Original URL: http://www.theregister.co.uk/2007/10/29/vint_interview/

Vint Cerf set to part ways with ICANN

Vaya con dios, internet

By Burke Hansen

Posted in Broadband, 29th October 2007 10:54 GMT

ICANN 2007 Los Angeles The ICANN Los Angeles 2007 meeting begins Monday, and it is Vint Cerf's swan song as chairman of the ICANN board of directors. We couldn't pass up the opportunity to talk to the "father of the internet" about the future of the internet and of ICANN itself.

vint cerf headshot

Departing ICANN chairman Vint Cerf.

ICANN has come quite a ways since its inception. How do you see it changing in the next few years? This is your last ICANN meeting, and as one of the fathers of the internet, you've seen a lot of changes. How can ICANN continue its outreach beyond North America without becoming completely unwieldy, a kind of United Nations of the internet?

The internet is clearly continuing to grow. The user population is on the order of 1.2 billion. Increasing access with broadband and with mobile devices will drive a range of new applications and users.

Your question regarding outreach beyond North America mistakenly assumes that we have not already organized a major international initiative. We have outreach teams in Europe, the Middle East, Latin America and the Caribbean and in Asia and the Pacific Rim. One hundred countries participate in the Governmental Advisory Committee. The board is extraordinarily diverse and comes from a global community.

Further regionalizing of some of our activities will be helpful. We now have the At Large users of the internet engaged with the Regional At Large Organizations. I think we are already an effective international organization and while housing a complex set of constituencies, I believe we are far from unwieldy.

With the Internationalized Domain Names (IDNs) now functional, will that be enough for ICANN to maintain its role as steward of the internet? ICANN has always claimed that sustaining the integrity of the root zone is one of its core missions, but in some ways, the root has already been split, correct? I believe that the Chinese, for example, continue to maintain separate root servers, and there are ongoing attempts - i.e., UnifiedRoot - to make the process of creating Top Level Domains (TLDs) cheaper, more accessible and therefore more democratic. Is this a genie that ICANN can keep in the bottle forever? Obviously, there are powerful political and economic forces at work here.

The root has not been split. There are some "alternate root" advocates, but so far they are small in number and in effect. China does not have servers distinct from the ICANN root server system. All Chinese domain names resolve within the .cn top level country code. There are some features of the Chinese resolvers that automatically append ".cn" to certain non-fully-qualified domain names and this practice does have the potential to create discontinuity if references are made to these special domain names outside of China.

They are not likely to resolve anywhere else. The idea that an alternative root system will improve the internet ignores the potential hazards of duplicate top level domains that point to distinct sub-classes of domain names – harming the uniform ability to resolve all domain names to unambiguous internet addresses.

The forces that are acting to fracture the internet's system of domain names are not friendly to the objectives of ICANN to maintain end-to-end connectivity and domain name resolvability throughout the internet.

ICANN just released a fact sheet covering the IPv6 protocol that everyone seems to be dragging their feet on implementing. How close are we really to IPv6? The fact sheet noted the existing domains could run out completely as soon as 2009 - a full two years earlier than what hda been speculated at the June Puerto Rico meeting. I found that pretty shocking. Is it time for ICANN to be more forceful on this front, maybe by interpreting its contractual agreements with registries more aggressively? Hold their feet to the fire, so to speak.

ICANN cannot, of its own accord, force anyone to introduce IPv6. It has already approved placement of AAAA (IPv6) addresses into the root zone file. It has authorized allocation and assignment of IPv6 addresses. The registries are not responsible for forcing user of IPv6. All the RIRs are fully equipped to assign IPv6 address space.

If there is a bottle neck, it is with the Internet Service Providers who do not see the utility of introducting IPv6 unless customers are asking for it. We have a classic chicken and egg problem here. There is growing awareness that IPv4 and IPv6 must co-exist for some time. I believe that 2008 will see some serious commitment to the introduction of IPv6.

The root servers are mirrored so many times from what I've heard that the massive attack on the root servers earlier in the year didn't really threaten the stability of the net itself, but security is always a concern. Are these kinds of assaults on the core of the internet really something to worry about? Is this something we can expect more of? Is this just the downside of maintaining a unified root, rather than having the more laissez-faire approach advocated by UnifiedRoot, for example?

Yes, we should worry about these although the botnet army generals probably do not want to kill the iternet as it is a source of revenue for them. The denial of service attacks that have been mounted in the past have largely been absorbed or diffused through the use of anycast replication of root zone servers. The UnifedRoot concept provides no more redundancy than the anycast root system, possibly less.

While we're talking about stability issues, what about DNSSEC? Is that any closer to full implementation? Is this another case where ICANN might want to push a little harder?

ICANN IS pushing hard on DNSSEC. It has engaged with the TLD community and at least four TLD operators (.se, .br, .bg and .pr) are already signed. It will be important for ICANN to move ahead on procedures for signing the root zone.

ICANN recently released its registry fail-over plan for public comment. After the RegisterFly situation, concern about the possible failure of an entire TLD registry kind of bubbled to the surface. How close have we come to this kind of meltdown? This release didn't garner quite as much attention I thought as the IDN rollout, but it's the kind of systemic failure that hits your average internet user. Are there any registries out there that to your knowledge are teetering on the brink of insolvency? How realistic a possibility is this? Promoting competition in the registry business is a stated goal of ICANN, and failure would seem to be a part of that. Can a chunk of the internet really be allowed to disappear forever? It's a strange situation.

First, it is important to distinguish registrar from registry. In the RegisterFly case, it was a registrar that failed, not a registry. A private sector solution was implemented. The episode heightened the focus on the implementation of escrow procedures for both registries and registrars to protect the interests of registrants. It is possible there are other registrars that are marginal.

A bigger concern is for registry failure. There is a strong interest at ICANN in assuring that registered domain names continue to resolve even in the event that the associated TLD registry fails. We cannot guarantee that a registry or registrar will not fail but we can try to assure that the information needed to reconstitute a registry or registrar is on hand and demonstrably adequate for recovery. Competition can indeed lead to business failures and ICANN needs procedures that will allow such failures to be recovered through the appointment of a new operator.

What's next for you? You don't seem like the kind of person to fade away into anonymity, and you've got the tech evangelist gig at Google. What kind of internet do you foresee 10, 15 or even 20 years from now, and what kind of role do you think you'll play in that development? How do you top being the father of the internet?

I plan to spend the next year concentrating on my work at Google, at the Jet Propulsion Laboratory, and getting started on writing the five books I put aside in 1999.

I have worked hard with my colleagues to develop an architecture and protocol framework to allow the internet to operate across the solar system. I hope to see this system adopted by the Consultative Committee on Space Data Systems as a means of allowing international spacecraft to inter-communicate using standard protocols. The process may result in the aggregation of an interplanetary backbone over the course of the next several decades.

I anticipate more broadband and mobile penetration of the internet around the world and perhaps as many as three billion users online by the end of this first decade of the 21st Century.

By the way, I am only one of the fathers of the internet – there are many who have contributed to its conception and realization to say nothing of its amazing evolution in the past three decades. It is with a feeling of great gratitude that I look back on the opportunity to be a part of an amazing effort that continues to evolve and grow.

When Bob Kahn and I began the design of the internet protocols, we knew we had uncovered a powerful technology, but I think we did not have a full appreciation of how powerful until 34 years later when we can see what these ideas have become. I can hardly wait to see what happens in the decades ahead. ®

Burke Hansen, attorney at large, heads a San Franicsco law office