II. PERSONAL BACKGROUND IN INTERNET ISSUES
Role in ICANN’s Development
b. Technical Management
or Public Policy?
IETF’s Relationship to ICANN
on ICANN’s Authority
Consensus the Right Standard?
February 23, 2000
If you could define the term internet governance, that I think
would be a good starting point.
A: I’ve been involved in that discussion for about five years.
I have to say that there are at least three different
definitions that I’ve run across, probably more but at least
three. One of them,
fundamentally what do we do about the domain name system.
The domain name system is essentially designed as a way
to translate strings of characters into IP addresses and has
been popularly used in a very different way.
It’s been used to access systems based on trademarks,
which means that whenever you put a character string in the
domain name system that has a trademark associated with it somebody
feels they need to define and defend that trademark. So IBM owns, for example, IBM.com, .net and
a few other places like IBM.co.jp because it feels that it needs
to defend its trademark. One
very fundamental question that gets under that is what are we
going to do about the DNS mess.
Another definition that I’ve seen
kicked around is why do we have nations anymore anyhow and how
can we treat the internet as a nation in its own right and develop
a constitution for it and basically bypass or ignore national
borders and national laws. I won’t say that that is a big group that has
gone in that direction but there is a set of people who are
literally headed in that direction.
There is a program for a while that happened at Harvard
law and I was asked to speak at it a couple years ago.
The first fellow talked at some length about literally
a constitution that he’d written for the internet.
Q: Who was that?
A: I am trying to remember his name.
I forget. Some legal beagle. I kind of looked at the whole thing and said I use the internet
and I am an American citizen.
In between there somewhere is how
do the different standards organizations relate to each other
with the convergence of different technical technologies that
different standards organizations relate to.
How do the standards organizations talk to each other
without imploding. Specifically, what is the relationship of the
ITU to the internet, what is the relationship of the IETF to
the ITU, and [...] should IT be used in third generation wireless program. Things like that, organizational details relating to standards organizations.
know. The definition I would apply to it is what are we going
to do about the DNS mess, but I’ve heard all three.
BACKGROUND IN INTERNET ISSUES
you give a little background about how you got involved in the
debate, where did you come in, what led you to get involved?
I am the chair of the internet engineering task force so as
a result I am stuck with the debate.
If you consider it as something about standards organizations,
I am speaker for one of them.
If you consider to be about DNS, I certainly don’t need
to get into the legal issues of the DNS, but I certainly oversee
the development of features for it, such as the ability to put
telephone numbers into the DNS, we’re working on that and we
worked on interactions with ITU study group 2 specifically on
that issue. I’ve has something to do with the development
of ICANN and the PSO and that relates to the DNS question. If you want to talk about it as the constitution
of the internet, that becomes more a matter of ‘gee, I’ve been
asked that question by the media.’
I kind of run away screaming.
I’ve been involved with it not because I am interested
in it but because my position forces me into it.
did you do before you ended up in your current position?
thing as I do now. I am an engineer. I design the equipment
that works on the internet.
For my day job, I work for Cisco Systems and that’s what
offered the three definitions of governance that you’ve heard
bandied about. Which,
if any, is the best? Which would you adopt?
I’ve heard so much discussion and so little that necessarily
made any sense to me bandied about under that term, it’s very
hard for me to assign a definition to them or to lend a lot
of credibility to this topic. When I hear somebody wanting to talk about
internet governance, I tend to think here’s another person who
wants to stand up and blab for a while.
I haven’t seen a lot of real useful stuff come out of
Is ICANN Governance?
ICANN would technically fit definition one?
would fit definition one and so to the extent that you want
to consider it that way, ICANN is a process.
You can call it an outcome. I think it is a process for
resolving disputes. We’ll see where that actually goes.
