Monday, October 3, 2005

Who controls the net?

There's been an ongoing hue and cry over the control of the domain name system (DNS). The DNS is what turns a name like 7gen.com or cnn.com into the underlying addressing your computer uses to reach the computer. Humans are better at remembering names than numbers (aside: why do we still use telephone numbers after all this time?) so the DNS increases the user friendliness of the Internet.

The hue and cry seems to hover around who "controls" the Internet. I guess the idea is that if someone controls the names by which computers (hence web sites) are known by, then they have some control over the network. And a case in point is the ".xxx" top-level domain name, which was approved by the Internet governance body, but the Bush administration has been blocking because they don't want to be seen as approving a red-light district. Hurm.

Here's a case in point: Power grab could split the Net (By Declan McCullagh, CNET News, Published: October 3, 2005, Will the U.N. run the Internet? By Declan McCullagh, CNET News, Published: July 11, 2005, U.S. to retain control of Internet domain names By Declan McCullagh, Staff Writer, CNET News.com, Published: June 30, 2005)

In my opinion he's doing journalistic grandstanding, overplaying the issue.

The article concerns

At a meeting in Geneva last week, the Bush administration objected to the idea of the United Nations running the top-level servers that direct traffic to the master databases of all domain names.

Apparently the ITU and United Nations are offering to take over governance of the domain name system. But the U.S. is balking, for some reason. (??Why??) As the article points out later, what would happen is to transfer control of the "root" servers from their current governance to the United Nations.

This deserves a little explanation. The "root" domain name servers are the ones which define the top-level domain names. In the top level domain names you have ".gov", ".com", ".org", ".edu" as several of the three-letter top level domain names, and there are newer top level domain names such as ".name" and ".info" plus all the two-letter country-specific domain names such as ".ws", ".tv", ".uk" or ".yu". Yes, ".tv" means Tuvalu not Television.

It is through the U.S. control of the root domain servers that the U.S. is unilaterally blocking the creation of the ".xxx" top level domain name. You can thank our prudish leaders for this moment of brilliance. (Bush administration objects to .xxx domains By Declan McCullagh, Staff Writer, CNET News.com, Published: August 15, 2005)

The work in question has been controlled by the Internet Corporation for Assigned Names and Numbers (ICANN http://www.icann.org/general/)

What is ICANN?

The Internet Corporation for Assigned Names and Numbers (ICANN) is an internationally organized, non-profit corporation that has responsibility for Internet Protocol (IP) address space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) Top-Level Domain name system management, and root server system management functions. These services were originally performed under U.S. Government contract by the Internet Assigned Numbers Authority (IANA) and other entities. ICANN now performs the IANA function.

As a private-public partnership, ICANN is dedicated to preserving the operational stability of the Internet; to promoting competition; to achieving broad representation of global Internet communities; and to developing policy appropriate to its mission through bottom-up, consensus-based processes.

Earlier in this posting I described Declan McCullagh's article as grandstanding. He's trying to say this will "split" the Internet. The picture he's painting is one of the U.S. retaining control over the domain name system root servers via keeping ICANN in its position (but I note in one of his articles, the U.S. administration wants to keep ICANN on a "short leash"). At the same time it's clear the U.N. will move ahead with creating its own root servers. Which, in the picture being painted, means the fracturing of the Internet.

Hmm... not quite.

First, it would be foolish of the U.N. to ignore the existing root servers. Hence, the U.N. root servers would contain the content of the existing ICANN root servers, plus extra entries as the U.N. agency decides to create new top level domain names. Not a problem. There are several existing unofficial top level domain names that are privately run between cooperating server administrators, so technically there's little trouble with this. What would happen is outside the U.S. certain top-level domain names would be known which at the same time would go unrecognized by the U.S. and other countries that follow the U.S. lead.

Second, the ICANN does more than control the top level domain names. They also control assignment of the IP address space. The IP addresses are the underlying numeric addressing I referred to earlier. If a second body, e.g. the U.N., were to try and assign IP addresses then there would be clear possibilities of conflict as the U.N. body might well assign some IP addresses that the ICANN also assigns.

The chance of chaos depends on what the U.N. decides to do. But does having control over the domain name system constitute control over the Internet? As in this article title: "Will the U.N. run the Internet?"? Depends on what you mean by "control". There's so many aspects to the Internet. For example, the actual system is telecommunications wiring systems controlled by telecom companies around the world. Several Internet backbone providers exist who run the network on a daily basis. They will retain control over their businesses and the telecommunication channels they control, and the transfer of ICANN functions from U.S. to U.N. control would not change that fact.

Another aspect is the communication protocols through which Internet traffic is sent. Those protocols operate over the physical Internet wiring. They are defined through International committees meeting under control of the Internet Engineering Task Force (IETF) in a process that has operated perfectly well for over 30 years. Control of the IETF process is not discussed in the articles, and I don't think this is being proposed for transfer to the U.N. The IETF process defines the protocols, and then equipment makers from around the world build gadgets that implement those protocols.

Between the physical wiring and the telecommunications protocols and equipment, there's a lot of "control of the Internet" that is outside the purview of the ICANN and IANA activities under discussion.

I wonder if the potential transfer is a good idea. I have often wondered whether it's a good idea for the U.S. to have such a dominant role in the operation of the Internet. Why, for example, are the three-letter toplevel domain names primarily for U.S. use? For example, the ".gov" or ".edu" domain names are largely used for U.S. government or educational institutions. Why is that? And, for that matter, why are U.S. federal, state or city governments using ".gov" rather than a country-specific domain name?

I remember in the 1980's when all this was new, the concept floating among the designers of the domain name system is the coolness factor of having the domain name disconnected from physical location. For example you could have "joesbar.com" refer to any computer in the world, and to the geeks designing the system that seemed like a great idea. Heck, I thought it was a great idea at the time.

But thinking back on this I wonder just how good an idea it is in practice. A city government for example controls a specific piece of land, and is very location dependant. Why would a city government need a location-independant domain name? Most Universities have the same issue, in that they are governed by state or city governments and generally don't have operations outside their geographic areas. Hence, why should ".gov" or ".edu" exist? Why shouldn't they all be under their country specific domain names?

Another objection discussed in the "Will the U.N. run the Internet?" article is the SPAM issue. Some of the country representatives are quoted complaining how the current "control" of the Internet is doing little to control SPAM, like this statement from Syria: "There's more and more spam every day. Who are the victims? Developing and least-developed countries, too. There is no serious intention to stop this spam by those who are the transporters of the spam, because they benefit...The only solution is for us to buy equipment from the countries which send this spam in order to deal with spam. However, this, we believe, is not acceptable."

The research I've seen about the source countries for sending SPAM is that it's largely coming from China. Yet the equipment is usually designed by U.S. companies.

The vague logic aside, SPAM is allowed free reign because of problems with the protocols. It's got little to do with the control over the top level domain names. Well, unless there's something I don't know about in the decision making over the domain name system (this is not an issue I've followed closely).