Re: [IFWP] Introduction

[Karl Auerbach]

I was surprised to see this long dead mailbox come to life.

I'm listening here - but right now I'm (like probably a lot of folks)
kinda focused elsewhere.

--karl--

[IFWP] Re: [bwg+] Re: Where Does Lessig Stand?

[Karl Auerbach]

> OK.  So ICANN, born in sin, is reformable.

I know someone who has an old house - they wanted to remodel it - and what
is "reform" but a kind of remodelling?

Well, they knocked down all the walls but one, they ripped up all the
foundation except that needed to support that one wall.  Then they build a
new house that incorporated that one wall.

Then they remodelled a second time and replaced that old wall.

--karl--

[IFWP] ICANN copyrights material that it has no right to copyright

[Karl Auerbach]

I authored several paragraphs of text that were part of my supplication to
ICANN to become a candidate for the ICANN board in the at-large election.

I authored that text.

Yet, when ICANN posted it, it had an ICANN copyright notice and an "All
rights reserved" limitation.

That is expropriation of intellectual property, of my intellectual
property.

I own the copyright in that material, ICANN does not.

Yet they have the audacity to claim that they have the copyright.

Too bad I didn't have a registration - then I could get statutory
damages. ;-)

--karl--

[IFWP] ICANN still does not have 501(c) status

[Karl Auerbach]

I have had it confirmed, ICANN still does not have IRS 501(c) status.

Their application is apparently, after 18 months, still pending.

(This is not surprising given that ICANN is trying to squeeze into
501(c)(3) and doesn't really seem to fit into any of the defined
categories of 501(c)(3).)

The fact that ICANN *is not* a 501(c) corporation vitiates protection
under all the various "volunteer" director protection laws except one.
(And that remaining one requires a degree of insurance protection that
ICANN has not yet demonstrated exists.)

--karl--

[IFWP] GAO report is out

[Karl Auerbach]

The GAO report is out

www.gao.gov/new.items/og00033r.pdf

Nothing earthshaking except that the Dept. of Commerce indicates that
it has no intention of letting go of the ICANN root of the DNS.

(The report doesn't reconcile that with its oft-repeated statement that
the NTIA/DoC contract with ICANN will end either on Sept 30 [or be
extended, but will still end at some time afterwords.])

--karl--

[IFWP] GAO report is coming out

[Karl Auerbach]

The GAO report on ICANN has been completed.

It will be published soon (possibly tomorrow, July 7.)

--karl--

Re: [IFWP] What a candidate for ICANN director needs to know...

[Karl Auerbach]

ICANN has so far not responded to the attached questions.

I've continued to inquire into the issue of liability of "volunteer"
directors of California non-profits and what I have found concerns me.

There are several statutes that purport to protect "volunteer" directors.  
But they are subject to many pre-conditions and limits.  And I have not
yet seen anything concrete that indicates that ICANN meets many, if any,
of those pre-conditions.

So it would not surprise me to discover that ICANN's "volunteer" directors
are as naked of liability protection as a newborn baby.

Any candidate for Director ought to be concerned about that - one's entire
personal wealth could be on the line.

I'm surprised that the current directors have not instructed "staff" to
put together an information package so that those directors could have
evaluated the risk to themselves.

I do wonder whether each of the current Directors (and candidates) realize
that they really need to have their own personal counsel for legal advice.  
Corporate counsel owes its obligation to the legal entity of the
corporation.  Corporate counsel's obligation to individual Directors (and
members and officers) exists only to the extent that it is not in conflict
with counsel's obligation to the corporation.

--karl--

 
> As a possible candidate for the ICANN at-large board election, I've been
> looking at the liability exposure of a Director and the protections
> offered by California law.
> 
> The legal liability is potentially extremely large.
> 
> And the protections are potentially of more form than substance.  The
> California statutes that purport to protect Directors from liability in a
> non-profit are a Swiss cheese of conditions and exceptions.  And these
> exceptions are triggered by the existance or non-existance of many things.
> 
> It turns out that a potential candidate can not make an evaluation of the
> potential risk because ICANN has not revealed certain critical facts.
> 
> For a person to make an informed decision about running for Director,
> several questions need to be answered.  Among those questions are the
> following:
> 
>  - Is ICANN presently an IRS 501(c) corporation?  If so, then under
>which subsection of 501(c)?
> 
>[Certain procedural protections of Director liability hinge on whether
>the non-profit is a 501(c) and which subsection of 501(c).  It is
>interesting in that the most likely category for ICANN, 501(c)(3),
>causes some procedural protection to vanish.]
> 
>[By-the-way, if ICANN is an IRS 501(c) then where is ICANN's IRS 1023
>posted?  It is a public document that the corporation is required to
>make available subject to a $20/day accruing penalty.]
> 
>  - Does ICANN have a million dollars or more in General Liability
>insurance?
> 
>[Certain statutory liabilty protections are contingent on the
>corporation holding at least that much general liability insurance.]
> 
>  - Does ICANN have a "reasonable" degree of liability protection against
>the reasonably foreseeable risks?
> 
>[Certain statutory liability protections are contingent on the
>corporation holding insurance that is adequate to protect the public,
>the exact  amounts or means to measure adequacy are not specified by
>the statutes.]
> 
>  - Does ICANN have an operative Directors Liability insurance policy?  If
>so, then it is important for the potential directors to obtain it as
>the exact language is critical - general statements that "we have a
>policy" are essentially useless given the wide variation in coverage
>afforded by such policies.
> 
>  - What is ICANN's policy regarding payments to Directors?  [The statutes
>often strip all liability protections if there is any form of
>compensation beyond strict reimbursement for expenses.]
> 
>   --karl--
> 
> 
> 

[IFWP] What a candidate for ICANN director needs to know...

[Karl Auerbach]

As a possible candidate for the ICANN at-large board election, I've been
looking at the liability exposure of a Director and the protections
offered by California law.

The legal liability is potentially extremely large.

And the protections are potentially of more form than substance.  The
California statutes that purport to protect Directors from liability in a
non-profit are a Swiss cheese of conditions and exceptions.  And these
exceptions are triggered by the existance or non-existance of many things.

It turns out that a potential candidate can not make an evaluation of the
potential risk because ICANN has not revealed certain critical facts.

For a person to make an informed decision about running for Director,
several questions need to be answered.  Among those questions are the
following:

 - Is ICANN presently an IRS 501(c) corporation?  If so, then under
   which subsection of 501(c)?

   [Certain procedural protections of Director liability hinge on whether
   the non-profit is a 501(c) and which subsection of 501(c).  It is
   interesting in that the most likely category for ICANN, 501(c)(3),
   causes some procedural protection to vanish.]

   [By-the-way, if ICANN is an IRS 501(c) then where is ICANN's IRS 1023
   posted?  It is a public document that the corporation is required to
   make available subject to a $20/day accruing penalty.]

 - Does ICANN have a million dollars or more in General Liability
   insurance?

   [Certain statutory liabilty protections are contingent on the
   corporation holding at least that much general liability insurance.]

 - Does ICANN have a "reasonable" degree of liability protection against
   the reasonably foreseeable risks?

   [Certain statutory liability protections are contingent on the
   corporation holding insurance that is adequate to protect the public,
   the exact  amounts or means to measure adequacy are not specified by
   the statutes.]

 - Does ICANN have an operative Directors Liability insurance policy?  If
   so, then it is important for the potential directors to obtain it as
   the exact language is critical - general statements that "we have a
   policy" are essentially useless given the wide variation in coverage
   afforded by such policies.

 - What is ICANN's policy regarding payments to Directors?  [The statutes
   often strip all liability protections if there is any form of
   compensation beyond strict reimbursement for expenses.]

--karl--

Re: [IFWP] Were you consulted?

[Karl Auerbach]

> Andrew McLaughlin replied to my similar question:
> 
> "The selection of the nominating & election committees was done 
> by the Board

Where was this item placed on the board's agenda?

Where is the discussion of these matters by the board recorded?

When and where was a vote by the board made?  Where is it minuted?

Seems to me that in the absence of either open or transparent board
operations that I can't put much credence in an assertion that the board
did anything.

Indeed, backchannel information from board members indicates that the
board wasn't really involved at all but, instead, that it was a
"staff" decision.

In which case, one has to wonder whether the members of the ICANN board
realize that as "directors" they have a fiduciary obligation to actually
direct the corporation and not let "staff" run amok.

--karl--

Re: [IFWP] ICANN's Latest Outrage

[Karl Auerbach]

> Bret Fausett and Diane Cabell (who teaches online seminars on the
> UDRP for Fausett's Association of Internet Professionals) are the
> loyal opposition that keeps people who are seriously outraged by
> ICANN from doing anything about it.

You are *VERY* wrong about this.  Bret and Diane are both very concerned
about ICANN and internet governance.  They have both worked hard, very
hard, indeed extremely hard, to actually do something about it.

If it were not for Diane, there would not even be the partially open
at-large.  She has worked her tail off on behalf of the Internet
community.

Bret keeps an eagle eye out for ICANN's violation of its rules and is
working very hard to reach the "suits" and broadcast media.

We would be wise to avoid emulating Saturn and, instead, remember that
each of us works in our own way.

--karl--

Re: [IFWP] A rant to far: from an ex-interniccer

[Karl Auerbach]

> For the historians:

> >>Do people realize that it wasn't even in the budget to
> >>have the 14 of us handling in-addrs, ip allocation/assignment,
> >>SWIP, all of the domain name issues and answer the phones in
> >>early 1995?  The whole registration process/budget was not
> >>designed for vanity-tagging the Internet.  NSF did not 
> >>intend to fund that purpose.


NSF and NSI had a legally enforceable agreement.  Before amendment #11
(the one that created the fee-for-registration structure) that agreement,
obligated NSF to cover NSI's costs and pay an additional fee (i.e. a
guaranteed profit.)  One can't offer much sympathy if NSI's management
didn't demand that NSF live up to its legal obligations and instead simply
loaded more work on its employees.

And today, as a result of NSF's largess and grant of a protected monopoly
to NSI isn't the current market value in the hands of NSI's shareholders
now several billion dollars?

One can't say that, from the point of view of NSI's stockholders, that NSI
was undercompensated for work done.

--karl--

Re: [IFWP] Key quotes and ideas from ICANN membership roundtable

[Karl Auerbach]

> Regulation of the Internet is both legitimate and proper.  The question is
> by whom, over what, what the regulations shall be, and what processes are
> used to apply them.

It seems that some people are mis-interpreting this.

Sure, I believe in regulation.  I believe in government regulation.  I
believe in government regulation of the Internet.

But only when appropriate.

I don't believe that the DNS needs to be regulated - there is an
artificial scarcity created by the single root concept coupled with
ICANN's inability to open the ICANN-franchise root to any, much a
reasonable number of, new TLDs - and that if these artificial limits were
removed, economic forces would provide adequate control.  And there are
plenty of adequate laws on the books to protect mark holders.

I don't believe that we need any regulation over disputes between
standards bodies over "protocol parameters" - it is something that has
never happened in the entire 30 year history of the Internet.

I do, however, believe that IP address prefix assignments need to be
regulated to keep our routing working.