Personal Role in ICANN’s Development
said you were involved in the development of ICANN. Can you be a little more specific about that?
the development of the Green Paper, which ultimately became
the U.S. government White Paper on Domain Names and Addresses,
I was approached by Ira Magaziner as one of ten thousand people
he wanted to talk to to make sure what he was doing was going
to make sense. So I
would up spending a meeting and some time with him in developing
that paper. Since then, I’ve been involved with NTIA with
Becky Burr and Karen Rose and the U.S. government side of managing
the transition of the root from U.S. government control from
U.S. control to ICANN control and with ICANN advising them on
policies and procedures and what should they do when they grow
up. For example, they
recently asked me what they should do in terms of filling the
CTO position, which quite frankly was developed so that Jon
Postel could fill it. John’s
not here so what are we going to do.
I also am having a discussion with them on Monday morning
relating to the assigned number components of protocols, which
is a service that ICANN will also do for the IETF and other
people who are using defined numbers and IP protocols. So procedural aspects and giving technical
input to the policy makers.
forward, say ten years from now, what role do you think ICANN
will play under any of the definitions you’ve given us?
I don’t believe that a constitution for the internet is going
to be developed. I don’t
think that Tony Rutkowski’s model of a smoke filled room where
people go off to figure what the internet ought to do is eventually
going to play either. What the ICANN was set up to do was to manage
the root to make sure that the right names and addresses were
parceled out and in what way by the registries and basically
serve as a clearing house for information.
I expect that’s about what they will be doing.
The number of changes that are made in the root are not
a great number but there is kind of some constant churning.
Whenever there is a revolution in some country, there’s
a need to figure out who is going to be the root for that country.
Whenever ISO 3166 is updated, there’s a question of whether
there’s another two letter TLD we need to add or take away.
One of the current questions is that the European Union
has decided that they would like to have .EU referred to the
entire land area which is the European Union, which is interesting
because it is not really a land area and it is not really a
governmental structure, it’s a telephone code. There’s…under the rules by which the root is maintained the EU doesn’t
ICANN: Technical Management or Public
those kinds of questions, do you think it is accurate to describe
ICANN as being in the technical management business?
A: Probably. Almost clerical.
would you then respond to some of the critics of ICANN…
ones who say things like ICANN’T?
ones who feel that a lot of what ICANN describes as technical
management really has taken on a very large public policy component
for several reasons, as money around the internet as gotten
bigger, as the stakes have gotten bigger in other respects.
How do you respond to that kind of criticism when you
say what ICANN does is largely clerical?
the extent that ICANN remains clerical, I think they are on
their safest possible track.
They were intended to be essentially clerical and they
should remain so. To the extent that they go try to solve other problems, then they
find themselves walking in the minefields and they do so pretty
regularly. For example, coming back to this question of
.EU, Mike Roberts sent myself a note, myself and Brian Carpenter,
a few days ago saying ‘gee whiz.
I am coming under a lot of pressure to do this.
I’m running out of arguments and I think I ought to just
go do it.’ Whereupon we involved in the IAB in the discussion,
and one of the people who has been very involved in advising
ICANN and other people on the DNS root for a while, a fellow
by the name of John [Clemson] and pointed out that in that case
then ICANN would be conducting foreign policy, which is illegal
for a United States citizen to do. For them to make any decision which doesn’t
have a clear precedent in terms of ISO 31-66 or some such thing
gets them into some very dangerous water.
has its critics and I have to say, in some respects, I am one
of them. I am not real pleased with the way this has
all come out. However,
I have to say I haven’t come up with a better one.
If you look at it structurally, the internet assigned
numbers authority has historically been about four people and
the total amount of work they’ve done comprises about one person’s
work but shuffled among, you know 10% to this person, 25% to
that one. Those people
kind of no matter what you do would do the right thing for the
internet. I’ve never had a problem with anything any
of them did or with any of their motives.
These are people I know pretty well.
To manage those four people, we now have a manager, a
chief executive officer, a potential CEO, a board consisting
of some nineteen members, and meetings that happen at random
places around the world comprising hundreds to thousands of
people. The whole structure
seems a little baroque. That
said, I don’t know how else to make sure every one gets their
voice in, how to make sure that Tuvulu really does get represented,
that Carl Denniger really does have somebody to yell at, that
at the end of the day the right decisions get made.
