself successfully with the diversity and sheer pace of change in this sector. The only model of global  Internet Governance that will achieve this is one that allows all concerned to work together, through multi-stakeholder participation and partnerships.

Participation is really key and more Governments and stakeholders need to be much more involved so that Internet Governance is truly representative of our worldwide and multi-stakeholder Internet community. If the people who attended the hearing are an indication, there are certainly lots of issues for all participants to talk about.

I’m always cynical when a management blog is silent on the current challenges facing a company, particularly when they are covered in the media.

We’ve had snow storms this week in the UK, so there is much talk about storms. It strikes me that some might view the current issues at Nominet as a storm in a teacup – a small event that has been exaggerated out of all proportion. Not unsurprisingly, I don’t agree. I think that the storm has already had a significant effect on Nominet and it could well have far reaching implications for both Nominet and our Registrars. I do hope (but I’m not sure) that all involved would agree that our current governance model and all that it entails needs to change in some way in order to reflect the role that we have and the environment that we operate in. The independent governance review is due soon, so we’re waiting to see how much change is recommended.

However, I believe that this is just a part of the bigger picture of the national and international Internet Governance debate, which is set to come to a head this year. If anything, Nominet represents one minor development in this area, which, I believe, is heading towards a perfect storm – a (far from perfect) combination of events, which will ultimately change the Internet landscape.

Let me attempt to explain…..as briefly as I can:

Firstly, I see the need for change being signalled in the regulatory climate in the UK. It is well known that the UK Government has been very supportive of self-regulation in our industry. However, I do hear statements about the representation of end-user interests and the protection of end-users much more frequently than ever before. As an industry, we often respond to these statements by saying “better user education and information is the answer”. Whilst that may well help, we are going to have to accept this may not be the only answer, or one that will fully deliver. So, its currently up to the UK internet industry to figure-out how we are going to ensure that end-users are at the heart of our self-regulatory regime, otherwise regulation or legislation is inevitable. For example, the recent Digital Britain report signals possible legislation compelling ISPs to notify infringers of third party rights, and keep anonymised data, which seems to indicate a view that self-regulation has failed on this point. If self-regulation is perceived to falter in the UK, which has championed an industry lead, we can expect that more interventionist governments (both within and outside the European Union) will capitalise on this, and may use it as an excuse for heavy regulation.

Secondly, I see change being signalled at the European level, with the EU review of the regulatory framework potentially giving member states the power to regulate the Internet, particularly around quality of service to end-users.

Thirdly, I see change being signalled by the US Government in its approach to Internet governance, particularly with the recent change in administration. There is also an end-user needs theme here and in the context of the new generic Top Level Domain (gTLD)  process, the US Department of Commerce recommends that ICANN should give greater consideration to consumer interests before creating new gTLDs and renewing registry agreements. I do have a lot of empathy with ICANN - like in Nominet, it must feel as though you just can’t please anyone at times. But with so many concerns being raised about the new gTLD process, I’d be surprised if the US is able to agree to the transition of ICANN to the private sector when the Joint Project Agreement expires later this year. Although there remains much support for removing the ‘oversight’ of ICANN from one single government, there is little consensus on what oversight should replace that of the US. I predict that some governments will therefore push even more strongly for inter-governmental oversight of ICANN.

Finally, we are coming to a crucial stage in the life of the Internet Governance Forum (IGF). The review of the forum has already begun and is due to report in early 2010. We view this five-year experiment in global multi-stakeholder dialogue as being very successful. The UK IGF and the Nominet Best Practice challenge have helped to ensure that the UK has great involvement in the IGF and that there are real life contributions to inform the policy debate. Whilst some would have liked the IGF to be a negotiating and decision making process, it has worked well as a space for the development of policy dialogue and the sharing of best practices. What seems to have escaped many is that this form of engagement is an innovative experiment for the UN, in that it seeks to engage all regions and all participants in policy dialogue. If that experiment is not seen to be working, there will be suggestions for alternative replacements.

I do think that there is an urgent need for greater awareness of the international issues facing the industry if we’re to avoid the storms, together with a more widespread commitment to developing both understanding and innovative solutions.