As for who shall do that regulating:

ICANN has become, in my mind, exactly the wrong kind of body to apply
regulation - from its septic conception to its present secret cabalistic
operation, ICANN has demonstrated itself to be unfit to be a regulatory
body, whether private or governmental.

Kent's right - I don't want a noisy mailing list governing any part of the
Internet.  But then again, I don't want a secrecy-oriented, nearly
continuously insolvent, non-"public-benefit" corporation that is
accountable to no-one and responsive only to monied interests to be
governing the net either.

--karl--

Re: [IFWP] Key quotes and ideas from ICANN membership roundtable

[Karl Auerbach]

>   The
> fundamental complexity in this situation stems from the fact that the
> Internet is largely owned by private interests.  To be concrete, Old
> Harry doesn't have any right to tell me how to run my computers

The airplanes and ships of the world are largely owned by private
interests. Yet there are very strong regulations that say exactly how they
shall be flown or sailed.

Regulation of the Internet is both legitimate and proper.  The question is
by whom, over what, what the regulations shall be, and what processes are
used to apply them.

--karl--

Re: [IFWP] cudos to Bill Semich

[Karl Auerbach]

> It would be even better if it worked in practice.

Few problems at this end, once I told my BIND to shut up and accept ISO
8859 characters.

--karl--

Re: [IFWP] Article: WTO + SDMI = NWO (New World Order)--And ThatSpells Trouble

[Karl Auerbach]

> How about SDMI, PICS, or CALEA?

I can't say that I share your concern about PICS.  From my point of view
it's an open rating system - it allows a bit of content to be labeled by
any and all rating authorities, from the Catholic Church to Rex's Really
Rauchy Ratings.  And I can pick which rating I authority want to use.

It seems that you are concerned with the machine parsible nature of the
rating so that it can be picked up by intermediate devices and
pre-filtered using a rating authority that you would not yourself use.

OK, the answer to that is the same as for much of internet traffic -
end-to-end encryption.  Then the intermediate devices aren't going to be
able to read the PICS labels, but you will.

--karl--

Re: Dyson's reply RE: [IFWP] Representations to WTO Conference

[Karl Auerbach]

>   This is the unholy alliance that gave us the ICANN board.

We still do not know who was part of that alliance, what criteria they
used to select the candidates for the initial board, and what quid pro
quos were made among those doing selecting.

(We've been assured that those selected made no agreements, but the
question is rather what agreements were made among those who did the
selecting itself.)

There are those among us who are still alive and who know the answers to
these questions.  But they steadfastly refuse to answer.  All we know is
that one highly paid senior partner in a major law firm claims to have
acted merely as the naive errand boy who had no knowledge of his mission
or even who sent him on his rounds.  And now we see that same law firm
being, by far, ICANN's single largest creditor.

And considering that ICANN instantly entered into fairly lucrative
agreements[*] benefiting at least two people who are rumored to have been
involved with that less-than-immaculate conception, there is plenty upon
which to question the circumstances and to suggest the existance of hidden
deals.

I personally would consider the evidence to paint a picture that is the
opposite of an immaculate conception.


[*] These two agreements have an average run rate of about $114,000 per
month for ICANN's first 8 months of existance.  These numbers are computed
directly from ICANN's "Statement of Finacial Position June 30, 1999".

--karl--

Re: [IFWP] Esther Dyson's reply

[Karl Auerbach]

> In practical terms, I don't think a "global" vote makes sense. A vote of
> people worldwide, yes, but only of interested parties who know what they are
> voting about.

Interesting comment when one considers that one of the rumored selection
criteria for the original board was they they were outsiders and did not
have knowledge of the issues in which ICANN would be involved.

As for ICANN's metric of "interested".  It appears to be a metric based on
the extraction of profits from the Internet.  Network "providers" and
e-commerce businesses get automatic constituency status in ICANN while
Internet users aren't even allowed to see what happens, much less
participate in a meaningful way (except to pay indirect domain name taxes
and otherwise foot the bill.)

--karl--

Re: Dyson's reply RE: [IFWP] Representations to WTO Conference

[Karl Auerbach]

> I think ICANN is heading in more or less the right direction despite its
> many imperfections, and I want to help make it better.  It is not governing
> the world, and god forbid *anything* should be put to a global vote.  It is
> trying to organize bottom-up courtesy of the people most concerned with the
> Net's infrastructure, and draw them in through outreach. It implements its
> policies through contracts, not by "governing." 

Yes, ICANN is certainly "bottom-up courtesy of the people most concerned
with the Net's infrastructure".

ICANN is indeed very much created courtesy some of the corporate entities
that make money by providing network infrastructures.  But even more,
ICANN gets its support from companies that want to sell things over the
Internet.

The result is an ICANN that is created by, and obligated to, those who
think of the Internet nothing more than a vehicle for the making of money
for themselves.

>From the point of view of users of the Internet, i.e. those people from
whom that money will be extracted, this is more than a simple
"imperfection".  Rather it is an inversion of the most fundamental
concerns about the Internet and how it is to be used.

If Gutenburg had the same priorities as ICANN, he would have printed a
Sharper Image catalog rather than a bible.

---

One might also find it interesting to consider that "contracts" is not
"governing" when, in fact, those contracts are a "take it or leave it"
matter that ICANN can dictate due to its government sponsored hegemony
over the DNS system.

A true contractual regime presupposes a degree of negotion, or at least
the possibility of negotiation, between the parties involved.  ICANN has a
government given monopoly position that forecloses such negotiotion.

Perhaps some don't want to use the word "government" in conjunction with
ICANN.  But in my dictionary, the word is an apt and appropriate
description.

And anyone who believes that such "contracts" are "technical coordination"
of the Internet is either naive or disingenuous.

ICANN's pronouncements fall upon all who use the Internet.  Whether the
mechanism is by royal fiat, legislative act, administrative rule, or
non-negotiable contract, the effect is the same.  The Scholastics among us
can engage in dialogs, as meaningful as those dialogs about the number of
angels that can dance on the head of a pin, and say that there is a
distinction.  But at the end of the day, when the ICANN taxman knocks on
the door and threatens to prevent one from using the Internet unless that
person pays his tithe, it doesn't really matter whether the taxman rode a
contractual horse or in a legislative carriage.

--karl--

Re: [IFWP] Vixie stepping away from BIND

[Karl Auerbach]

> ... but is there a good solid techincal reason why multiple roots 
> wouldn't work?

The issues concern records that contain textual names -- most importantly
NS and CNAME records.

The putative problem arises when the zone file creator puts a name into an
NS or CNAME record that uses a TLD that is a different version of that TLD
used by the person who consumes that record.

In other words, if I say in an NS record that one of my servers is
foo.blap.web, and I use IOD's version of .web, then if somebody who
uses CORE's version of .web comes along and uses my NS record then they
will end up with a mis-resolution.

Now, does that error cause any problems?

That's the matter in dispute.

I can imagine a contrived situation in which that mis-resolved NS record
points to a machine that is a) running a DNS server that is b) willing to
answer to my domain and thus c) feed bogus responses.

But that's a pretty conjectural sequence of ifs, the end probability being
rather low.

If one is concerned, there is a way to avoid this from happening - one can
simply recognize the fact that there are some legacy TLDs -
.com/.net/.edu/.org and the ccTLDs that will be in all sanely run root
systems.  And one can make sure that the NS and CNAME records always refer
to names in those TLDs.

Sure, that causes there to be a residual latent preference for those TLDs.
But that preference over time that will fade as new TLDs become
established to the degree that one can safely NS and CNAME 'em.

This is, to my mind, a far more preferable solution than the bureaucracy
and the clearly failure prone processes of ICANN.

By-the-way, the limit of 13 servers comes from an ancient limit of 512
bytes on the UDP data size used by DNS packets.  (With modern IP stacks
with working IP reassembly engines, one ought to be able to get up to 64K
bytes in a single UDP frame - unfortunately not all stacks have been
adequately tested, so a number in the 16K byte range is more common.  And
MTU's less than 1500 are fairly rare in the net these days except on some
PPP links where the MTU has been cranked way down.)

--karl--

Re: [IFWP] Good-bye

[Karl Auerbach]

> Translation: Now that CORE and its partners ISOC and the INTA have
> consolidated their control over ICANN, my services as a propagandist
> for them on this list are no longer needed.

That is utterly uncalled for.  Roberto G. is an thoughtful, honest and
honorable member of our community.

--karl--

RE: [IFWP] Jim Rutt Should Resign

[Karl Auerbach]

> In this case I believe the distinction is moot since the ability of 
> shareholders to file derivative suits (in most cases) allows them to *be* the 
> corporation for these purposes. A very powerful weapon in the hands of the 
> right attorney.

And a powerful weapon that ICANN has removed from its at-large membership
and placed solely in the hands of the DNSO names council, the ASO, and PSO
- about 25 people in all.

Of course, since it is a powerful weapon, states have put up hurdles.  In
California to bring a derivative action (against ICANN for example) one
must be a "member" (i.e. be one of the 25), be able to show that the
action is for the benefit of all members and the corporation itself or be
willing to post a $50,000 bond.

--karl--

[IFWP] Re: UPDATE: Uniform Dispute Resolution

[Karl Auerbach]

> Date: Mon, 13 Sep 1999 09:13:43 -0400
> From: Andrew McLaughlin <[EMAIL PROTECTED]>
> To: Icann-Announce <[EMAIL PROTECTED]>
> Subject: UPDATE:  Uniform Dispute Resolution

> At its Santiago meetings on August 25-26, the ICANN Board adopted a uniform
> dispute resolution policy and directed ICANN's President to convene a small
> drafting group to develop implementation language ...

I'd certainly like to know why this matter, which is one squarely under
the charter of the DNSO, not being done by the DNSO?

This "drafting group" is not dealing with "mere details".

Rather it is dealing with the most fundamental issue of all, that of
defining when there is a conflict between a domain name and a trade or
service mark.

I object to this critical work being done under wraps, in closed session,
and subject only ICANN's typical substandard level of post-definition
review and overt disregard of inconvenient commentary.

This matter is of such critical importance that it must be drafted in
public, by all interested parties, with sentence-by-sentence discussion
and debate by all concerned parties as it is constructed.

Otherwise, this is a hijacked procedure of no legitimacy whatsover.

--karl--

[IFWP] Full audio archive of Board Meeting is available

[Karl Auerbach]

I was asked to forward this...

As usual, the Berkman folks have come through with flying colors.

--karl--



-- Forwarded message --
Date: Fri, 3 Sep 1999 14:40:13 -0400 
From: John Wilbanks <[EMAIL PROTECTED]>
Subject: ICANN Board meeting archive -- please forward to IFWP


I'm not subscribed to ifwp but browse through the archives regularly,
and I wanted to let everyone know that our audio feed contains the
entire meeting, including the first twenty minutes of the meeting.  Our
video archive cuts in during the meeting itself, which is a result of
the feeds being cut in-room during the outage (a common feature that
anyone who watched remembers, I am willing to bet).

The link to the file is available off of
 under the Board
section.  It is a complete and uncut audio recording of the board
meeting as far as I know...the link takes you directly to the moment
where esther calls the meeting to order.