To give you an example of the kinds of considerations
that come into that when the United States bombed the Chinese
embassy last May, I was supposed to be over there in China to
speak the following week. I
didn’t go – something about rocks being thrown at people – and
the following September I did go. I asked for a briefing before
I went and was told that the Chinese government basically views
the U.S. government as an aggressor, and that in Chinese lines
of thinking it is unimaginable that the IETF, the organization
of which I am the chair, and ICANN are not tools of the United
States government. And by the way, various diagnostic features
that are in Cisco routers must of course be there because they
are put there by the Department of Defense as a way to tap into
the Chinese networks and take it down in the event of trouble.
All of which are some very interesting beliefs.
If they were true, I can think of a lot of ISPs that
would be using them. But,
ok, there is that perception and while that might be a little
extreme on China’s part, there are a lot of people in a lot
of countries that have those viewpoints. The fact that right now every time ICANN makes a change in the root
that has to also to be authorized by the NTIA – some view that
as a control of the United Stated government over the internet
and are not happy about it.
The European Union is very concerned about that and would
like very much for the U.S. government to get out of it.
Whatever criticisms you might have of ICANN, I haven’t
come up with another process by which all of those people can
get their word in edgewise, apart from handing the thing to
the ITU. Now I have to tell you that the ITU has not proven
itself competent in handling internet facilities.
If anything, they’ve proven themselves completely unknowledgeable
on the subject.
sounds like your primary critique of ICANN is inefficiency,
– necessary but inefficient.
The other thing is…it has been phrased that their decision
process is to discuss things at great length and then make a
hasty decision. That has gotten them in hot water several times.
That’s a mode of operation that they need to change.
It’s the kind of thing that if you call it a democracy,
then democracy is the worst form of government, except for all
the other ones.
Is Consensus the Right Standard?
standard for decision making is consensus – another term that
kind of defies clear definition and to which everyone seems to
ascribe a different definition.
Do you think consensus is the right standard for an organization
like ICANN? Do we need a super-majoritarian agreement and are we getting a super-majoritarian
really depends on which question you are asking about that is
before ICANN. The question
of whether .EU should go into the root is not the kind of question
that needs to be taken or should be taken to a group of a few
thousand people to discuss – because it’s guaranteed you’ll
get all possible answers. So
from that kind of a thing, no they don’t do consensus based
stuff, they do legal based stuff and they should.
The questions of how should ICANN itself run have been
done on a consensus basis and I think that is really the only
way it can be done.
Defining ICANN’s Constituency
ICANN’s process should be run by consensus, but in terms of its
actual decision making who do you think should be making those
decisions? What group or which people?
in some cases, there are clearly clerical questions and the
policy should be set forth by consensus. The policy should be
acted on by those who work at ICANN.
For example, in terms of IP 6 addresses, there is a policy
for how to distribute IP 6 top level domains or address bases
to registries and the registries in turn have policies for handing
out those addresses to service providers. That policy was set up by consensus. The discussion happened to happen in the IETF, but it was ratified
by ICANN. The individual
registry policies have been developed by the registries and
documented and made available so you can read them.
Now those policies need to be developed on a consensus
basis, but whether you get address 1 or 1000 is not something
we go to a thousand people and ask. It’s something that someone says ‘gee, you
need so many of them and the next number is this so here you
get these.’ That’s clearly a clerical function.
The IETF’s Relationship to ICANN
the relationship between the IETF and ICANN…it sounds like you
advise them when they have questions. How actively involved
are you with ICANN?
and not very. The IETF,
the ITU, the W3C and […] formed something called the Protocol
Support Organization. Theoretically,
ICANN is supposed to bring questions of a protocol nature to
the PSO. In fact, what they have tended to do so far
is bring them to the IETF and I, as a representative of the
IETF, have redirected them to the PSO.
And Brian Carpenter has done the same.
