IAHC-Draft David Collier-Brown Category: Informational Private Person Expires June 12, 1997 December 1996 Ownership of International TLDs Status of this Memo This memo is a draft document for the consideration of the IAHC. Distribution of this memo is unlimited. This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or made obsolete by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Introduction An erroneous assumption has been made in the majority of the submissions to the IAHC: the commentators have treated top-level domains as property. This paper discusses the unsuitability of that assumption, suggests a different interpretation and describes the changes that follow in the choice of new registries, operation of those registries and the process needed by the IAHC. Background In Framework for Modifications to DNS iTLD Management, there is no discussion of the ownership of domain names, yet the behavior of NSI and the assumption in the various proposals has been to treat all domain names as a form of property. In particular, NSI charges an annual fee to install and retain a domain name in the .com domain. This implies that NSI regards itself as the ``owner'' of the domain. Further, it has defined policies that it imposes on registrants in the domain and at one point claimed that its policies were not subject to court review. This strongly implies that that NSC regards the .com namespace as their property, to do with as they will. We suggest this is a problem, and the root of the multiple problems which the community has reacted to. Further, we suggest that NSI was funded by the NSF to add, subtract and change registrations in the .com, .net, .org and .edu domains for a fixed period, not granted unconditional ownership of those domains. Implications of the Error As numerous commentators have pointed out, NSI's assumption of ownership of .com * has created a new monopoly in a worldwide namespace. * has implicitly assumed that it was the property of the U.S. National Science Foundation, * has explicitly assumed that NSF has the right to give it away, * has caused financial hardship and litigation, * has triggered the purchase of many domains under .com for resale to individuals, small businesses and unregistered trademark holders, and finally * had made it possible for NSI to remove a domain or resell it without notice or appeal. It has also caused problem in planning the future of the TLD namespace: if domains are private property, the owners cannot be required to deal in them in a socially responsible way. The only means of enforcing constraints is through the involvement of government or through casting the public policy objectives in the form of contract terms. This last is significant: there are good, well-known and time-tested means of defining and enforcing good behavior in a public space. Most of these require no more than moral suasion or the organization of the space so that bad behavior is made exceptional, difficult or impossible. The IANA has been successful in just such a space for years, assigning unique address ranges and port numbers for a universal public namespace. No particular enforcement mechanism has ever been seen as necessary because of the organization of the space. Anyone wishing to usurp a port number, for example, will render themselves unable to communicate with anyone else who is using the port for its intended purpose. On the other hand, the commercial world has severe and oft-times insurmountable problems with such ``commons''. In fact, a classical paper in economics is entitled ``the Tragedy of the Commons'', describing the near-inevitable collapse of a common good in the face of commercial assumptions about ownership and acceptable behavior. For this reason, we argue that the assumption of ownership of the namespaces of the Domain Name System is an error, and leads predictably to inappropriate behavior and the creation of monopoly and polyopoly without legal authority. The Alternative: a Universal Good In place of the ownership of .com (and ``.''), we propose instead that the whole namespace is a public good, and a common administered in trust by the IANA on behalf of the whole public. As an example of just such a namespace which is a public good, we point the reader to the space of personal names. Names are merely said to be ``owned'' by individuals. For example, in the space of personal names, one might claim to own ``Joe''. This claim, however, is not an exclusive one. There is more than one human Joe in the world, there are numerous businesses which are ``Joe's'' and there are presumably many pets named Joe by their owners. This is a very different kind of ``ownership'' than real property, were exclusivity is assumed. Instead, there is an implicit sharing, without any need for external controls, as misuse is difficult, if not impossible. Implications of the Change This has some useful implications. To continue with our example of personal names, we can infer the proper point at which to delegate the ability to select names in a subdomain. Delegation Consider a domain which has been registered by a company as a subdomain of some proper TLD (say, .com) for the purpose of naming machines and groups of machines within the company. Arguing from analogy with family names, the ``parent'' decides on names for its ``children'', choosing from the whole space of names, rejecting duplicates and infelicitous combinations, and freely duplicating names which might exist in a higher domain (ie, sam.joe.com where sam.com exists). It is the responsibility of the parent to choose names for its children, but it does so in trust for them. It would not reasonably choose ``fool.joe.com'' for a machine to be allocated to a personal enemy of the administrative contact. At the same time, there need not be any particular external control on this. Just as with human children, misnaming will necessarily bring the error to the attention of the administrative contact. In come cases, forcefully, to the end of his nose. Intermediate-Level Domains At the level above ``Joe'', the responsibilities of the registry are quite different. The registry is not registering parts of a company or organization it ``owns'', even in the weak sense we have been using above. Instead, it administers a namespace in trust for a much broader body of people and organizations, ones which do not have any particular relationship with one another. This is the putative case in each of the .com, .org, .net and .edu ``top-level'' domains as we speak. As the trustee of such a disparate group, it must then assign names in a fairer, less arbitrary manner. It must still prevent name clashes, and so cannot assign ``Joe'' to two different organizations. Historically, such registries have assigned only names which were requested by organizations ready and able to put them into service, although some national TLDs may be ``PRE-registering'' domains. For a domain in which companies or organizations register, a registry must not fail to grant them an unused name, must ensure that they are capable of putting it into use, must update the required DNS and contact data on request, and must remove the domain from the DNS upon its explicit return or some period of disuse. Such a registry may charge a fee, either annual or per change, but may not remove