I hope this clears up any and all outstanding problems with the Board
files.

John Wilbanks
Assistant Director
Berkman Center for Internet and Society
[EMAIL PROTECTED]
http://cyber.law.harvard.edu 

Re: [IDNO-DISCUSS] Re: [Fwd: [IFWP] My nose]

[Karl Auerbach]

> As far as I remember, Javier Sola said in the DNSO general assembly
> that Bussiness and Commercial Constituency admites also individuals
> (I assume that is all individuals that use their domains for
> commercial and bussinesses purposes)

And the IDNO allows individuals who are engaged in business to be members
of the IDNO.

And don't forget that the IP constituency are all businesses, as are the
gTLD and ccTLD members.  So we can also merge the IP, ccTLD, and gTLD
constituencies under the business constituency and eliminate a lot of
redundancy.

Oh, those groups say "we have special interests and thus we need own own
constituency".

That's nice.

The IDNO says the same thing.

So what makes those special interests more important than the IDNO's
interest?

Why should the individuals in business who own domain names be forced to
drown themselves in a group with whom they may have very little in common?

ICANN has turned the concept of "self organizing" into "organized by
ICANN".

--karl--

Re: [IFWP] My nose

[Karl Auerbach]

> esters making a good suggestion here - if you want input - this is a way.
> Why dose the idno not join ip in mass.

Does everybody have a trademark they can claim they own?

The question that could also be asked is why don't all the people in the
IP consitituency forced to join the business constituency -- all IP folks
are in business.  Why should we have a redundant constituency?

Sure, now a few constituencies may be opening up the doors to a few
individuals.  A few individual trademark owners may get into the IP
constituency.

A few here, a few there, and pretty soon it adds up to dilution and
powerlessness for individuals.

Under the ICANN by-laws, anybody can "self-organize" a constituency.  And
we have.  The IDNO is as valid as the business constituency.  ICANN can
not pick and chose which it thinks is more important.

--karl--

Re: [IFWP] My nose

[Karl Auerbach]

> Karl, have you tried to join the non commercial constituency?

I can't.  It is open only to organizations.

Besides. ICANN's bylaws say that any constituency can "self organize".
And the IDNO has done a wonderful job of self organizing.  I suggest that
it is better organized than any of the recognized constituencies.

There is no reason why a group of people who have a direct interest in
domain name should be refused a constituency when six constituencies
were automatically granted for six types of business entities.

I would suggest that since every corporation is composed of people, that
there simply be an IDNO constituency and that everyone be forced to join
it.

Many would probably object to what I said in the previous paragraph
because they would feel that their interests would be submerged.

The reverse is true, individuals would be submerged other constituencies.

Individuals have a right to their own recognized constituencies.  ICANN is
acting as if individuals were some horrible thing to be rejected in all
manners, shapes, and forms.

And the At-large membership, even if it were ever to be created, and
especially since it was dismembered in Santiago, is not a substitute for a
DNSO constituency.

--karl--

RE: [IFWP] My nose

[Karl Auerbach]

> That's why I was in favour of financing ICANN in a different way, like for
> instance with a $1 fee on domain names, or with a membership fee.

I'd be happy to pay the $1/name tax if I had a voice in the making of the
policies of the Domain Name System or IP address allocation.

But I don't.

There is no constituency of the DNSO that allows individuals who have
domain names to be members.

The DNSO General Assembly and Working Groups are being used by the DNSO
Names Council as clerical bodies.

And the DNSO constituencies are biased 6:1 in favor of commerical
interests.

The ASO and PSO exclude participation by individuals altogether.

The At-Large Membership has just been dismembered.

The board engages in performance art that they call "open meetings".

The board finds consensus to extend its term despite the fact that
virtually all comment on the official comment place was against it.

--karl--

Re: [IFWP] Will you ever have a vote?

[Karl Auerbach]

> > - Implementation of At Large Membership

...
 
> "Implementation" is an interesting descriptor for what was apparently
> done. Some might call it "newspeak."
 
> I understand that voting will only occur when 5,000 people sign up for
> membership.

I might add that with the "deferral" of the IDNO, the IDNO, even if it
were to be recognized in November, would miss out in participating in the
DNSO election for the DNSO's board seats.

In other words, individuals have been entirely cut out from any meaningful
vote for ICANN's board seats.

At best, even if the at-large gets 5,000 people (and I don't believe it
will), all individuals get is a vote for a representative who, in turn,
gets to vote for a board-member who, in-turn, gets to vote in oppostion to
policy proposals made by Supporting Organizations that themselves utterly
exclude any meaningful participation by individuals.

It's reminscent of the Soviets of the Stalinst era -- closed,
self-interested, dictatorial bodies wrapped in a pretty, but nevertheless
utterly false, glamour[*] of democracy.

[*] I use the word "glamour" in its original sense of one who uses an
enchantment or spell to create a false impression of beauty.

--karl--

Re: [IFWP] Re: [bwg-n-friends] Can we really afford ICANN ?

[Karl Auerbach]

> ...  This is NOT a criticism of Berkman. If
> Berkman had not risen to the task, we wouldn't even get to see the
> financials.

Indeed.  The Berkman folks have done a stellar job and are getting better.
They deserve our support and thanks, not just as a entity, but also as
individuals with names, faces, personalities, emotions (and egos.)

--karl--

[IFWP] FYAAE

[Karl Auerbach]

For Your Amusement and Enlightmentment (FYAAE)...  A short commentary on
ICANN's "separate but (un)equal" alternative for individuals...

http://www.cavebear.com/cavebear/growl/issue_3.htm

--karl--

Re: [IFWP] accounting

[Karl Auerbach]

> my understanding is that estee has a friend at ogilvie who agreed to 
> lend ogilvies services at a greatly reduced rate

If Olgilvy (sp) does this, that's great.  They should be applauded.

Our concern is that there be no hidden strings or sleight-of-hand
transitions from "free" to "fee" status.

--karl--

[IFWP] Observation

[Karl Auerbach]

I've been watching my web logs and packet traces for a while.

It appears that a lot of the search engines are really stupid.

The lock in the ip addresses, not the DNS names, of sites that they have
visited.

These search engines appear to keep trying to hit IP addresses that have
not been in service for several months and are failing to re-resolve the
DNS names that would take them to the new location.

Besides being an operational optimization that is rather stupidly
done, this has implications for those trademark folks who think that
obtaining a DNS name from another person necessarily ends the control that
that person has.

One, for instance, could readily keep feeding a search engine all kinds of
stuff long after the domain name has been reassigned and the addresses
changed.

--karl--

Re: [IFWP] Political Domain Name story

[Karl Auerbach]

> A land-rush pursuant to previously-existing rights.  So it's first come
> first serve, unless it isn't.  

Trademark holders have no "previously-existing rights" in the domain name
space.

Rather, they are trying to create *new* rights at the expense of others
who happened to learn about the Internet first.

--karl--

Re: [IFWP] Political Domain Name story

[Karl Auerbach]

> I suppose under the universal principle of justice you set forth below that
> if you didn't lock your house and somebody came in and stole your stuff,
> that you wouldn't consider it theft because, hey, you weren't prudent.

> >Overall I submit that it is better let those who aren't prudence operate
> >at their own risk rather than punish those who engage in otherwise
> >permissable speculation.

(I wish I could fix that typo "prudence" to be "prudent".)

I said (or intended to say) that when it comes to matters involving the
use of domain names and trademarks, those who are prudent can protect
themselves.  We should not punish those engaging in otherwise legitimate
speculation in order to protect the imprudent.

In your example, theft is not something that is "otherwise legitimate".
It is a criminal act in just about any context.

Speculation is not something that is in and of itself a criminal act.  In
fact, it is a time honored practice in which virtually all of us engage in
one way or another.

We should not be suppressing legitimate actions in order to protect those
who are too stupid to get the domain name when they think up a new mark.

--karl--

RE: [IFWP] Political Domain Name story

[Karl Auerbach]

> Probably not in the US, but we surely need the same legislation to apply
> worldwide.
> I would like to be sure that the willybrown case is treated in the same way
> as jacquesdupont or mariorossi or fritzmeier or azizjamal, wherever the
> plaintiff, defendant and Registry are located.

> And this, to the best of my (low) understanding of legal matters, can be
> achieved only via international agreements (WIPO, for instance).

WIPO is merely an organization.  Depending on the nations involved, it
usually takes some amount of action by a national legislature and/or
national executive to adopt such work.

Usually the output of such bodies is not self-actuating.

In the US we have a group that comes up with model laws, such as the
"uniform commercial code".  Each state has to adopt it, and even if the
text adopted is identical, each state interprets it in its own particular
ways.

The same thing will tend to occur even if we had a worldwide WIPO law; it
would be handled differently in different locations.

Imagine, for example, how
"skylarks-on-the-sabbath.TLD" would be treated in
several countries that tend to mix religious and civil law.

We're probably not ready for an international law of domain names -- we
have not figured it out very well even in individual national contexts.

And if we were, it really deserves rather more detailed attention by the
various national bodies charged with entering into international
agreements than simply having a group of folks publish a few drafts and
listen to (and ignore) comments for a few weeks as WIPO did.

--karl--

Re: [IFWP] Political Domain Name story

[Karl Auerbach]

> maybe, maybe not.  I don't know if Brown would prevail on those theories -

It certainly seems to me that my internal sense of justice is pretty well
defined by those existing theories.

I would hope that the answers we are looking for are "justice", not
"commercial advantage over non-commerial use."

> I only attempted to rebut a single assertion - the assertion that it was
> "impossible" to cybersquat a common name.

I happen to agree with that assertion... but my reason is pretty
straightforward.  I deny that "cybersquatting" exists.  I believe that
speculation is a time honored tradition and that if somebody loses the
race to acquire, then they lose.

A few years ago I might still have had some residual sympathy for those
who went through the effort to coin names.  But anybody who now coins a
name and then discovers, oops it's been taken.  Well, too bad.  The
Internet has been here for several years now.

I noticed for example that this lesson has been learned and incorporated
into naming practice.  For instance, Hewlett Packard, when thinking up the
name for their new company registered all the domain names under
consideration before they went public with anything.  I call that
prudence.

Overall I submit that it is better let those who aren't prudence operate
at their own risk rather than punish those who engage in otherwise
permissable speculation.

Somehow I don't consider those who are asserting trademark rights to be
the kind of naive, innocent person who we need to protect from themselves.

Willy Brown has been in politics for as long as I can remember.  It's too
bad he just realized "hey I could'a had a V8, I could'a been a contender,
or I could'a had my own domain name in .com".  He still can build his
domain in "sf.ca.us" (which would be more appropriate anyway.)  Nobody has
stale URL's pointing to his never-yet-existed web site in .com.

And does the mayor get this power to exclude over other TLD's?  As I
mentioned "williebrown.sf.ca.us" would have been my first thought for
domain name, does that give Willie the rights to exclusionary powers there
too.

I hope not, as it is too unconstrained, too unlimited, to vague.