Where can we start? Well, we will all need to accept greater responsibility for finding solutions going forwards. This will require much better participation and engagement from all involved. There also remains a huge need for better dialogue, better participation, better understanding and better solutions in the interests of end-users. All too often I hear people talking to each other, but not actually listening. I also see vested interest battle-lines being drawn, without the acknowledgement that real progress will need real compromise and new ways of moving forward. This would be a good basis on which to start preventing new storms, whether they are small or large, from developing.

Today saw the launch of .tel, a domain intended to act as a repository for contact data and an information sharing platform, rather than as an address for a web site.

Owners of .tel domains will be able to populate them with their contact details, such as their phone numbers, email addresses or GPS data and store this information directly into the Domain Name System.  The data is then displayed in a standard way for anyone visiting the .tel address, no matter what browser or device they are using.

Owners of .tel domains will be able to manage their contact details via a simple dashboard and include as much or as little information as they want to.

The “sunrise” phase for trademark owners to get domains related to their brands begins today, followed by a “landrush” phase open to anyone starting on 3 February 2009. The final general availability phase starts on 24 March 2009 when the domain will be open to all comers.

There will be a number of factors that have an impact on the success of .tel, most importantly how businesses react to this new top level domain (TLD).  Businesses will need to be aware of the potential uses of .tel and how it can work for them.  They should have a clear and robust domain name strategy in place, so that when new TLDs such as these (and there may be potentially many more coming with the new ICANN process for allocating TLDs opening up next year) come onto the market they are ready for them.

As can be seen from data within our recent domain name industry report the challenge for new top level domains is to serve a particular market need, increasing their usage over time and thus sustaining long-term popularity.  For instance, our report revealed that 81% of UK SMEs choose .uk as their primary web address and consumers choose to visit a .uk site because it shows a business is local and trusted. It will be interesting to track the success of .tel.

I’m asked all the time what I think is a good idea for a TLD.   The answer depends on how you judge success.  If it’s high volumes of registrations and huge profits you’re after then I’m not sure there is a “good idea” any more, except of course running the root registry, which could be more successful, by those criteria, than any registry before.

The possible route to take is looking at entirely new ideas for TLDs, in the same way that .tel is attempting something completely new.   So in that spirit here is my idea for a completely different TLD that I’ve been shamelessly promoting for the last year.  Not do anything with, you understand, but to get people to think “outside the box” on domains names, because that it where the future may well lie.

My idea then is very similar indeed to TinyURL.  What you register is not a domain, but a URL, which gets translated into a short code and it is that short code that then becomes the domain name.  So you would register the URL “http://blog.nominet.org.uk/insight/2008/06/icann-paris-new-gtlds/” and get given the domain name 6hgntn.l in return.

The domain name would not be a delegation though, just a URL redirection on my huge specially written webserver (easy to do).  You might be able to choose from a variety of redirection techniques and you may be charged differently depending on how much data you allow the registry to keep.  If you let them keep everything then it might even be free.

If you wanted to choose the domain for the redirection, instead of having one assigned then that would certainly cost a lot more, but then the registry would have to do dispute resolution and all that so maybe it is not worth selling these.

So, why .l?  Well obviously, because it is so short and actually any one character TLD will do, l for link or u for URL or r for redirection, it doesn’t really matter.  Some might even say this is the downfall of .mobi, at four letters for the TLD it is three letter too long and should really be just .m.

The issue that ICANN community process has been least able to tackle is that of access vs privacy in the WHOIS databases of Generic Top Level Domains (gTLDs). On the one side you have registrants, both individuals and organisations who want to maintain privacy for some very sound reasons. If you ran a web site offering abortion advice from a country where that was illegal then you would register in a gTLD, not the local country code and also want some degree of protection of your identity.

On the other side you have law enforcement who regard WHOIS, quite genuinely, as a very important tool in fighting online crime. Obviously that means that either there are a lot of dumb criminals who use their real identities to register domains or, more charitably perhaps, the protections in place to stop fake registration data do actually work.

