Questions and Answers About The Internet and Internet Governance
Karl Auerbach
InterWorking Labs (http://www.iwl.com)
Updated: March 23, 2004
This note is designed to address certain questions that commonly arise in discussions of internet governance. It is anticipated that the contents of this note will expand and evolve over time. The latest version of this note may be found at http://www.cavebear.com/archive/rw/igov-qa.html
This note is divided into several sections:
Q: What is the internet?
A: The internet is the open system that carries IP packets from source IP addresses to destination IP addresses.
The internet is a "layered" system. Services and applications are generally best added to the internet at the edges of the net rather than by embedding them into the fundamental data carrying elements that form the lower layers of the internet. This has been called the "end-to-end principle".
Many people consider services and applications such as the World Wide Web (WWW), Voice Over IP (VOIP), and the Domain Name System (DNS) to be part of the internet. One may, however, consider them as layered-on services and applications rather than mechanisms that are necessarily embedded into the core of the internet. Clarity of thought regarding matters of internet governance may be enhanced by considering these services as distinct applications and not part of the core internet.
Background materials:
Saltzer, Reed, Clark, "End-to-End Arguments in System Design", 1981 available online at http://www.reed.com/Papers/EndtoEnd.html
David Isenberg, 1997, "Rise of the Stupid Network", available online at http://www.hyperorg.com/misc/stupidnet.html
Karl Auerbach, 2004, "Deconstructing Internet Governance" available online at http://www.itu.int/osg/spu/forum/intgov04/contributions/deconstructing-internet-governance-ITU-Feb26-27-2004.html - This was a submission to the recent ITU Workshop on Internet Governance (February 2004)
Q: Is "internet" synonymous with "world wide web"?
No. The internet is a system that can accommodate many applications. The world wide web is only one such application among many.
People often make the mistake of equating the internet to the world wide web. That mistake can lead to mis-governance of the internet when a policy intended for the world wide web is inadvertently applied also to other applications such as Voice Over IP, e-mail, file sharing, or remote medicine.
Q: What does the phrase "stability of the internet" mean?
One useful definition is this:
In order to be considered stable, the internet must demonstrate the following characteristics:
IP packets must move reliably and with dispatch from source IP addresses to destination IP addresses.
IP address allocations and IP packet routing must mesh well.
This definition of stability of the internet is tied to the definition of the internet proposed earlier in this note. It would be reasonable to create similar definitions of stability for the various applications that are layered onto the internet. For example one could define "stability of the Domain Name System (DNS)" in this way:
In order to be considered stable, the Domain Name System must demonstrate the following characteristic:
DNS queries for the root and top level domain layers must be answered reliably, quickly, and accurately.
These definitions exclude issues, such as the protection of trademarks or dispute resolution policies, that have no reasonable relationship to the technical behavior of the internet.
Q: What is the nature of a country code top level domain (ccTLD)?
A: There is considerable ambiguity with regard to exactly what is this thing we call a country code top level domain (ccTLD).
Some observers consider ccTLDs to be something that is attached to, and derives from, a sovereign country. Under this interpretation the ultimate authority concerning operation of a given ccTLD would be vested in that country and in that country alone.
Other observers consider ccTLDs to be merely entries on a list or database that have nothing more than a circumstantial correspondence to sovereign countries. Under this interpretation, the ultimate authority concerning operation of a given ccTLD is not the country but rather some other body.
ICANN adheres to the latter point of view. ICANN considers that ccTLDs exist for and must be used for the benefit of the network users within a given country. Under that point of view, ICANN holds itself in a position superior to the government of each country regarding whether that country's ccTLD is being operated by the proper people or entities and whether that ccTLD is being operated in the best interests of the network users within that country. ICANN, under this point of view, is empowered to chose among multiple claimants for a ccTLD, a choice that, at least on the internet, constitutes recognition of who is the legitimate government of a country. ICANN's position in this matter is made more complex by the role of the United States Department of Commerce in matters regarding what names are placed into the domain name system root zone.
Q: Does the internet require governance?