>  If we utilize a temporary
> definition of cybersquat here - "the commission of a tort aimed at an
> identifiable entity through the registration of a domain name"

I'd prefer it if any definition stated clearly what specific legally
cognizable harm is being defined.

The definition above simply makes it a tort to commit a tort.  It is
redundant law.

--karl--





> - then I
> believe that it is possible to "cybersquat" a common name such as willie
> brown.
> 
> It's been too long a day for me here on the East Coast to get into arguing
> the merits of the anti-cybersquatting act just now.
> 
> 
> >
> >> Willie Brown possibly has superior rights to williebrown.com,
> >> williebrownjr.com and damayor.com vis a vis Andy Hasse because Mr. Hasse
> >> appears to have obtained domain names likely to be associated with Willie
> >> Brown, the mayor of San Francisco, possibly in a way calculated to harm
> >> Mayor Brown (Mr Hasse's employment by Mayor Brown's rival is relevant to
> >> this analysis).  Possible theories include rights of publicity, common law
> >> trademark, false advertising, interference with prospective advantage, and
> >> unfair competition
> >
> >In other words, Mayor Brown has lots of rights under existing law to go
> >after the other person.  He needs no assistance from anything new in the
> >domain name space, existing law provides more than adequate protection.
> >
> >So if Willy can demonstrate under existing laws that there is a violation
> >to his right of publicity, common law trademark, that the other use is
> >false advertising or interferes with a prospective advantage, or is unfair
> >competion, then fine.
> >
> >It appears that we need not add any special new rules in the domain name
> >arena to deal with this situation.
> >
> > --karl--
> >
> >
> >
> >
> >
> >
> >
> >
> 
> @ @ @ @ @ @ @ @ @
> 
> 

Re: [IFWP] Political Domain Name story

[Karl Auerbach]

> Willie Brown possibly has superior rights to williebrown.com,
> williebrownjr.com and damayor.com vis a vis Andy Hasse because Mr. Hasse
> appears to have obtained domain names likely to be associated with Willie
> Brown, the mayor of San Francisco, possibly in a way calculated to harm
> Mayor Brown (Mr Hasse's employment by Mayor Brown's rival is relevant to
> this analysis).  Possible theories include rights of publicity, common law
> trademark, false advertising, interference with prospective advantage, and
> unfair competition

In other words, Mayor Brown has lots of rights under existing law to go
after the other person.  He needs no assistance from anything new in the
domain name space, existing law provides more than adequate protection.

So if Willy can demonstrate under existing laws that there is a violation
to his right of publicity, common law trademark, that the other use is
false advertising or interferes with a prospective advantage, or is unfair
competion, then fine.

It appears that we need not add any special new rules in the domain name
arena to deal with this situation.

--karl--

Re: [IFWP] Political Domain Name story

[Karl Auerbach]

> "williebrown.com, williebrownjr.com, damayor.com

He's only "Willie" to his friends.  The rest of us have to call him
William.

So what do we reserve to his personal use, his given name, his last name,
his nicknames?

I guess Willy Brown and George W. Bush now have something in common --
they don't like to be in the public eye unless they control the dialog.

Somehow it bothers me that a politician thinks that .com best expresses
his/her relation to others.

He could have been "willybrown.sf.ca.us".  It's still available as far as
I know.

--karl--

[IFWP] ICANN meeting scheduled for August 12

[Karl Auerbach]

In case folks haven't noticed, there is an ICANN board meeting scheduled
for August 12, only a few days from now.

The only place I can find it mentioned is in the note attached to the
notice of a proposed by-laws-amendment.

It's not listed on ICANN's calendar of events.

Congress was told by ICANN that all board meetings have a pre-posted
agenda and other indicia of "openness".

Where is the agenda for the August 12 meeting?

What other matters are going to be discussed?

Where is the meeting going to be held so that the public can attend
or listen in?

As for the content of that meeting:

So far, the few comments posted on the proposal show some degree of
acceptance of it but also contain significant, and unanswered, questions
about the events that transpired in which ICANN acted as if these changes
were in effect before they were even proposed.

--karl--

Re: [IFWP] Re: Call for comments on DNSO Names Council amendments(Deadline: August 10)

[Karl Auerbach]

> > What is truly unfortunate is that despite repeated requests you have not
> > addressed the substance of Karl's statements.
> > 
> > ICANN willingly and knowingly violated its' own bylaws with the
> > ICANN Interim CEO and counsel present in taking actions to have certain
> > individuals forcibly ejected from a teleconference. Why?
> 
> Because ICANN is supposed to respond to public input, and
> overwhelming public input was received that ICANN should revisit its
> earlier position regarding NSI. 


Please show us that "overwhelming public input".

You won't.  That's because you can't.  That "public input" simply does not
exist.

There was no issure of the gTLD's seats prior to the sudden realization in
Berlin, much less public discussion, and much much less any articulated
proposal.

The "overwhelming public input" to which you allude simply did not exist.



> > Is this an issue that will ever be answered when it is asked by the
> > plebs, or will we be forced to have any meaningful question
> > asked by a Congressperson in order to receive an answer?
> 
> You already know the answer; it has been given several times.

Please cite where that answer is to be found.

You won't. That's because you can not.  That's because such an answer does
not exist.

As far as I have seen, there is merely unsubstantiated handwaving.  There
is certainly nothing in the icann comments archives or on the IFWP or any
other mailing list.

You may not like the question, you may find it repetitive.  That's because
nothing even approaching a satifactory answer has been offered by ICANN.

The question is an important one.  ICANN has repeatedly demonstrated a
lack of ability and willingness to abide by its bylaws.  Perhaps there is
a reason.  But we are never told.  All we see are unsubstantiated claims
of "community consensus", claims that run contrary to what most of us
perceive as reality.

--karl--

Re: [IFWP] Internet stability

[Karl Auerbach]

> ...  Now let's move on to the next step, and find a way to think
> about the Internet as something we all share, which needs massive
> cooperation to make it work.

I disagree that it needs "massive cooperation to make it work".

There is a need for coordination of things like TCP port numbers and other
things that go on at the transport level and below.  The IETF, W3C, and
IANA have done a fine job of that.  All they need is a bit of money to pay
for a couple of people at IANA to keep track of this.  These are
non-contentious issues.

ISP's have a self-interest in making sure that routing of IP packets work
-- an ISP that is unreachable or which can't reach the outside world is
going to lose its customers really fast.  So there is no need for top-down
regulatory coordination of this, nor has there been to date other than the
sanity check on address allocation performed by ARIN, RIPE, and APNIC.

There can readily be a multiplicity of domain name systems. (See
http://www.cavebear.com/cavebear/growl/issue_2.htm ) The DNS systems
that give answers that don't keep people happy is a system that will
rapidly fall by the wayside.  So there is no need for a top-down
regulatory body such as ICANN to sit on top of the DNS.

The issue that may require coordination is one with some really tough
technical, economic, and political issues - inter ISP
peering/transit/billing policies.  It is unclear whether the current
inter-ISP sitution isn't one being used by the "big guys" to squeeze the
"little guys".  On the other hand, the small guys aren't screaming that
loudly (or I'm not hearing 'em.)

There is an increasing need for better operational coordination to hunt
down denial-of-service attacks.  But I don't think we yet need an imposed
apparatus for that to form.

--karl--

[IFWP] Re: Call for comments on DNSO Names Council amendments (Deadline: August 10)

[Karl Auerbach]

> The ICANN Board has posted a proposed set of amendments to the ICANN Bylaws
> relating to the DNSO Names Council.  Most notably, the proposed amendments
> are intended to limit any one company or organization to one representative
> on the DNSO Names Council.

A couple of points:

  1. These proposed changes were not in effect during the Berlin meeting.

 Indeed, at the time of the Berlin meeting, the By-laws gave all
 recognized constituncies the power and right to designate three
 people to the names council of the DNSO.

 Yet when that was tried by one recognized constituency, those people
 were excluded despite the presence of ICANN's CEO and legal counsel at
 that meeting.
 
 ICANN was acting beyond its then-existing bylaws, and in advance of
 this amendment.

 This amendment does not have retroactive effect.

 It is evident that the the gTLD Constituency was acting within its
 rights at the time of the Berlin, and that the exclusion of
 its designated names council representatives was an act by ICANN in
 contravention of ICANN's bylaws.

 Given that the DNSO has proceeded into substantive issues, this
 failure taints everything that the DNSO has done to date.


  2. This amendment cites an "evident consensus".  How was that "evident
 consensus" ascertained?  Certainly at the time of the Berlin meeting
 this question had neither been clearly asked nor discussed in any
 forum.  And having listened into the Berlin meetings, I can attest
 that I did not perceive any discussion of these matters, much less
 the "clear sentiment of the attendees and online particpants."

 If I don't make myself clear, let me be blunt:

 I perceive no evidence to support the claim that there was such a
 consensus in existance at the time of the Berlin meeting, in
 particular at the time of the exclusion of the gTLD's designated
 representives to the Names Council.

 I do agree that at the present time there may indeed be such a
 consensus, a consensus that has evolved *after* the exclusion
 occurred.
 
 But this is merely a guess based on exactly the same evidence
 as is available to ICANN's board.  And I, like the ICANN board,
 could be utterly wrong whether such a consensus actually exists
 at the present time.

 Rather than the blind and unsubstantated claim of "evident consensus"
 made in the ICANN anouncement, may I suggest that ICANN actually take
 an explicit poll of the various mailing lists to elicit actual opinions
 pro and con on this question.

 I will begin the process: I think that this amendment is a useful
 improvement to the ICANN by-laws.

--karl--

Re: [IFWP] Internet stability

[Karl Auerbach]

> >So, if NSI wants to add more servers for .com/.net/.org it isn't going to
> >be able to do so, at least not from the current root system, at least
> >without violating that part of the specification.
> 
> They can have as many servers as they want, so long as no individual
> response from the roots is more than 512 bytes.  It'd be pretty simple
> to twiddle BIND to rotate through the list giving each requester 12
> servers chosen from the total set so that each server appears in
> `roughly equal numbers of responses.
> 
> This code may already be in place.  I know that AOL and some other
> large sites rotate the answers they give to queries for MX servers and
> for things like the ICQ master server.

You are right.  Yes, the DNS spec only demands that there be no more than
twelve servers listed in the packet.  But I'm not at all sure what
happens, however, as a user's intermediary server learns that a TLD has
more than 12 servers.  Those intermediary servers would have to also limit
their responses to listing only a subset of what they know.

(All in all the 512 byte restriction is a pain, and an obsolete one.)

--karl--

Re: [IFWP] Internet stability

[Karl Auerbach]

> >   http://www.cavebear.com/cavebear/growl/
> 
> Well and succinctly put.

Thanks.

> Cooperation among the various root operators (or lack thereof) would likely
> determine the best working model.

When you say "various root operators" do you mean the server operators or
the operators of the each of the groups of servers, each of which 
constitutes what I've been trying to call a "root system"?

There certainly needs to be some firm cooperation between the operators of
root servers who belong to a given root system.

But as far as inter-root system cooperation goes -- I don't see the need
for there to be any beyond adhering to a common protocol standard.  I see
enlightened self interest as a force that will cause there to be no
net-instability causing practices.