This side is joined by the formidable Intellectual Property Community for whom domains names and the Internet are a huge problem of detection and enforcement. They, like law enforcement, want free and unfettered access to all WHOIS data.

Stalemate

The current position at ICANN is stalemate. Views are becoming so entrenched that the most recent discussion was on whether or not to commission more research into the problem, with some groups saying quite vehemently that enough research had been done over the years so no more was needed!

Jurisdiction

If we just concentrate on the issue of access for law enforcement you should hopefully understand just how complex and potentially intractable this problem is.

In the UK our policy is pretty straightforward. If you are a UK law enforcement agency and you ask for the data then we give it, even if the registrant has opted for privacy in the WHOIS. If you are a law enforcement agency outside of the UK then you must contact one inside the UK and ask them to ask us. So we deal exclusively with law enforcement agencies in our local jurisdiction.

In the gTLDs however the problem is much more complex. Let’s say PIR were to adopt the same policy and only deal with US agencies, since that is where they are based. Can you really imagine other countries being happy at asking US law enforcement agencies for data from what is supposedly a global domain name? Can you even imagine Iranian or Cuban law enforcement agencies asking or receiving an answer?

So this is altogether a global problem, in a world where mechanisms for establishing credentials over long distances are, at best, informal.

This is why one camp just wants it freely accessible, without limits and with all the data in it checked regularly. That way their access problem is simplified. Of course those who care about privacy would never agree to that.

There was a lot happening in the DNSSEC world at this ICANN, far more than any other forum and far more than previous ICANN meetings.

Signing .org

Public Internet Registry (PIR) announced their intention to sign .org, with the help of their registry partner, Afilias. This will be the first big Top Level Domain (TLD) to sign. The best bit is the reasons they give for doing are exactly the right reasons - they want to make the Internet a safer place by doing the right thing and signing .org.

Implementation is a while off but all the pre-work has been done and the ICANN board voted to give PIR the go-ahead. This is a brave step forward from the progressive CEO of PIR, Alexa Raad, and we wish them all the best.

IANA preparations and the new TAR

IANA announced their plans for a Trust Anchor Repository (TAR) as an interim measure until the root is signed. This will be a web site that us TLDs can populate through our normal processes with our keys. Anyone ISP or business who wants to use DNSSEC on the nameservers now has only the one place to visit to get keys rather than going to lots of different places.

This will certainly make life easier but it is still a poor second to signing the root. That unfortunately is out of IANA’s hands otherwise they would have done it by now, they have a well designed and well built (we’ve audited it) infrastructure in place to do it when they get the go ahead.

One thing IANA have been clear about is that they do not want any API access to the TAR. They are clear that this will develop into a competing technology to signing the root and almost everyone knows that is the best way forward.

US Government internal mandate

I haven’t checked this independently but I’ve been told that some departments of the US Government are going to mandate the use of DNSSEC internally. I’ve no idea how this will work but it shows a genuine recognition of the value of DNSSEC that I hope manufacturers take note of.

Resistance is fading

As knowledge and understanding of DNSSEC and the benefits it brings are spreading, the resistance amongst it from registries is fading. There are two public refuseniks but even then the picture is different depending on which part of the organisation you talk two.

The first is DENIC (.de) who are in the unenviable position of having a zone with more than just nameservers in it, they also have direct customer data of the type normally only seen on registrar nameservers. This means that DENIC have no choice but to sign their whole zone and cannot take advantage of the latest revision to DNSSEC that allows the rest of us to only sign those domains that are actually using DNSSEC. For us that means a gradual and low impact implementation of DNSSEC, but for DENIC it means the kind of big bang implementation us larger TLDs have all been frightened of.

The second, and most recent dissident, is apparently Verisign. Their CTO Ken Silva has been quoted in the media as saying that the urgency for DNSSEC is not there any more. I’ve no idea what is driving that, but I suspect it is the cost and complexity of adding DNSSEC support to their proprietary nameserver cluster. There is no doubt that bandwidth costs will increase for TLDs because the size of the response we are giving is increasing dramatically. But then with the likely gradual increase in DNSSEC takeup I expect this to be naturally absorbed in our rolling upgrade programme.