Yes. However, one must be careful to define with precision and specificity those matters that require governance and exactly how much. The danger of overbroad governance is real. And in many cases explicit governance may be unnecessary: the internet operates to a large extend through voluntary cooperation driven by the self-interested desire to enhance connectivity. In many respects, the internet imposes its own kind of regulation - those who are not willing to cooperate with others often will find that they have no means to communicate with others or even with third parties.
On the other hand, there are certain limited aspects of the internet that do require one or more authorities to establish norms that range in force from voluntary recommendations to obligatory mandates. In some cases the exercise of authority is nothing more than the clerical designation of a protocol number (parameter) and the declaration that that number represents something. In other cases the exercise of authority involves the subjective balance of competing concerns and equities.
Here is a partial list of these aspects:
The actual assignment of IP addresses according to a policy for such assignments.
Creation of a policy for the addition or deletion of top level domains (TLDs) from a DNS root zone.
The actual addition, removal, and maintenance, according to a policy covering such tasks, of a TLD entry in a DNS root zone.
Creation of a policy to decide among competing claimants for a country code top level domain (ccTLD).
The actual application of ccTLD policy to decide among competing claimants for a ccTLD.
Establishment of service criteria for the operation of DNS root servers, particularly the root servers that comprise the dominant system of root servers.
Establishment of minimal levels of service for the end-to-end transport of packets across the internet so that users and implementers can have a reasonable assurance (but not necessarily a guarantee) that new applications will be viable.
Q: Is a monolithic body of internet governance necessary or desirable?
No. At the recent ITU meeting on internet governance the consensus seemed to be that Internet governance would be best achieved through a variety of small regulatory bodies rather than one single large body. Many of the tasks of Internet governance are clerical in nature and many require little or no exercise of discretion. For example, the task of recording protocol parameters is a clerical task that could easily be assigned to an existing organization without coupling it to another unrelated task such as the delegation of IP addresses.
Background materials:
Karl Auerbach, 2004, "Governing the Internet, A Functional Approach" available online at http://www.itu.int/osg/spu/forum/intgov04/contributions/governance-structure-ITU-Feb26-27-2004.html - This was a submission to the recent ITU Workshop on Internet Governance (February 2004)
William Drake, 2004, Framing 'Internet Governance' Policy Discourse: Fifteen Baseline Propositions - This was a submission to the recent ITU Workshop on Internet Governance (February 2004)
Q: Are copyright and trademark matters appropriate for internet governance?
No. Matters of copyright and trademark have no relationship whatsoever to the technical stability of the internet. Although such matters have been introduced into ICANN, these are matters more appropriate for national legislatures and international agreements.
Q: Are internet governance bodies immune from capture by those they purport to oversee?
Experience with internet governance indicates that oversight bodies are very easily captured. Internet governance bodies are often directed by people who are primarily versed in the technology of the internet and who, by education, experience, or predilection may fail to recognize the forces that create capture or the fact of such capture.
In addition, internet governance bodies tend to be directed by people who view their role as a kind of part time matter that they believe excuses them from fully engaging with the issues that come before the body. As a consequence, rather than directing the governance body they tend to relinquish their roles to a full-time secretariat or staff.
Certain industrial segments, such as the United States' intellectual property bar, have found it useful to assert that the desires of their industrial segments are essential to the "stability of the internet". These assertions should be viewed with great skepticism and recognized for what they often are: attempts to create supranational laws without the benefit of national legislative processes or international agreements.
ICANN's UDRP is a case in point - it is a policy adopted by a private California corporation that had the worldwide effect of exporting onto the nations of the world, without their consent, a supranational law that expanded the protection of intellectual property beyond that enacted by any national legislature.
Q: Is there a guiding principle to which internet governance should aspire?
I have suggested the following as such a guiding principle:
The First Law of the Internet:
Every person shall be free to use the Internet in any way that is privately beneficial without being publicly detrimental.
The burden of demonstrating public detriment shall be on those who wish to prevent the private use.
Such a demonstration shall require clear and convincing evidence of public detriment.
The public detriment must be of such degree and extent as to justify the suppression of the private activity.
Q: What is the limit on the number of top level domains (TLD) that may be supported by the domain name system (DNS)?
