Feeds

US tightens ICANN leash

Oversight over domain oversight

  • alert
  • submit to reddit

High performance access to file storage

ComputerWire: IT Industry Intelligence

Saying its progress over the four years since its inception has been "disappointing", the US Department of Commerce nevertheless has renewed the powers of the Internet Corp for Assigned Names and Numbers, which coordinates the internet's addressing systems,

Kevin Murphy writes

.

But the one-year renewal of the Memorandum of Understanding that gives ICANN its powers and responsibilities reins in the California non-profit. The DoC is to oversee ICANN more closely, and has made it clear in one case that if a task is not completed on time, ICANN's future will be in jeopardy.

Nancy Victory, assistant secretary at the DoC, wrote Friday: "The Department views the one-year term of this extension to be a critical period for ICANN to make substantial progress on the remaining transition tasks... The Department has frankly been disappointed that ICANN's progress on the MOU tasks has moved so slowly."

Stuart Lynn, ICANN's CEO, told ComputerWire: "The department is not disappointed in ICANN, it is disappointed in the progress." He pointed out that the document admits executing many of the tasks "requires more than ICANN's unilateral effort", and some of them require unprecedented levels of international coordination.

Of the MoU tasks, securing the domain name system's root server system, a network of 13 servers distributed globally and run by companies, government and academic institutions, gains precedence. The MoU "refines and underscores" ICANN's task to have a plan for fully securing the system, and the DoC wants it by the end of this year.

"The Department considers the completion of this task absolutely crucial, particularly in today's post-September 11th world," a DoC statement reads, pointing out that ICANN has made little progress on this task in four years. "ICANN's failure to do so will be a significant consideration by the Department in determining ICANN's future".

"We're not saying the root servers are insecure, but that we must make them as secure as they possibly can be," Lynn said. This task will require coordination among the 13 root server operators, ICANN, the DoC and security advisors, he said. "You don't announce security," he added, claiming enhancements are being worked on quietly.

Perhaps recognizing ICANN has limited resources, or perhaps as a comment on its success rate to date, the DoC actually increases its own responsibilities under the MoU, essentially to become more closely involved in the running of the DNS and the path toward its privatization.

The DoC will get into talks with the root server operators with the aim of speeding up the security enhancements. It will also work more closely with ICANN's Governmental Advisory Committee (GAC) and other governments to bring on board the three Regional Internet Registries and the approximately 240 country-code top-level domain operators.

The RIRs, which manage the allocation of IP address space to network operators, and the ccTLDs, which manage domains such as .uk and .jp, have proved the toughest nuts to crack for ICANN. The organization needs the support of these international bodies to avoid being perceived as a semi-legitimate US government quango.

ICANN has only signed agreements with a handful of ccTLDs (though Lynn told us more deals will be signed this year), and recently came to public blows with the RIRs over ICANN's ongoing reform efforts, which the RIRs believe does not address their desire for more autonomy from ICANN.

It remains to be seen whether ICANN will have any more success wooing these important international organizations with the DoC working in the background to support them, or if a heavier-handed US government will merely serve to scare them away.

"The Department clearly has a role to play, as recognized by its expanded responsibilities under the amended MoU," Victory wrote. "In fact, other governments also have an important role - actively participating in ICANN's GAC so as to ensure that ICANN's structure, processes and scope develop in a manner that benefits their citizens."

© ComputerWire

High performance access to file storage

More from The Register

next story
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.