After two years of public discussion and broad review, a plan is being implemented to enhance administration and management of the "generic" portion of the Internet's Domain Name Service (DNS). This will position it for long-term, global operation. Few technical details are at issue; instead the challenge is to respond to a variety of administrative, operational, legal and political issues.
The plan, which was produced by a broad-based ad hoc committee, provides for:
In twenty-five years the Internet has undergone many changes in technology, size and administration. Still, there are no close precedents for the combination of challenges currently facing us. Of necessity, the plan discussed here is a series of compromises. It balances the modern Internet's governance style of community oversight in a formal structure that preserves community oversight with individual, commercial initiative.
The DNS matches human-friendly names of systems (www.iahc.org) with their underlying numeric addresses (127.0.53.10). The names are intended to be quite stable, while the addresses can and do change frequently. The DNS is designed for global, distributed administration and maintenance.
The top of the hierarchy is shown in the name as the right-most suffix. It is administered by the Internet Assigned Numbers Authority (IANA), which strictly dictates the contents of the DNS machines at the "root" of the service. IANA has functioned for more than 10 years, with community review and support, establishing policies for a variety of Internet registration mechanisms, including the DNS. Until 1 April 1997, its funding was from the US federal government. Its accountability, however, has always been to the whole of the Internet community and its actions have been tailored accordingly.
Below this "root" are "top level" domains (TLDs). Based on a two-letter coding system from the International Standards Organization, there is a TLD for each country, such as .jp, .us, and .de. IANA assigns administrative authority for each country TLD subject to the direction of that country's government. The other, major set of names are called "generic" (gTLDs) specifying a small range of functional categories (.com, .edu, .net, .org) for commercial, educational, network-oriented, and non-profit organizations. The current round of enhancement effort focuses on gTLDs.
Over the many years of IANA's administrative oversight, IANA has directed many additions and changes in TLD registrar assignment. For example, Network Solutions, Inc., the current registrar for the gTLD, inherited its task when IANA directed it be moved from SRI, in California, which had been performing this task for nearly 20 years.
Some see the problem of gTLD enhancement as simple. In fact, there are several different requirements.
g => Global:
The US country TLD (.us) has never been very popular. The vast majority of gTLD entries are for US users and most of the world views problems with gTLDs as a US problem. To the extent that these "generic" names are to become truly global, their assignment service needs broader administration and promotion.
Governance:
Continuing the global theme, administrative oversight needs to be independent of any particular country. There needs to be an agency to which IANA delegates authority, and it needs to be community based, to represent the public interest.
Name Collisions:
Although any single portion of the DNS can theoretically support a vast number of names, some strings of text are more interesting or natural than others. Within a single portion of the DNS, it is possible to quickly use up the "interesting" names. This is a problem for the current gTLDs, especially .com, forcing new registrants to select domain names which are quite awkward. As a result, the community wants additional gTLDs, so that there are more opportunities for interesting, or natural, names that organizations can select.
Trademark Protection:
gTLD names are not tied to a particular country. Trademark law, however, is. It is tied to each country separately. This has created awkward and seemingly capricious handling of trademark-related concerns for domain name holders. The long-term solution may well be creation of international trademark law, but none exists now and the topic has been under discussion for 100 years. Any near-term effort needs to create alternate mechanisms.
Monopoly Control:
Current gTLD administration is performed by a single, commercial agent. Independent of the quality of their performance, there is a strong concern about their having exclusive control. If a registrant has a problem with this registrar, there is no real recourse. Consequently, the community wants competitive choices. Competition can exist by creating other domains that are under the exclusive control of other registrars or it can exist for forcing registrars to share control over the same set of domain names. The former is, in reality, creation of new monopolies, since name holders still must suffer name changes if they are to change registrars.
After nearly two years of community debate, including multiple proposals that were found to be inadequate, IANA decided to commission an independent effort to resolve the matter. In October, 1997 the Internet Society (ISOC) took the initiative, at IANA's request, and formed the International Ad Hoc Committee (IAHC) requesting participants to be named by:
| ISOC, IANA, and Internet Architecture Board: | Internet standards, technology, operations, and culture |
| International Trademark Association, and World Intellectual Property Organization (WIPO): | The other IP; dealing with the lack of International trademark law |
| International Telecommunications Union: | (The Other) Global standards development and administration |
| Federal Networking Council/National Science Foundation (NSF): | Existing financial and oversight stakeholder in gTLD administration |
The IAHC conducted email and face to face discussions, and solicited public input via an open, email-based forum, and private submissions. A draft plan was released 19 December 1996 and a final plan on 4 February 1997. The plan was enabled upon the signatures of IANA and ISOC on 7 April 1997.