Today the domain system has 258 top level domains (TLDs).
There is no firm upper limit on the number of top level domains that may exist. Analysis and actual experimentation have demonstrated that the DNS can support at least several million TLDs.
There is concern that before these technical limits are reached there will be administrative or procedural limits. It has been demonstrated, however, that it is possible to run large DNS zones containing millions of names, such as .com or .org, without there being administrative or procedural difficulties. That experience is directly applicable to the root itself and should eliminate the concerns that have been put forth regarding the risks of adding even a few hundred new TLDs.
The addition of new TLDs should be done conservatively. However, one should recognize that there is a difference between conservative growth and stasis. Even if the DNS root were to be expanded at a rate of one new TLD per hour, it would take several thousand years before the number of TLDs grew to the numbers that are routinely handled today without difficulty today in .com or .org. This means that even an extremely conservative plan for growth ought to result in the addition of at least hundreds of new TLDs per year.
Q: What does a domain name actually represent?
There is a widespread belief that a domain name translates into an address of a website. That belief does not fully encompass the nature of a domain name.
A domain name is a key into a distributed database. A domain name leads to a collection of records in that database. There are many different kinds of records. Here is a very incomplete list of the kinds of records that may be represented by a single domain name:
Not only does a given domain name lead to potentially many types of records, but there may also be multiple instances of each type.
Thus, for example, a domain name such as www.example.com may lead to a collection of records containing multiple IP addresses, multiple e-mail server names, geographic coordinates, anti-spam information, etc.
A given domain name can, and often does, lead to a rather multifaceted body of records. Consequently, what a domain name "means" depends on what actual records are requested by software and what that software does with those records.
To add to the complexity, even when a domain name does lead to one, and only one, IP address, the computer that responds to that address may itself be offering multiple kinds of services, not merely the a world wide web server. Thus a computer that is found via the domain name www.example.com may offer e-mail, relay-chat, VOIP, file transfer, time-of-day, and other services.
This complexity and flexibility of the domain name system represents a significant dissonance between internet reality and internet governance policies that try to impose content or business limitations based on the semantics of the words (usually English words) found in domain names.
Q: Will IPv6 bring new challenges or solutions to internet governance?
From the point of view of internet governance the main change brought by IPv6 is a significantly larger number of addresses. This will help relieve the already pent-up demand by ISPs and users for additional address blocks. IPv6, however, does not relieve the concerns about the increasing complexity of the IP packet routing system. Internet governance over IPv6, in the form of IP address allocation policies, will still have to be careful to ensure that the allocation of IPv6 addresses meshes well with the IP packet routing systems of the internet.
Q: Does the internet require there be one, and only one, root of the domain name system?
A: No, the internet may have many domain name systems, each represented by a different root. From the point of view of users of the internet, the main concern is that these different systems be consistent with one another - a name uttered by one person in one place using one domain name system ought to give the same results as that same name uttered by another person in another place. This is quite easy to achieve in practice and there are several root systems running today that are consistent. Users who find that a given DNS system does not provide satisfactory service or is inconsistent may quite easily chose to use another domain name system service.
Just as most users of personal computers use the Microsoft Windows operating system, most users of the internet use one highly dominant domain name system that is overseen by the United States Department of Commerce, ICANN (a California corporation), and Verisign (a private California corporation.)
However, just as the Linux operating system provides an alternative to Microsoft Windows, competing roots offer alternatives to the DoC/ICANN/Verisign domain name root. Many of the arguments that have been used to justify the Microsoft hegemony have also been used in an attempt to deny the usefulness and value of competing DNS root systems.
Background materials:
The Hush-A-Phone case available online at http://cyber.law.harvard.edu/filter/hush.html - This is an interesting case regarding a claim by a telephone monopoly, backed by the technical experts of a governmental regulatory body, that a benign attachment to telephones would damage the telephone system (the internet of the day). The court rejected that claim. This case is raises an interesting parallel to the claims by an existing internet regulatory body that competing DNS roots would harm the internet.
Open Root Server Network (ORSN) (http://www.orsn.net) - This is an example of a DNS root system that competes with that of the DoC/ICANN/Verisign.