By-the-way, I forget to mention the "value added service" that I didn't
put into the URL mentioned above -- that is that when there are multiple
root systems, one can subscribe to one that will vector you to TLD servers
which are in parts of the net that are topologically close to where you
are.

This can have significant benefits.  DNS queries won't end up travelling
so far across the net (this saves potentially mongo on long-haul
bandwidth), response times ought to be shorter (although long haul delays
on today's net aren't all that bad), and the traffic would transit fewer
exchange/peering points, one of the the prime places where internet packet
loss occurs.

--karl--

 

Re: [IFWP] Internet stability

[Karl Auerbach]

> Would you suggest a "common root server" model (where, for example, all
> roots point to the A server as well as others) or a "mirrored root server"
> model (where, for example, A, B, and C root servers are identical and used
> for the common point) for the central control of the root?

The best way to answer you is suggest that you check out:
   http://www.cavebear.com/cavebear/growl/

In the second second section of the current issue I describe what I'm
thinking of.

In essence it is completely distinct systems of roots, operated with no
imposed coordination except the enlightened self-interest of their
operators.

Those systems of root servers build their "inventory" of TLD pointers
according to what they think they can sell to their user/customer base.  
Each root system operator selects which TLDs will be included and which
will not be included.

As I describe in the note, there are economic pressures which will drive
each root system to include all of the "viable" TLDs.

And there are value added services that can give a user reasons for
selecting one root server system over another.  (Yes, there really are
value added services -- it was a big surprise to me, but, in fact, there
are several, although I only mention one in the note I mention above.)

As for the TLDs -- I'd leave it to the TLD operators to duke it out among
themselves using traditional legal and economic methods, and without any
top-down imposed regulatory structures.  TLDs which are disputed are
likely to be considered "not viable" by the root operators.

The most interesting part is that there is not a thing that NTIA or ICANN
can do to stop the creation of multiple root systems.  The technology is
in place and deployed.  And there are already several existance proofs
that it works and that the net is not destabilized.

--karl--


(As an aside, there is utterly nothing special about an "A" server -- the
one used by the current roots is simply a legacy of operational
procedures, nothing more.)

Re: [IFWP] Internet stability

[Karl Auerbach]

> I have been informed that recently NSI requested permission to deploy
> additional TLD servers for enhanced stability.  I was further informed
> that you denied their request to make changes to the root zone that
> would render these servers operational.

I just looked at the delegations for .com/.net/.org and they all seem
to point to the following twelve TLD servers...

A.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET.

F.GTLD-SERVERS.NET.
J.GTLD-SERVERS.NET.
K.GTLD-SERVERS.NET.

Now due to an ancient (and essentially obsolete, but nevertheless still in
RFC1035) limitation on the size of UDP packets:

4.2.1. UDP usage

...

Messages carried by UDP are restricted to 512 bytes (not counting the IP
or UDP headers).  Longer messages are truncated and the TC bit is set in
the header.

This limits the number of answers that can be stuffed into a DNS
response packet when one's software tracking down through the DNS hierarchy.

In particular, it limits the number of servers that can be assigned to a
zone to 12.  (I haven't worked out the math on this myself, so I'm relying
on calculations performed by others.)

So, if NSI wants to add more servers for .com/.net/.org it isn't going to
be able to do so, at least not from the current root system, at least
without violating that part of the specification.

I understand that this 512 byte limit is being reconsidered by the IETF.  
I can attest that from a software writer's perspective it is a limit that
is easy to change.  And from the perspective of network MTU -- The old MTU
of 576 is hard to find anywhere except on some PPP links, and even then IP
fragmentation and reassembly handles the job and reassembly
implementations have become rather more robust than they were 12 years
ago.

I do note however, that the current delegations for .com/.net/.org have
many of the same same computers doing double duty as root and TLD servers.
That is bad form and if NSI is addressing that, good for them.

As it stands, however, we could easily obtain a further improvement in net
stability if we established multiple root systems that pointed additional
servers for the current TLDs.

That would allow me as a user, ISP operator, or corporate/organizational
administrator to select a root system that best met my own needs.  And if
it went down, I could quickly switch to another root system.

--karl--

[IFWP] Re: [bwg-core] Proposed by-law amendments

[Karl Auerbach]

> The impact of these amendments is to centralize too much power
> in the hands of the ICANN Board, at the expense of the DNSO and
> its constituents.
> 
> The amendment to Section 2(a) of Article VI-B of the Bylaws
> allows the ICANN Board to resolve disputes about which member of
> a constituency is recognized as a Names Council member. Such
> disputes should be resolved by the constituency itself,
> according to their own rules.

I would suggest that perhaps the ICANN board already has the power to do
this anyway.

According to one J. S., ICANN's board is responsible that the entity
operate according to its charter.  (Not that this board has done this,
i.e. operated according to its charter, but I'm speaking about theory, not
practice.)

Since the NC is simply part of ICANN, the board has the innate power to
reach in to *any* part of ICANN and make any changes it sees fit.

That is unless there are specific prohibitions against it in the organic
documents.

And, and here is where I really feel it is getting ugly, is that
apparently ICANN feels that even if there are specific provisions, that
the nature of the board's plenary power requires that those provisions be
read to be useless and meaningless.

Remember my argument with Sims about those sections in the ICANN by-laws
that specify that the board "shall" accept SO decisions unless certain
exceptional situations are found?  Well that language isn't there because
it looks pretty, it has meaning.  Yet ICANN says "hooey, it isn't worth
the paper it is printed on because the board has to have the power to do
what it needs to do."

(What is ironic is that the BWG proposals for a strong board vis a vis the
SO's were resisted by those who are now ICANN, yet now they want the
strong board.)

The problem with all of this stuff is that ICANN has made its self so
mutible that it makes itself look like whatever it wants to look like.

--karl--

Re: [IFWP] Vixie to RBL NSI?

[Karl Auerbach]

> Ah, the dark side of private self-governance.  Since the Internet can't be
> controlled by anyone, how could one person possibly have such power?

Paul Vixie and RBL don't hold that kind of power.  What Vixie does is
offer me a service, to which I subscribe, that allows me to filter out
sources that tend to be spammers.

I can drop his service any time I want.  And the RBL mechanisms are not
closed.  Anyone can create a new RBL service that uses a different
criteria, and I could switch to that alternative RBL service if I liked
its criteria.

In other words, it isn't Vixie that has the power.  Rather it is I who
have the power.  RBL gives me the means to better manage my site, but RBL
isn't forced down my throat, it is a voluntary choice I make for me.  (

(It is a somewhat less voluntary choice that I impose upon those users who
elect to use my systems.  But they are free move and to get their e-mail
elsewhere where my choice does not apply.)

As a data point, I might note that I've watched my mail logs for several
months now and the number of e-mails that I reject due to RBL is at least
an order of mangatude smaller than the number that I reject because the
source is not a valid domain.

> There are lots of substitutes for RBL, aren't there?

Right now there is only one RBL service.  But that's because the criteria
has worked so far.

--karl--

[IFWP] Is anybody else having trouble getting on DNSO working groups?

[Karl Auerbach]

Has anyone else found it difficult (read "impossible") to get onto DNSO
working groups?

--karl--

RE: [IFWP] Analogical thought

[Karl Auerbach]

> However, it still is not necessarily true.  Some time back in this 
> thread I pointed out that Internet routing has in effect thousands of
> independent roots, the autonomous systems (ASs) which in combination
> are the Internet.  Each AS has its own separate routing policy, each
> decides independently which routers to announce and how to announce
> them.  

That is a very good example of how enlightened self interest on the part
of ISP's creates a working, stable internet.  It is possible for the
ISPs to create chaos, but they don't.  And they don't because their
customers would run away if they did.

That same kind of enlightened self interest would cause multiple root
system operators to make choices that lead to stability and
interoperability rather than choices that lead to partitions and
inconsistencies.

Whether one agrees with the concept of multiple root systems being
self-stablizing or not, one does have to recognize that ICANN or the DNSO
can't do a thing to prevent them from arising other than to spread FUD
(Fear, Uncertainty, and Doubt.)

For example, I added IOD's .web to my inventory of TLDs last evening (it
took me all of 120 seconds to do on my first server and about 60 seconds
for each of my other servers.)  It works just fine.  ICANN couldn't say
no, the DNSO couldn't say no.  And I still have interoperability with the
net.  And I don't have to agree to follow any ADR rules or WIPO rules.

In many respects this whole domain name governance system that is being
built is like Wylie Coyote in the cartoons -- he runs off of a cliff and
he will hang in the air - unsupported by anything except his lack of
knowlege about his situation - until he looks down and falls.  Similarly,
all this ICANN and DNSO stuff is being built on an assumption of control
that is simply not at all permanent and that can disappear in a flash.

--karl--

Re: [IFWP] Vix on Multiple Roots

[Karl Auerbach]

> I wonder if you would be willing to comment on the question of multiple roots. 
> It's an idea which has recently been attracting renewed vigor in these crowds,
> and its supporters are so energetic, I sometimes wonder whether some new sort
> of alternate root launch is imminent. Outspoken advocates of alternate and
> multiple roots on this list include (presuming I've been reading them
> correctly) Karl Auerbach, Richard Sexton, Jim Dixon, and Roeland Meyer, people
> whom I generally consider to be sober (well, mostly) and technically astute. 

I just wanted to add that while I advocate multiple root systems, I don't
advocate fracturing the top level domains with varient versions.  My
canonical example is that when one looks up "freds.barbershop.xxx" one had
better get vectored to Fred's no matter what root system they enter
through.

But I'd let that fracturing be prevented by the fact that nobody will use
a root system that includes bad versions of TLDs.  I find that preferable
to having some sort of DNS overlord commanding consistency.

The interesting twist is that there is nothing that prevents this from
happening.  Anybody with the gumption can easily set it up.  The hard part
is getting people to use it.

My notes on this are in the second part of:

http://www.cavebear.com/cavebear/grow/

--karl--

RE: [IFWP] Analogical thought

[Karl Auerbach]

> Therefore, while if you pick up the phone and call a number you will get
> *always* to the same person, in the proposed system you type a domain name
> and you will get to a different domain *depending on how your system is
> configured*.

A couple of thoughts:

 - The telephone system is evolving so that in many instances what one
   dials as a phone number is really a name representing a class of
   targets and the system selects one from that class based on some
   criteria (possibly including random selection.)

   This will be even more the case as we move towards IP telephony based
   on H.323 or SIP.

 - In the case of multiple root systems, any answer to a DNS query that
   gives the user something that is not acceptable, then that is bad.

   It's this fact that will create pressure on those who offer TLDs to
   ensure that TLDs are not fractured or have inconsistent isotopes.

   It will also create pressure to drive all operators of root systems to
   make sure that their inventory of TLDs is at least as inclusive as
   that of their competition.  The end result of this is that every
   root system will eventually have all TLDs, modulo those that are
   troublesome because they are disputed.