The plan deals with:
Global governance:
By establishing a Policy Oversight Committee (POC), to be populated by the same organizations that named participants to the IAHC, except that the US NSF is removed and CORE, discussed below, is added. A Policy Advisory Body (PAB) will comprise a broad base of signatories from the community and will provide input and review for the POC. ITU will act as depository, to give international standing to the new structure. Changes to policy require approval of IANA and ISOC.
Name collisions:
By specifying 7 additional gTLDs, with more to be added as operational experience is gained.
Trademark concerns:
By providing mediation, arbitration and administrative challenge mechanisms, administered by WIPO, to augment existing (national) jurisdiction choices. A voluntary 60-day wait allows registrants to publish their intent prior to investing in actual use of name. It is hoped this will sway trademark courts when challenges occur after the waiting period.
Monopoly control:
By mandating that responsibility for registration of gTLDs shall be shared among many registrars who will access a common data base (repository) to be operated by a non-profit organization, the Council of Registrars (CORE) comprising the member registrars, themselves. CORE will operate under the policies established by the POC; new registrars will be drawn by lotteries based on 7 global regions, with up to 4 registrars for each region.
Sharing among registrars is a very basic change in DNS administration. Instead of having the registrar control the set of names, the registrar only acts as a sales agent, on behalf of the broader Internet community. If a name holder is not satisfied with a registrar, they can change to another, without having to change domain names.
The number of PAB signatories is growing. At the time of this writing, there are 30 organizations which have signed or formally stated an intent to sign. Notable among them are: Digital Equipment Corporation, MCI and UUNet, Internet Service Provider's Consortium (ISP/C), Deutsche Telekom AG, network information centers for Asia Pacific (APNIC), Japan (JPNIC), Japanese provider WIDE, Internet Association of Japan, two French Internet professional organizations, as well as Internet provider associations of and of Indonesia.
At the end of April, there will be a formal meeting at the ITU in Geneva, to discuss the plan and hold a formal signing ceremony. Supporting signatories will be solicited after that, on an on-going basis, since the purpose of the PAB is to ensure broad community review.
The gTLD topic has engendered much controversy. An activity which suddenly generates a $50-100M/year revenue stream is certain to get people's attention, as will an activity which affects trademark and corporate identity. The gTLD works also suffers the inherent fragility which comes from trying to navigate complex waters and find a reasonable set of compromises. So, it is no surprise that there are many critics of the IAHC plan.
Multiple Roots:
The most technical and most flawed criticism of the IAHC work is the assertion that there can be multiple roots to the DNS. That is, one group can administer one set of TLDs and another can administer a separate set... with no coordination. Such a view flies in the face of established computer science. It is feasible only if one considers the DNS to be a directory service rather than a mapping service. The former permits probabilistic queries; the latter must be precise and deterministic. Having multiple roots means, at best, that a lookup will succeed only if the right data base (root) is queried. At worst, it means that the same domain name can have multiple assignments. Who you find depends upon where you look. That makes sense for a directory searching service, but not for an address mapping service that is integral to the fabric of the Internet.
On the other hand, a legitimate debate concerns the substance of the central authority over the root. It can be very lightweight, providing minimal vetting of new TLDs and registrars, ensuring only that the name space is coherent and that names are unique. Or it can be more substantial, as in the case of the IAHC plan. A lightweight scheme is preferred, but the requirement for sharing and for scaling up carefully dictated the IAHC's choices.
Authority:
One line of criticism holds that IANA doesn't have authority and the IAHC doesn't have authority. Or it holds that authority can't be given away without formal, US government review and permission. From the standpoint of reasonableness and logic, such concerns miss the reality of IANA's 10+ years of oversight and authority and miss the unavoidable reality that the Internet is now global. There is no benefit in staking the DNS out as a US resource; this way be dragons. There is no benefit in refuting IANA's authority; no alternative management scheme exists or is proposed or, therefore, has community consensus. Never mind that IANA has done an excellent job. The IAHC plan rests on the well established authorities of IANA and ISOC and on the voluntary support of signatories. The latter means, quite simply, that the IAHC plan is self-enabling. Hence, challenges about prior authority are rendered meaningless.