a domain for failing to pay a fee. In this case, an annual fee is not a charge for the right to use a domain, but instead a flat fee for a year's worth of changes. Upper-Level Domains Domains that do not register companies or organizations, which are ``above'' .com, for example, are administering a namespace that is less subject to change. The space is every bit as much held in trust for the community, and is arguably as important than intermediate-level domains. The level ``above'' .com is the means by which humans are able to find a particular domain, by first knowing its category (commercial, non-profit, educational, etc) and then its name. It is also the means by which the namespace can be broken up into a technically sustainable hierarchy. Without it, increased numbers of domains would eventually exceed the ability of the DNS to find them in finite time. These domain, currently comprising only the root ( ``.'' ) domain, must meet not only stringent public policy constraints, but also technical ones. Hierarchy The navigational hierarchy described is not apparent in our previous discussion of human names. It might better be described as being analogous to the system of public roads connecting to physical private property. Like a road system, every domain used for navigation removes one name from the namespace that may be employed by (adjacent) lower levels. This mimics the removal of road allowances from the pool of land that might be made available for homesteading by human settlers in a new land. This is moderated in part by the freedom of a bottom-level domain ``owner'' to use substructure he wishes, including names from higher domains (eg, com.great-big-company.com, where the lower-level com is the commercial-sales organization within great-big-company). That having been said, it is desirable to restrict the hierarchy to the smallest sufficient number of domains to deal with future growth, with domains selected for their effectiveness in directing users to the desired (sub-)domains. Monopoly and Polyopoly Prevention Given this structure, it is instructive to consider the effects on registries which have applied to operate registries. In such a structure, there is much less opportunity for profit in the short run, and it may well be difficult to establish a new registry company for a new intermediate-level domain (ie, on the same level as .com). For this reason, it may be desirable for registries to be consciously granted a temporary monopoly on some small parts of the namespace, so that they may establish themselves. Conversely, it may be more desirable to set up a not-for-profit organization to do the work on a fee-for-service basis, substantially as the NSF attempted to do with NSI, AT&T and General Atomics. Finally, it may be desirable to encourage the creation of consortia to establish large groups of ``shared'' domains, ones in which all members can register (sub-)domains. Limitation on ``Stealing'' If the upper-level domains provide a ``canonical'' means of navigation, there will be little harm done to the community by organizations buying up desirable navigational domains under .com and selling services in them. Being unable to register wolodkin.people.com would be of little concern if there were a top-level analog of \\.people''. Conversely, if someone sets up a parallel set of navigational domains, whether in the root or .com, they will be successful in proportion to their ability to provide better navigation that the domains set up by the the IAHC. In fact, they might provide a fruitful venue for experimenting with new navigational approaches inside and outside of the DNS. Choices to be Made by the IAHC This paper does not answer these questions. It merely clarifies them and eliminates a large set of arguably wrong answers. It remains for other proposals to answer these. It is intended to be read in concert with other concrete proposals. Nevertheless, we touch briefly on the answers we expect follow from the argument above. 1. Choice of new iTLDs * How many iTLDs will be created, and at what rate? At a rate sufficient to allow arguably ``reasonable'' creation fees to make it worth operating a registry, of one of the various types mentioned above. * What strings (names) for these iTLDs should be authorized? How shall they be selected? A set suitable to serve as the canonical means of navigation, much as ,edu and .com already do, and which meet the other legal and trademark constraints on the committee. The author favors Simon Higgs'. * What will the policies be for assigning second-level names under these iTLDs? Substantially as above. * How shall disputes among assignees for second-level names be resolved? As per other proposals: the author admits a preference for his own. * How should trademarks be preserved? Ditto. 2. Choice of new registries * How many new registries shall be created, and at what rate? Depending on the type and expected income predicted, enough to meet the navigational and other (including trademark) needs of the community, and few enough to reduce the probability of business failure of the registries. * What are the requirements for a registry operator, in terms of skills, financial wherewithal, operational performance, etc.? This depends on the type of registry, and may fall into several broad classes.How shall disputes for registry assignment be prevented or resolved? At all but the intermediate-level domains, none is needed, as all are of negligible commercial advantage. At the intermediate level, dispute resolution is rendered easier by reducing the desire of commercial organizations to consider this a license to create a monopoly. This thereby reduces the number of conflict-creating parties and the seriousness of their conflicts. It is freely agreed that it causes a different problem, as some prospective registries will object to being prevented from monopolizing the namespace. * How shall stability in registry operation be achieved if a registry operator ceases operation or is changed? This has not been addressed here. * Shall multiple registries be allowed to share authority for a single iTLD and, if so, how? Is it useful to distinguish between sharing among members of a cooperative group, versus sharing among unrelated, and potentially hostile, organizations? In general, yes, and other commentators have discussed this in more detail 3. Assignment vs. Operation * What distinction should be made between operation of an iTLD assignment process, versus operation of the iTLD data base service? This has not been addressed here. 4. IAHC Operation * What method should be used for selecting winners of new iTLD? (Lottery, auction, etc.) This has not been addressed here. The problem may be less significant in the absence of monopoly profits, however. * What fees should the ISO/IETF collect for the establishment of new iTLDs and registries? Much less that with the ownership/rental schemes, although an initial fee is still probably advisable as part of the qualification to operate a registry. * Due to the commercial concerns now present on the Internet, with respect to the DNS, any changes made are likely to engender dispute. How can the IAHC function effectively in creating these changes, and avoid or reduce its involvement in such disputes? This is the main thrust of the paper.