--karl--

Re: [IFWP] Re: USG to Netsol : Open Whois Database

[Karl Auerbach]

 
> > There has been a lot of handwaving about whether there is or is
> > not control.  But if NTIA can order NSI to open the database to the
> > public or to transfer it to another party, that's a pretty strong
> > indication of "control". 
> > 
> I can order NSI to open the database, but that hardly indicates 'control.'

If you or NTIA can issue an order, contractual or otherwise, which
obligates NSI to open the database under pain of legal penalties, then
your or NTIA have control.

If you had such control then it would be a private matter.

But since NTIA is a governmental agency, such control over the database
constitututes governmental control.


> > And for the Privacy Act, I would assert that one of the biggest
> > elements of control is whether the Government has the ability to
> > keep the data private or not.  And an order to publish or transfer
> > is certainly pretty strong evidence of belief by NTIA that NTIA has
> > that kind of control. 
> > 
> 
>  Q: Was privacy a concern of anyone who voluntarily registered for 
> a domain name 15 years ago?  10 years ago? 5 years ago?
> 
>  A: No, your honour.

Did you articulate a specific concern about your privacy when you
registered for your Social Security Card, when you filed your income tax,
when you filed for welfare?

No you didn't.  But there was (and is) a law that governs how the Federal
government will protect privacy.  And you don't have to explicitly ask for
it to be applied, just like you don't have to ask a burgler to go away
before he/she is guilty of a crime.

Perhaps you don't care about your privacy rights.  But others do care
about theirs.


> Q: Is there any information in the DNS which has not been publicly 
> accessible heretofore?  
> 
> A: No, your honour.
 
The data has been made visible in violation of the act for the entire
life of the Internet.

And are you saying that the fact that your government has violated its own
laws and looked the other way and allowed your name, address, phone
number, and affilliation to be made available to spammers, telemarkeeters
and the like is OK?

Under your approach, if one engages in a wrongful practice for a long
enough time, then that practice is OK?

Are you advocating revival of the Royal model of government in which rules
and laws are meant to be broken and ignorred. The IRS will love it!

I kinda prefer governments to obey the laws.

--karl--

Re: [IFWP] USG to Netsol : Open Whois Database

[Karl Auerbach]

> ibm.com was registered in 1986.  What is the scope of NSI's claim to the
> data relating to that domain?

The point about 5 USC 552a has to do with US government databases
containing personally identifiable information, such as the names of the
tech/admin/billing contacts.  (And 5 USC 552a was passed in 1974.)

So we don't have to get into NSI's claim over the data, but rather whether
the database is under sufficient control of the government to trigger the
Privacy Act.

There has been a lot of handwaving about whether there is or is not
control.  But if NTIA can order NSI to open the database to the public or
to transfer it to another party, that's a pretty strong indication of
"control".

And for the Privacy Act, I would assert that one of the biggest elements
of control is whether the Government has the ability to keep the data
private or not.  And an order to publish or transfer is certainly pretty
strong evidence of belief by NTIA that NTIA has that kind of control.

--karl--

Re: [IFWP] USG to Netsol : Open Whois Database

[Karl Auerbach]

> U.S. Tells Network Solutions To Open Database
> 
> http://news.excite.com/news/r/990726/17/net-tech-networksolutions

If the US can order NSI (or anyone) to publish the contents of the whois
database or to order the database to be transferred over NSI's objection,
then the US has "control" of that database.

And if the US has control, then 5 USC 552a may well apply.

And 5 USC 552a substantially limits the degree to which the government can
release of the personally identifiable data that makes up the whois
database.

I have a letter from NSF that, in response to a request I made under 5 USC
552a, says that the whois database is beyond the control of NSF (and hence
its sucessor in these matters, NTIA) and is merely a database that is
beyond the reach of the US government.

That letter is at:

http://www.cavebear.com/nsf-dns/nsf_dec24.htm

(A copy is also in my Green Paper submission to NTIA.)

(The writer of the NSF letter clearly was confused between the Privacy Act
5 USC 552a and the Freedom of Information Act, 5 USC 552.)

The conclusion is this:  The government has disclaimed its ability to
control the whois database.  NSI might readily consider telling the
government to take a flying leap at a rolling donut.

If the government now reverses itself then it better explain to me why it
refused my request.  I'd suggest further that the government's reversal
would be so egregious an act that it could possibly trigger the statutory
penalties of the Privacy Act, an amount which could easily cumulate to
several billions of dollars of damages against NTIA.

--karl--

Re: [IFWP] re: F.ROOT-SERVERS.NET is no longer open for AXFR of COM,NET

[Karl Auerbach]

> >i thought i'd posted this to namedroppers but i never saw it there and
> >folks are asking, so...

> >To: [EMAIL PROTECTED]
> >Subject: re: F.ROOT-SERVERS.NET is no longer open for AXFR of COM, NET, or ORG
> >Date: Fri, 23 Jul 1999 14:16:05 -0700
> >From: Paul A Vixie <[EMAIL PROTECTED]>
> >
> >The US-DoC has asked that we extend the period during which we disallow
> >"AXFR" public access to our service copies of the COM, NET, and ORG zones.
> >The new date is September 16.

One has to ask, by what statutory authority has the DoC requested that
this be done.

The answer will, as usual, be handwaving vagueness.

I certainly don't know of any authority under which the Department of
Commerce can engage in "controlled experiements" of the DNS System.

--karl--

Re: [IFWP] how do you get to $500,000 since last October?

[Karl Auerbach]

> If the $500k covers fees pre-ICANN then who were the services rendered on
> behalf of (and who signed off on the retainer)?  IANA?  Then it's IANA's
> bill.  Did ICANN pick up IANA's bills?

Good questions.

Certainly these debts are going to tie the hands of any sucessor boards of
ICANN who may be forced into certain undesirable practices to cover the
debts of their unelected predecessors.

How could this mess have happened?

A fundamental tenet of good business practice is this:

No invoice shall be paid unless there exists a valid purchase
order in effect prior to the delivery of the goods or services
being invoiced.

Another fundamental tenet of good business practice is this:

The corporation shall issue no purchase order for, or otherwise
commit itself to pay for, goods or services in an amount in excess
of $XXX without express approval, in advance, of the following
officers: X, Y, and Z. In addition, for amounts in excess of
$, the purchase order or commitment must be approved, in
advance, by the Board of Directors.

ICANN didn't even get either of these right.  Or rather, ICANN is so
opaque that there is no evidence that they got either of these right.

But then again, the board was selected (or so we believe, but we don't
know) for their value as luminaries, not for their business acumen.

The original form of the ICANN organic documents were even more lax than
they are now.  The BWG and ORSC pushed (with partial sucess) for their to
be at least some minimal form of business processes in ICANN.

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

For all your hand waving, it still holds true, for the price of a single
share of common stock in NSI, one obtains more real voice in the affairs
of NSI than one has in all of the land of ICANN.

And it is absurd to for you to assert that ICANN's trivial, nearly vacuous
disclosures are comparable with what NSI has to publish.

(ICANN is supposed to be amining at a higher standard than we expect of
NSI.  It is sad that ICANN's disclosures are a failure even by NSI's
standards.)

For those of you viewing, attached is a list of the SEC filings made
by NSI that are online at the Securities and Exchange Commission (
http://www.sec.gov/ in the Edgar database.)

These disclosures are often very detailed and cover a lot of ground.
I recommend that one take a look at NSI's most recent 10-K for an example.
(A warning, it is about 50 pages of close text.)

http://www.sec.gov/Archives/edgar/data/1030341/950133-99-001068.txt

Yet, ICANN still can't even tell us how its directors were appointed or by
whom. And it took a congressional hearing to find out even the scale of
ICANN's unpaid debts.

ICANN could do better.  But it doesn't even try.

--karl--

NSI's SEC filings in EDGAR...

03-30-199910-K
11-14-199710-Q
05-15-199810-Q
08-14-199810-Q
11-16-199810-Q
05-17-199910-Q
09-26-1997424B
02-09-1999424B
08-08-19978-A1
06-17-19998-A1
10-09-19988-K 
11-20-19988-K 
01-15-19998-K 
02-09-19998-K 
02-11-19998-K 
04-14-1998DEF 
04-16-1999DEF 
04-06-1999PRE 
08-27-1997S-1/
08-28-1997S-1/
09-18-1997S-1/
09-23-1997S-1/
09-25-1997S-1/
01-04-1999S-3 
01-26-1999S-3/
02-01-1999S-3/
01-07-1998S-8 
02-09-1998S-8 
12-02-1997SC 1
02-13-1998SC 1
12-10-1998SC 1
12-10-1997SC 1
01-09-1998SC 1
02-06-1998SC 1
03-12-1998SC 1
04-09-1998SC 1
05-07-1998SC 1
06-09-1998SC 1
07-08-1998SC 1
07-09-1998SC 1
09-02-1998SC 1
10-06-1998SC 1
11-05-1998SC 1
11-09-1998SC 1
12-10-1998SC 1
12-11-1998SC 1
01-08-1999SC 1
01-08-1999SC 1
01-08-1999SC 1
01-08-1999SC 1
01-08-1999SC 1
01-08-1999SC 1
02-09-1999SC 1
02-12-1999SC 1
03-10-1999SC 1
03-19-1999SC 1
05-10-1999SC 1

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

> Earth to Karl: You get as many votes in NSI as MONEY CAN BUY. 
> *Every* vote in NSI is a BOUGHT vote.  There is no required
> representative structure whatsoever.  Furthermore, the only entities
> that have meaningful power in NSI are entities that control large
> blocks of shares.  That is, you have *precisely* as much power as you
> have money. 

You obviously have never heard of a "derivative action".  One share is all
it takes to give standing to bring an action that can bring down the board
of directors or officers who violate their duties.

And in the right circumstances, the corporation can even end up footing
the legal bill.

One share is all it takes to attend a shareholders meeting.

Zero shares is all that is needed to obtain the various SEC and state
filings that NSI is required to file (and does file).

Sure, more shares gets you more votes.

But that's a lot better than the zero votes that individuals and
non-commercials get in ICANN today.

And the information you can get from NSI is a lot more information than is
available from the opaque ICANN of today.

ICANN publishing "donations" is not financial disclosure that even
approximates what NSI has to publish.  Compare the ICANN web page with
NSI's 10K filing.  That's one small page of disclosure for ICANN and one
book for NSI.

As for the MoU -- ICANN's first priority is living up to its organic
documents.  It is too bad that ICANN feels that it is more important to
quash NSI than it is to establish an entity that is more a dictatorial
Soviet with a life expectency beyond a few more months.

But whether there is a MoU or not.  ICANN is not publishing anything near
the amount of information that NSI or any other publicly held for-profit
corporation does, nor does it have external controls by shareholders
or members that come even close to those given to shareholders.

I can say "I told you so", and I will - I told you so -- In my Green Paper
submission, I mentioned (as did many others) that the non-profit form that
IANA proposed for ICANN was one that could easily lead to exactly what we
have -- a closed, self-driven, non-responsive, opaque form of Internet
Governance.