We get asked by them an awful lot for the simple reason
that we understand the technical details of the things they
are trying to do and in many cases help them set up the original
policy. Or help their
predecessors set up the initial policy. We have some history and some clue there. But the world has moved on from that point
and we rather feel that while yes we want to have our hand in
the game, we shouldn’t have an undue control there.
So we tend to push things off to the PSO where we can’t.
much do I actually get involved? I’ve had a couple of meetings
with ICANN. There have been memorandums of understanding
signed between IETF and ICANN and between the PSO and ICANN. I give them advice when I am asked a question.
terms of memoranda of understanding, do they have expiration
dates or do you have to enter into a memorandum of understanding
and specify an expiration date?
Do they need to be superceded?
need to be superceded. If
you want to change it, you supercede it.
it just kind of goes on as an agreement…
Q: … eternally
unless someone steps in and says lets change this aspect of
it and then you draft a new one.
The reason we use an MOU as opposed to a contract is that a
contract tends to be between someone who has something to offer
and someone who wants it offered to them where an MOU is an
understanding among peers.
Limits on ICANN’s Authority
Q: Under this kind of system, what limits do you
perceive on ICANN’s ability to set make decisions and set policy?
of their limits are limits from their charter, which of course
there’s a question of how they choose to interpret it.
What their charter says they are allowed to do is manage
addresses, well names and numbers.
They seem to periodically find themselves looking at
things that are not strictly speaking names and numbers and
trying to step off in other directions. They have various people like me who come back
to them and say ‘you know that is not in your charter.’
Q: Ca n you give us some examples of when that
escape my mind just now.
you say something like the dispute resolution policy fits that
could. Dispute resolution…if you look at various versions of
the PSO MOU, which was developed, one of them had the flavor
that in the event that the ITU and the IETF couldn’t decide
on something and couldn’t get along, then ICANN would sit back
and make a decision for us, which if that was true would put
the ITU in a very interesting position.
So that’s actually a reasonably good example where we
had to come back and say that is actually outside your charter
and leaves all your potential signatories in an awkward position.
We had to push them back.
from the charter, are there any other limits on ICANN’s policy
other is market pressure.
They have some number of people that they serve in terms
of the registries and the different supporting organizations.
Whenever they try to do something that is going to meet
with flack, then that is certainly a limit for them.
That could limit them from things that their charter
authorizes them to do and the lack of it could allow them to
do things that there charter doesn’t authorize them to do.
Market pressure may be the real limit.
Fear of Capture
market pressure to be the real limit do you think that that
is an adequate safeguard? Especially as commercial interests
in the internet have grown so explosively?
keep referring to commercial interests. What commercial interests
do you see applying to ICANN?
Q: Maybe I haven’t used the best phrase there
but one of the common critiques of ICANN plays on what some
perceive as a very real fear of corporate capture.
You have very large multinational companies with increasingly
large financial stakes riding on some of these decisions and
the general way in which the domain name system, copyright questions
and these types of things turn out under ICANN’s authority.
capture, I believe, is actually a red herring. It becomes in no company’s best interests to
be regarded as the global bad guy.
Imagine that Microsoft bought ICANN and then starting
set up the domain name system in such a way that you got really
great access to www.microsoft.com and nowhere else. Microsoft would be in a very bad position and
would be subject to all kinds of penalties, both market and
legal. That winds up being a position that nobody
wants to get into.
extreme…what I see companies doing is coming to ICANN and saying
please show me that you have a clue, please show me that you
actually are going to do a good job of assigning these things
and making things be fair so that can all have a playing field.
I know recently before the contract with NSI was finally
signed off, there was kind of a financial crisis at ICANN.
A number of companies – Cicso and IBM included and I
think there were a number of others – loaned ICANN some money
to hold them over until they got a revenue flow from NSI. The
reason was in no sense to be seen as somebody that wanted a
favor from ICANN, but somebody who wanted to preserve the internet.
Now those companies could, I suppose, turn around and
try to muscle ICANN about you know ‘I was there when needed
me.’ But I don’t see
any of them trying to do that.