ICANN is the USSR of the internet - Karl Auerbach speaks out

Rococo meets West Virginia trailer park

Choosing a cloud hosting partner with confidence

Now it seems to be a much more amorphous kind of system - how do you think that has impacted the "accountability" of ICANN? ICANN has argued strenuously that the internet root should not be split. If you had your way - and I know you've spoken in front of Congress about this - what kind of organization, if any, would manage the backbone of the internet?

It really is still a very closed organization. Even from day one it has had a circled-wagon mentality of "us versus them". The stage was set during one of its early meetings in which one of the board members pretty much said that in order for them to be public they had to be private. 1984 Newspeak is alive in ICANN.

The so-called "reforms" that ICANN adopted, which included erasure of the seats of elected board members, were designed to buttress ICANN's non-accountability rather than enhance it. What I find very bothersome is the common belief that somehow ICANN is important to the internet. It is not. Imagine if ICANN were to vanish in a poof of money-colored smoke. There would be a great deal of wailing and gnashing of teeth on the part of ICANN's beneficiaries, the trademark aggregation (as opposed to the trademark creation) industry and the incumbent DNS registries (mainly Verisign.) But apart from that, the internet would keep on going like an Energizer bunny without missing a beat - packets would still flow, names would still resolve, IP addresses would still be allocated.

As for structure: The great architect Louis Sullivan said that "form follows function". But there are exceptions: ICANN, a design that is perhaps described as Rococo meets West Virginia trailer park. ICANN has never defined its jobs; and it has been run by people who want to build empires and overseen by a board that looks upon itself as an advisory congregation of worthies rather than as a plenary body with a duty to actively direct ICANN policy and actions. If we actually look at the jobs that need to be done we find that all but one of them are really simple, non-discretionary, clerical functions that could be contracted out to an accounting firm to be done.

The hard one is the recognition of country code TLDs - that amounts to the internet recognition of nations. ICANN has done a very poor job of doing this, in one case accepting an assertion of country code legitimacy based on a unauthenticated handwritten note on an otherwise blank sheet of paper. It seemed to me that ICANN's staff was using ccTLD matters largely as an excuse to travel, and oh, did they ever travel. One staffer made several round-the-world trips in one year, on ICANN's dime. Allocation of TLDs can be a clerical task: Just require applicants to promise to abide by broadly accepted and used written internet technical standards. After that the problem is simply to regulate the rate at which applications are fulfilled. For that I and others have proposed that there be auctions for most slots and a lotter for some. The lottery would be there to give at least some small chance that those without huge funds could obtain a TLD. It's an imperfect system, but it's a whole lot better than the subjective beauty contests ICANN uses now.

Karl, what do you think of the ICANN - Verisign contract, which essentially provides for default renewal of the .com contract with Verisign? Do you think ICANN could have resolved its litigation with Verisign in a more favorable fashion?

As for Verisign - wow, ICANN and NTIA have been like Santa Claus and the Easter Bunny to Verisign. It was utterly outrageous how ICANN let its outside attorney give all of those gifts to Verisign in at least three distinct contracts. As I said on the phone, Verisign's negotiating team is so good at negotiating the pants off of ICANN and NTIA that we ought to send 'em to the Middle East to work out a peace settlement. It is amazing how ICANN and NTIA transformed Verisign's job to maintain .com, .net, and .org into permanent ownership. It's as if the US National Park service were to give the entire Grand Canyon to the company that was hired to run the hotel.

Privacy is a controversial issue for the intellectual property lobby. What's your feeling about the current Whois debate?

It is outrageous that the users of the internet are being required to give up their privacy because a few trademark owners are too cheap to use the legal system. And those "law enforcement" folks at the FTC and elsewhere are trying to do an end-run around the 4th amendment by getting ICANN to violate people's privacy rather than them doing their jobs and getting a subpoena.

Indeed "whois" is Megan's Law in reverse. Unlike Megan's law that publishes information about predators to the potential victims, the whois publishes the potential victims to the predators. I have my own TLD, .ewe, that is a business that will never be because ICANN, as a combination in restraint of trade, won't let me into the only viable marketplace to try my idea and risk my money. (See "The .ewe Business Model - or - It's Just .Ewe and Me, .Kid(s)" here.

In .ewe I would use public key based certificates to represent domain name ownership. Because those could be traded without my knowledge there is no way that .ewe could present a Whois. Folks who want to complain about a web provider or spammer ought to use the IP address information, not the DNS whois. The IP information is far more likely to be accurate and lead to a real person who can lay hands on the accused computer.

Security was a big issue at the Lisbon meeting. Do you think DNSSEC will provide adequate security? What do you think of the allegations that DHS [the Department of Homeland Security] wants the master keys? Would that really give them more control or information than they currently have? Doesn't the DoC [U.S. Department of Commerce] already audit the root zone?

DNSSEC - I don't know enough about all the details. I am concerned that if a large signed zone (such as a signed version of .com) has to be reloaded that it could take an excessively long time. As for "master keys". I can't really imagine other countries standing idle and accepting that. But given that those other countries have not yet objected to the fact that several of the DNS root servers are operated by the US military, a group whose obligation to protect the US supersedes that of protecting the internet (it would not surprise me if I were to hear that those military-operated root servers were being data mined with the data stream being piped into an intelligence agency. This is pure speculation, I have no information either way).

As to your question about the role of the DoC over the root zone - Yes, NTIA [National Telecommunications and Information Administration] really makes the choices, ICANN is merely a hired contractor that gives advice to NTIA. If .xxx were to be put into the root zone, it would be NTIA that would be the source of the order to do so (Verisign, as another NTIA contractor, actually has its fingers on the keyboard where the data is actually entered). NTIA can supersede ICANN, and indeed in the case of .us, it has done so.

Business security measures using SSL

More from The Register

next story
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.