IAHC Makeup and Process:
Some would wish that every plausible constituency were a member of the IAHC. For absolutely complete representation, this is a laudable goal, but it isn't practical. The IAHC comprised 11 participants. This was workable. Having the 100 or 200, needed for complete representation, would not have been. Besides that, the IAHC did, in fact, have quite a broad range of participants. Representation was strong for business, government, Internet service, and intellectual property interests. Half of the committee has long-term Internet involvement; and two-thirds of the committee comes from industry, especially Internet service.
The timeline for the IAHC work was based on broadly perceived urgency. The topic is more than 2 years old and has had very considerable public debate. Issuing a proposal in early 1997 was deemed mandatory. Those who insist that the schedule should have been longer are generally not involved in the actual operation of the Internet and DNS and therefore are not close to the operational pressures.
The IAHC's process was modeled after the IETF principles of openness, as well as could be supported within its tight schedule. More than 4000 submissions were reviewed by the committee and factored into the draft proposal and the final plan and even later. Recently, strong community feedback prompted the committee to modify its "final" requirement for two-levels of registrar applicants' financial requirements to be only the lower (less stringent) level.
Excessive Restrictions:
Many would like gTLD administration to be made immediately open to one and all. So would the IAHC! Unfortunately operational stability and trademark policing make that impossible. The requirement for sharing among registrars dictates moving with caution. Having mutually suspicious (i.e., competing) participants share access to a data base is not experimental but it has never been done for the DNS. Implementing sharing must be done cautiously to ensure that it works. It is likely that addition of new registrars will be able to proceed rapidly. After operational lessons are learned, there is likely to be no significant limit to the number of registrars that can be allowed.
We are not as fortunate with respect to gTLD names. Trademark policing advocates would wish for no increases in names, at all. At the least, these advocates need to learn how to police a larger space, or learn that it isn't a problem. More basic is the question of technical limits. Some observe that the .com domain has many, many thousands of entries and they claim that a top-level domain name space is the same as a second level space, like .com. They are wrong. Internet efficiencies are strongly affected by the operational pattern of accessing top-level domains. The ability to "cache" (retain) information from a TLD query is essential. Large numbers of TLDs will defeat this and will bring root servers to their knees. Current estimates are that the DNS can handle between 150 and 500 additional names. However, we need to make increments carefully and watch for problems.
ITU/WIPO Takeover:
A topic rife with this much controversy needs to have at least one thread of debate that is just plain silly. Some have found a way to read the IAHC plan and interpret it as giving away the trademark store to WIPO and the DNS administration store to ITU. In reality, no changes in policy can be made without approval from IANA and ISOC. ITU's role is as one member of the POC. How this permits ITU to "take over" is beyond reasonable explanation. Similarly, WIPO administers the mediation and arbitration processes, by matching complainants with experts, but it does not itself make decisions. IANA and ISOC have the final word on policy changes. The registrars, themselves, control operational details.
If not the IAHC plan, then what? We can wait around and form US government study groups. They are unlikely to propose anything that has not already been discussed. Or, perhaps, they will suggest that the US government should assert control and create an agency to run things. This isn't likely to happen soon and one doubts that it would result in an activity superior to the one proposed. Worse, it will certainly alienate the rest of the world's governments and populace who believe that they have an equal claim on the Internet.
We can adopt a much simpler plan of "self-enabling" contracts among registrars. This is, in fact, a strict subset of the IAHC plan, but eliminates community oversight or any attention to matters of trademark conflict. Hence, it will do less and not as well.
We can allow anyone who wants to operate their own domain name service. This will ensure lack of stability and it will ensure partitioning of the Internet. To reach everyone on the net, you will need to subscribe to every name service. Even that won't suffice, since each name service is likely to assign some identical names, so that a given domain name might refer to different addresses, depending on which service you use to do the lookup. Who you find depends on where you look.
The final option is, of course, to adopt the IAHC plan, implement it, and refine it as we learn how it needs fixing. It is designed to ensure stability of current operation, to provide community oversight, and to approach growth and change carefully. Continual review and refinement are essential for long-term success. This does not reflect a flaw in the current plan. It reflects the field-it-quickly and revise-based-on-learning philosophy that has been at the core of the Internet's success.