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

> > > Oh.  I see.  The "Internet community" can get their data back by
> > > collectively buying up a majority of the shares in NSI, and forcing
> > > the directors to return it. 
> > > 
> > > You *are* joking, aren't you?  I hope?
> > 
> > What is the joke is that NSI, a private for-profit company, is far more
> > open and responsive than is ICANN.
> 
> Karl, you are speaking utter nonsense.  One can complain that ICANN 
> is not as responsive as a government should be.  But it is sheer 
> lunacy to say that NSI's operations come anywhere near the standards 
> that have been set for ICANN.

Utter nonesense?  Not at all.  The word is "truth".

Anybody can be a shareholder in NSI.  Presently only corporations and
organizations have any meaningful role in ICANN or its subsidiary
structures.

NSI's shareholders have the legal right to bring actions against the
officers and directors of NSI for violation of their duties.  ICANN's
general membership might have such a power, but ICANN is dragging its feet
in creating such a membership.

NSI is obligated to publish many financial reports and other disclosures.
ICANN has not published any financial information.

The truth of the matter is that NSI, as a private corporation, is far more
open than ICANN, both in law and in reality.

As you say, ICANN is supposed to reach for a higher standard than is
imposed on NSI.  Unfortunately, ICANN hasn't even begun to reach NSI's
standard.

What *is* "utter nonesense" is the fact that ICANN's board is creating a
situation in which ICANN is heading for bankruptcy or a situation in which
ICANN's future boards will be merely indentured servants trying to pay off
the Jones Day and Mike Roberts debts.

(By-the-way, the disclosure of the immensity of ICANN's legal bill was not
made until the Congressional hearing.)

Of course, one can apologize all day long that ICANN needs to be so closed
and needs to be so unresponsive.  And I'd understand completely.  I'd be
embarrassed to be known as one who allowed Jones Day to run up half a
million dollars in bills (for, among other things, writing ambigious
corporate documents) and have a high-priced, abrasive CEO who obviously
has no experience in doing anything on less than a royal budget and who
needs ten officers and executives to manage four employees.

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

> In the context of the Network Solutions Cooperative Agreement, the 
> creation of the whois database did not create a US government asset 
> nor was it intended to do so.

Perhaps some people believe that.  But the language of the document is
very clear - NSI was to perform a service, there were standards by which
the performance of that service was measured, there was a fee paid for the
performance of that service, and there is an explict provision for the
transfer of materials at the end of the contract/agreement so that a
sucessor could take over.

The words in the Cooperative Agreement read exactly like the words one
would use to say "administer my database".

There is an oral history that indicates that there may be some other
interpretation.  But the contract/agreement is in writing and given the
formality of government contracting, it's going to take some doing to get
that oral history to overide the apparently clear language of the
contract/agreement.

> It wasn't intended for the primary (let alone "exclusive") benefit of 
> the government.  Such benefit was merely incidental.

That is extremely arguable.  At the time the cooperative agreement was
made, the net was still largely focused on the US military and the
"military industrial complex".  Certainly there was an ancillary benefit
beyond the government, but the money was paid to get a benefit for the
government.  And that was made all the more clear in Amendment #4 when the
government let NSI take payment from non-goverment registrants and, in
return, give the government a free ride for its registrations.  That was
100% for the government's benefit.

>  it was intended 
> for the benefit of the U.S. Research and education community that the 
> NSF is chartered by Congress to serve. It absolutely is/was NOT a US 
> government obligation to provide Internet registration in the first 
> place.  That's why a cooperative agreement, which is a "support" 
> (***not "research"***) award vehicle was selected.

Cooperative Agreements are vehicles for the government to pay something of
value to private companies.  That something of value is often called
"money".

Cooperative Agreements are used by many parts of the US Governemnt,
including the Bureau of Land Management, a group that is not particularly
engaged in "research".

Overall, the best we can say is that, in hindsight, the Cooperative
Agreement could have been better drafted.  Should we blame those who wrote
it?  We could, but we ought not to.  It would be wrong to blame people for
not having perfect foresight.

So we're stuck with an ambiguity.  It's going to take the full machinery
of a court proceeding, with full discovery and full presentation of all
the evidence, to come to an answer.  And that process, which has not even
begun, will probably take several months or even years.

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

> > > >You missed my point, I think.  There is no one else with standing 
> > > >vis a vis NSI to do anything at all about it.  
> > > 
> > > What about the shareholders?
> > 
> > And remember, even individuals and non-commercial entities can become NSI
> > shareholders. It only takes about $75 plus brokerage fees to become a full
> > voting member of NSI with rights to attend meetings and bring legal
> > actions should the officers or directors behave improperly.
> 
> Oh.  I see.  The "Internet community" can get their data back by
> collectively buying up a majority of the shares in NSI, and forcing
> the directors to return it. 
> 
> You *are* joking, aren't you?  I hope?

What is the joke is that NSI, a private for-profit company, is far more
open and responsive than is ICANN.

One can only cry at the fact that ICANN has run up such a dept to Jones
Day and Mike Robert's family company that future boards will be doing
nothing but raising funds to pay off the debts incurred by the current
opaque board.

And what did it take to find out that ICANN is legally insolvent - a
Congressional hearing!

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

> >You missed my point, I think.  There is no one else with standing 
> >vis a vis NSI to do anything at all about it.  
> 
> What about the shareholders?

And remember, even individuals and non-commercial entities can become NSI
shareholders. It only takes about $75 plus brokerage fees to become a full
voting member of NSI with rights to attend meetings and bring legal
actions should the officers or directors behave improperly.

--karl--

Re: [IDNO-DISCUSS] Re: [IFWP] What I would have said...

[Karl Auerbach]

> >those situations, which are becoming, increasingly common, DNS is being
> >used as sort of a yellow pages service lookup rather than a white pages
> >address lookup.
> 
> As has been discussed many times in the past, the yellow pages "search" use 
> of the DNS is an artifact of the current constraints on the name space, 
> primarily putting many commercial groups into exactly one TLD.

You are correct.

I suspect that I wasn't clear in what I wrote and that I didn't really do
a good job of expressing what I wanted to say...

There is starting to be a move to do quasi-directory services that use DNS
protocols (and unwitting DNS clients.)

There are starting to be intermediary devices that intercept and
manipulate DNS queries in order to redirect things like HTTP sessions to
servers that are best suited to serve the user.

Thus, when one does a DNS query for the A record for "abc.foo.com" what
happens is that a DNS server isn't even reached, but rather that an
intermediary box will intercept the query, use "abc.foo.com" not as a DNS
name but rather as a service name, and return an address of something that
can provide that service and has net topology characteristics that make it
good for the client to use.

Companies like Inkatomi and (dare I say?) Cisco build things like this.

So what is happening is rather more than MX indirection.

>   (Since you live in California, you might already know 
> the domain name for Southwest Airlines, but I seriously doubt the average 
> reader will be able to guess it.)

Great example!  That one drove me crazy for a while as I too am infected
with the www..com disease.

For the reader: iflyswa.com

(Actually they now have the more "logical" domainname as well.  Hopefully
they bought it rather than coerced it.)

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

> > Anyway, there are merits on both sides of the see-saw.  (I still see the
> > balance as being that NSI was merely admistering a government database.
> > But its a balance that apparently others who were close to the situation
> > at the time of the formation of the Cooperative Agreement see otherwise.)
 
> Another interesting research issue is whether it was a government asset in the first
> place.  It wasn't exclusively for the benefit of the government since plenty of
> non-governmental parties were also using it.  Even if you take the approach that it
> was an administrative task, and not research, it isn't clear that the government ever
> had any obligation to perform the task in the first place.

That is very true, there was (and is) no governmental obligation to
perform these registration duties.

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

> >  > We should expect a
> >  > long hard fought legal battle...coming soon. I do not understand how the
> >  > folks at NTIA could have made this error (if, indeed, they did) since
> >  > the DOC did not have the constitutional authority to transfer a database
> >  > held in "public trust"  over to a private corporation.
> 
> Almost every *research* contract issued by the USG allows the contractor to
> retain the intellectual property rights.  This is the essence of the circa 1981
> Bayh-Dole Act.  IMHO, the question here is whether or not there are any IP
> rights at all in the database itself.  Under US law, databases are not
> protectible unless kept secret or arranged in some creative fashion.

I'm glad you highlighted the word *research*.

There is considerable room to debate the nature of the NSF/NTIA-NSI
Cooperate Agreement.

Rarely is "research" mentioned.  (Indeed the cooperative agreement doesn't
use that word a context which would support a "research" interpretation.)

But

My own reading, based on the fact that there is a right of transfer at the
end, plus the performance conditions, is that that Cooperative Agreement
is one for the performance of administrative duties, much like the
concessionaire of a national park might administer the Awhanee Hotel in
Yosemite.  (Hint, the contractor doesn't get to keep the Hotel when the
contract is done.)

On the other hand, there are those "who were there" who say that the
Cooperative Agreement was more like the government paying someone to pave
a badly rutted road over private property to a government site so that the
government can get its trucks in more easily.  (Hint, title to the the
road doesn't get conveyed to the govenment as a result.  The government
benefited by less wear and tear on its trucks.)

The language about the transfer at the end may be explained by some
trouble that apparently occured at the end of the SRI administration, at
which time SRI apparently tried to withhold everything from the
government.

Anyway, there are merits on both sides of the see-saw.  (I still see the
balance as being that NSI was merely admistering a government database.
But its a balance that apparently others who were close to the situation
at the time of the formation of the Cooperative Agreement see otherwise.)

--karl--

Re: [IFWP] Re: Hilights from todays hearing

[Karl Auerbach]

> would not be possible that each such ten bit word, which for the want of
> a better term I will call a net address, would map directly onto an IPv6 IP,

Addresses need to map onto the net topology.  So the bit patterns are
quite important (in decreasing importance as one moves from the leftmost
bit position towards the right.)

--karl--

Re: [IFWP] Re: Hilights from today's hearing

[Karl Auerbach]

>  > We should expect a
>  > long hard fought legal battle...coming soon. I do not understand how the
>  > folks at NTIA could have made this error (if, indeed, they did) since
>  > the DOC did not have the constitutional authority to transfer a database
>  > held in "public trust"  over to a private corporation. 
> 
> 5 years ago, hardly anybody had heard of 'intellectual property' ...
> But if the DoC overstepped its authority, does the public have 
> standing to sue for its IP rights?   

There is a lot of fuzzyness going on about the term "IP rights" in the
zone and contact databases.

Clearly NSI has physical possession of the databases and nobody has the
right to break into their buildings or computers and take a copy (or the
original).

There may or may not be copyright rights in those databases -- the
uncertainly is because under a relatively recent US Supreme Court case,
collections of facts are, absent something special, not copyrightable.

However, there is more recent US Federal legislation on these matters
about which I know abysmally less than nothing (but about which I'm sure
that somebody will fill us in. ;-)

Thus, the existance or not of a copyright based Intellectual Property
right in the databases is something that is arguable.

However, as I said, even if the data is "public domain", that does not
give one the right to make copies unless one has the right to physically
access the data.

The NSF/NTIA-NSI Cooperative Agreement does give NTIA some rights to
obtain copies of some of these databases (I claim it gives 'em rights to
all of the databases, NSI and others claim otherwise) at the termination
of the Cooperative agreement.