What this statement does do though is throw the spotlight on their contract with the US Department of Commerce (USDoC) to be the Root Zone Maintainer (RZM). It sits a bit uneasily when the rest of us are all pushing for the root to be signed, IANA are prepared and yet Verisign is going soft on the whole idea.

The exit plan

It might be more accurate to describe this as a lack of an exit plan. It is becoming clear that there is no way currently for a zone to signal that it intends to stop signing itself. If it just does so without such a mechanism then any validators operating in strict DNSSEC mode (nobody would do this just yet) would decide that all replies from that zone were bogus, effectively losing contact with it. Thankfully this is just a theoretical risk for now and our DNSSEC expert, Roy Arends, already has a solution so this should not take long to spread amongst implementors.

So, overall a lot is happening in the push for a secure DNS. All we need now is the root signed!

The most reported news from this ICANN meeting was the apparent go ahead for many new Top Level Domains (TLDs) to be bid for. Some of us here have even been on the new media commenting on it. But as with many of these things the devil is in the detail, so here is some more in depth explanation of this decision.

The background

ICANN is split into various constituencies and all of the work on this has been within the Generic Names Supporting Organisation (GNSO) the consitutuency that represent registries of Global TLDs (gTLDs) and Sponsored TLDs (sTLDs), registrars and the business community including the powerful intellectual property community. They were asked by ICANN to come up with a policy for how more TLDs might be allowed into the root, which they duly have done. Other than two policy guidelines that had dissenting views, this was largely a full consensus decision. First hurdle crossed.

There was also an investigation into whether or not there were any technical issues with adding many more domains to the root. This concluded that there weren’ t any such issues. Second hurdle crossed.

Finally ICANN itself evaluated the GNSO policy to determine whether or not it is implementable. Not to actually create the implementation plan but to check carefully for any hidden showstoppers in the details. This they did at the cost of $10 million, as reported by their CEO Paul Twomey, and concluded that the policy was indeed implementable.

The decision ICANN actually took

So with all those pre-conditions met the ICANN board voted to ask the executive to go away and come up with an implementation plan, accepting the principle that there is no reason why there cannot be many more names added to the root.

This is going to take some months and may well cost another $10 million to do.

However, during the vote some ICANN board members raised strong concerns with two of the policy guidelines (the same ones that had dissenting views) and there was general agreement that they needed to see how these would be handled in the implementation plan, before the concerns were allayed.

The details of the policy and the two contentious guidelines

The one thing ICANN wants to avoid is having to make judgements on whether or not a new TLD is a “good thing”. They wanted a policy that took much of the decision away from them into a community driven process. Of course, quite what the community is for any new TLD, is still to be decided, but the principle is there.

The policy the’ve got does that with these two exceptions:

• Strings must not be contrary to generally accepted legal norms relating to morality and public order that are recognized under international principles of law. This obviously is completely open to interpretation and interpretations vary wildly by country. I have no idea how ICANN is going to get a workable solution to this even with the long list of potentially applicable internationally laws.
• An application will be rejected if an expert panel determines that there is substantial opposition to it from a significant portion of the community to which the string may be explicitly or implicitly targeted. Again this is highly subjective in so many different ways. What is substantial? What is a significant portion? And what is the applicable community?

So we wait with anticipation the implementation plan. I’m glad I’m not writing it.

What kind of new gTLDs might we see?

This is the question that everyone is asking and anything said here is purely speculation. Albeit speculation based on the ideas that have been circulating at ICANN, but speculation nonetheless.

1. Generic wordsThese are popular in any TLD, plain generics like colours, animals, vegetables, emotions and so on, mainly because they have such a widespread usage.
2. Regional names that cannot be applied for through the ccTLD process So this might include .sco or .cym. There is already an established precedent for this in .cat for the Catalan language and culture.
3. Global brands I’m writing the application for .nominet as we speak … no hang on … erm …
4. Common word endings For example .tion should get you around 3,000 cool domain names like litiga.tion or rejec.tion. Domains names can be fun and creative.

Before you get carried away the application fee could well be $100,000 and non-refundable, based on previous processes. Furthermore ICANN may have a cunning plan for TLDs where there is more than one applicant - they have already selected an auction provider to build the necessary system to auction the domains. Interestingly though, this is by no means fully decided and is another element that has to go into the implementation plan for further approval.

How many will there be?

This is the most interesing bit and one where I think ICANN has not looked far enough into the future. Currently the application cost is expected to be $100,000, to recoup the $10 million spent so far on this, and the millions more to go. But then what happens?

The root is the ultimate registry, the ultimate domain to have, so the demand is going to be enormous. the policy is designed not to judge except in the very edge cases and so the only thing that will stop a proliferation of names in the root is the price. ICANN has no other lever to hold back the flood because it has specifically not given itself one in this whole policy and process.

So when the initial outlay is recouped and ICANN has made say another $50 million from new applications, will it really be able to sustain such a high price? Granted the assessment for many of the initial applications will be high, possibly covering most of the fee, but soon standard questions, standard answers and a much cheaper process cost will appear. This will then leave ICANN open to a huge pressure to reduce the price to a cost-recovery level, and if does that then the floodgates open and we could get millions of registrations in the root.

That leaves us moving from a distributed, resilient, multi-level hierarchy, towards a concentrated, flat and vulnerable root. It’s all a question of numbers.

But will they be a success?

The problem in answering this has been the apparent ’success’ of .com. Yes it’s huge and yes it is vastly profitable but both of those attributes may not be the best thing for the Internet. The whole Domain Name System is designed to be distributed and putting too many names under one TLD, both as an absolute and as a proportion of the whole, goes against that. Furthermore is sets an unrealistic standard for growth and absolute size that new TLDs are highly unlikely to achieve. China (.cn) and India (.in) will probably exceed .com adding to the imbalance.

So the new TLDs should really be judged by how well they are adopted by their target community (where they have one), how stable they are, and what quality they bring to the market. If this happens then the whole Internet will benefit.

Note: Edited the bit about the application fee as Phil pointed out this had not been confirmed one way or the other.

I noticed the other day that there is a “Linked ICANN” group in LinkedIn so I joined it assuming it was run by ICANN.  However, having seen the home page (http://www.linkedicann.com/) it clearly isn’t.  In fact it appears to be a domainer run group since that site has nothing but adverts on it.  I’m not a member of the group any more.

This got me thinking that it would be good for us to have a Nominet group on LinkedIn for anyone to join, which we could use as another way of keeping in touch with our community.  It would also mitigate the chances of someone doing to us what they’ve done to ICANN.  So I’ve created a group called “Nominet Community” and anyone can join.  This is the URL:

http://www.linkedin.com/e/gis/101204/7BB57564185C

While I was at it I created one for Nominet staff, past and present, to join.  Obviously this one is not open to everyone:

http://www.linkedin.com/e/gis/101205/179AFC14DE04

I’ve been surprised at the lack of comments about the US National Telecommunications and Information Administration (NTIA) mid-term review of their Joint Project Agreement (JPA) with ICANN. With the political uncertainty of an election year in the US, the NTIA response to its consultation was always going to be cautious. However, it is disappointing that it does’nt really say much at all and gives little guidance on the way forward - but the challenge is there for ICANN: “you’ve heard the comments and concerns, now work out how to address them.”

A lot of the responses to the Notice of Inquiry were about the lack of adequate safeguards, in particular for those who are not well represented in ICANN. This must be addressed. As BITS/Financial Round Table said in its contribution, it is necessary to “ensure the views of organizations that rely on the Internet … are fully considered”. It will be important for ICANN to show how wider business, economic, social and political interests will be safeguarded.

I now believe that it is up to ICANN to respond by defining what the organisation should look like post transition and how effective accountability can be provided.

ICANN has a new Chairman and this provides an excellent opportunity for him to inject new thinking. In my humble opinion (IMHO), Peter Dengate-Thrush needs to respond to this challenge and lead the process. Time is short and we need to start working on clear proposals for what ICANN could look like post transition.