Throw all this into a barrel and we have a lot of ambiguity about what
people mean when they talk about the IP rights in the various databases in
NSI's hands.

Precision is really important -- one needs to be very clear about which
database (e.g. root zone file, TLD zone file, contact database, etc),
about which kind of access is being discussed, and about which kind of IP
property right (if any) is being discussed.

--karl--

Re: [IFWP] Re: Essay on ICANN

[Karl Auerbach]

> > A third-party beneficiary agreement is a
> >   deal by which two parties agree to provide a benefit for someone
> >   else. If either party reneges, the third party can sue even though
> >   he didn't sign the contract or put up any money for the benefit.
> 
> Would an honorary trust do as well?  "...A trust for a noncharitable 
> purpose which is valid despite the absence of an ascertainable 
> (i.e., human) beneficiary. These include trusts for the care of an 
> animal and trusts for other noncharitable purposes such as the 
> maintenance of a cemetery lot" -- or a domain name. 

Third party beneficiary theory of contract is not necessarily something
that is perfectly uniform even among the individual states of the United
States much less among different nations.

In general one has a much better chance of enforcing the terms of an
agreement if one is an actual party to the agreement rather than an
equitable or legal beneficiary.

--karl--

Re: [IDNO-DISCUSS] Re: [IFWP] What I would have said...

[Karl Auerbach]

> 128 bits  vs 32 bits for IPv4.  That's 
> 
> 340282366920938463463374607431768211456
> vs
> 4294967296
> 
> addresses, if I did the arithmetic correctly...
> 
> Or 56713727820156410577229101238 addresses for every human on earth,
> give or take a few. 

And not that it needs to be mentioned (we're all routing wizards, right?  
;-) -- we have never really been short of addresses, the big problem has
always been efficient use of addresses and aggregation of addresses and
routing prefixes.

In other words, even with all those new addresses, it is still going to be
very important in the IPv6 world to allocate those addresses in a way that
conforms to the topology of the network in order to avoid having massive
routing tables and long delays to propogate routing information.

--karl--

Re: [IDNO-DISCUSS] Re: [IFWP] What I would have said...

[Karl Auerbach]

Before I respond more fully to Roberto, I wanted to mention that DNS is
used for many things beyond simply looking up IP addresses.

For example, in Internet telephony (H.323), one of the ways of expressing
the callee is using what looks like an e-mail address.  The part of the
callee name after the "@" is used in a DNS query to obtain a TXT record
which, in turn, references a "gatekeeper" for the callee's H.323 zone.

That is just one of several ways in which DNS is being used for things
well beyond mapping of names to IP addresses.

We have to be aware of these uses of DNS and not wear blinders about DNS
like WIPO did.

I also want to mention that in these days of web caches and other forms of
proxy devices, DNS queries are often captured and manipulated in order to
re-aim a client to a more convenient server for a particular service.  In
those situations, which are becoming, increasingly common, DNS is being
used as sort of a yellow pages service lookup rather than a white pages
address lookup.

--karl--

[IFWP] What I would have said...

[Karl Auerbach]

Here's what I would have said were I going to be there tomorrow

  http://www.cavebear.com/cavebear/growl/

--karl--

Re: [IFWP] ICANN Membership

[Karl Auerbach]

 
> ... Was it because you wanted to split the user...

It is an interesting notion that there can only be one of any kind of
"constituency".

If constituencies were truely "self organizing" than there should be any
number of them, they should be born, and they should die, as people form
them or leave them.

It's my view that there should be an unlimited number of constituencies
for individuals or others that reflect the transient commonality of
opinions among the members of each group.

--karl--

Re: Re[2]: [IFWP] ICANN's "Internet Community" - Fact and Fancy

[Karl Auerbach]

> Also disturbing is this comment from Esther Dyson's letter to Becky Burr:
> 
> This Board personifies effective
> consensus decision-making, and many of its members feel that losing the
> ability to discuss matters in decisional meetings in private will adversely
> affect the candor of those discussions, and potentially the ability to come
> to working consensus quickly, especially on some of the very complicated
> issues that remain for this Board to deal with.

Oh, the poor, poor board members.

Openness was part of the job of being a board member from the outset.  If
a board member can not live with making decisions in an open, transparent,
and accountable manner, then that board member should have not accepted in
the first place and should step down immediately.

One has to wonder what kind of discussions are taking place that the board
members feel embarrassed to disclose.

I can guess -- the setting of Robert's pay at $18,000 per month, the
decision to have ten highly paid managers to oversee the work of four
low pay employees, the decision to pack the DNSO with commercial interests
and reject non-commercial and individuals, the decision to remove the
right of individuals to participate at parity with organizations in the
SOs, etc etc.

I know that I'd be embarrassed to have people know that I voted for things
like that.  But of course, since all the decisions were unanimous, we know
who voted for these egregious things anyway.

But we don't know why.

--karl--

Re: [IFWP] ICANN Membership

[Karl Auerbach]

> > This was also the concept of my model for NewCo membership.
> > I agree with Ellen, that there is much merit in the idea of limiting ICANN
> > membership to the assigned name and number stakeholders.
> > I suspect this idea will find sympathy in Joe Sims ear too. 
> 
> What about corporate holders?  Should they be permitted to vote in the at-large?

In the IDNO context a similar question arose: How do we handle individual
who "own" domain names indirectly via a privately held corporation or
other intermediary, but fully controlled, entity.

We resolved this by giving membership to anyone who could demonstrate
sufficient control over a domain name that as a practical matter it is
equivalent to ownership.  Thus, if I am the sole stockholder in a
corporation and I can instruct that corporation to dispose of the domain
name, then that amounts to "ownership" and is thus grounds for IDNO
membership.

Thus, for example, if a person from IBM were to apply and that person
could demonstrate the unalloyed discretion to drop or sell ibm.com, then
that person could be an IDNO member.  Of course, in large corporations,
it is unlikely for any one person, even the CEO, to have unfettered
discretion over the disposition of what have become valued assets.

As for ICANN's General Membership itself -- Corporations can be fully
represented there via the people they send.  If I were a corporation, I'd
be happy to know that I can send as many people as I want to back my
position rather than being limited to a single vote.

--karl--

Re: [IFWP] ICANN's "Internet Community" - Fact and Fancy

[Karl Auerbach]

> I actually meant to include the poised list as an example of a place
> where I have seen a good amount of support for ICANN as well.

Actually if you read the Poised list (I am a former co-chairman of the
IETF Poised working group) you will find that the IETF support for ICANN
is not at all clear or unqualified.

And one has to remember, that until ICANN amended its by-laws to eliminate
the parity role of individuals in SO's, the PSO design offered by the IETF
would have had to be rejected because it has absolutely no role for
individuals, or indeed for anything but large standards making bodies.

--karl--

Re: [IFWP] ICANN's "Internet Community" - Fact and Fancy

[Karl Auerbach]

> > As it turns out, ICANN actually has an official
> > "Community Feedback" site that contains an archive of
> > all the "reflections of community consensus."  It's the
> > only site, and it's at http://www.icann.org/feedback.html
> 
> I wouldn't go so far as to say that ICANN's community feedback site is
> the only repository of community consensus -- there is also this list,
> domain-policy, the IETF list, and the ISOC list.  Possibly there are
> others I have not read.

The board members have indicated that they rarely, if ever, read this
(IFWP) mailing list or the domain policy one.  And the IETF and ISOC lists
(I'm on both) are virtually devoid of relevant comment on these matters.

Given that ICANN's organic documents mandate openness to the "maximum
extent possible", the hunt by ICANN to create confusion regarding
"consensus" about open meetings is childish.

ICANN is obligated by its organic documents to have open meetings.  There
are very few voices who advocate the current closed meeting policy.

There are two conclusions one can draw:

 - Either ICANN has no intention of following its rules and is looking to
   amend or hand-wave its way out of compliance.

 - And/or ICANN is out of contact with reality and is living in a fantasy
   world of its own creation and among only those it choses to interact
   with.

--karl--

No Subject

[Karl Auerbach]

Comments on the proposed ICANN by-laws change:

> The Internet community is invited to make comments on the proposed
> Amendments. Comments should be emailed to
> http://www.icann.org/comments-mail/comment-dnso/maillist.html. 

>   The following proposed Amendments to the ICANN Bylaws are intended to
>   implement an evident consensus among participants in the ICANN process
>   that no single company should be able to place more 
>   than one representative on the Names Council of the Domain 
>   Name Supporting Organization

First: I note that it is thus the case that the current bylaws do not have
the proposed restriction.

Consequently, at the time the member of the gTLD constituency appointed
three representatives it was entirely within its by-law given rights to do
so.  And thus the rejection of those representatives from that meeting was
improper and a violation of ICANN's then existing, and still existing
by-laws.

Second: I question how this "evident consensus" was ascertained. There has
been no "consensus count" or clearly stated question on this matter.

I do suspect that if such a consensus count were to be made, the answer
would be conform to the asserted consensus.

However, I must object to a bald assertion of "consensus" without there
being a clearly stated, and focused question placed before the e-mail
community.

--karl--

RE: [IFWP] Cross from IETF-Poised on PSO

[Karl Auerbach]

> Membership is completely open to organizations worldwide.
... 
> Participation to standardization work is open to any individual designated
> by a Member.

That's nice.  It is a sorry thing that the PSO fails to recognize that
standards decisions have impact on far more than standards bodies.

Until Singapore, the ICANN bylaws had an explicit provision that mandated
that individuals have a role, on parity with organizations, in all
Supporting Organizations.

That language was quietly removed from the ICANN bylaws at the same time
the placeholders were added for the PSO, and ASO.

In other words ICANN, without discussion, without disclosing its
reasoning, without any attempt whatsoever to have open processes, charged
all of us a heavy fee for the DNSO, PSO, and ASO.

And that fee was the removal of the right of individuals in ICANN to have
any parity role in the Supporting Organizations.

--karl--

Re: [IFWP] Re: Membership & supermajorities

[Karl Auerbach]

> >In other words, if there were to be established a viable non-ICANN root
> >system, then all this effort to establish advisory committees, Supporting
> >Organizations, WIPO rules, ADR, taxes/fees, etc would all exist only on
> >those things willing to voluntarily accept the rules derived from the
> >ICANN root (and possibly the ICANN TLDs).  Everyone and everything else
> >would be exempt.

...

> Which certainly has its appealing aspects.  But 'splain something: I'm
> sitting here on, say, a xxx.com or a xxx.net ISP, and I want to search a
> .per or a .biz

In general we need to begin by distinguishing between the typical end user
machine and an intermediary machine that I'll call a resolving server.

In general when one configures a user machine one of the configuration
parameters is one or more IP addresses for one or more resolving servers.
(This is often done via DHCP, so the user never even sees it happening.)

These intermediary servers do the real heaving DNS lifting on behalf of
the end user machines.

These intermediary machines are usually operated by an ISP or a corporate
or organizational administration.  Some of us techies run our own.

In any case, these intermediary machines are where the knowlege of which
root system to use is to be found.  Generally this is a file named
"named.cache", or "cache.db" or something like that.

I'll attach a copy of a commonly used one at the end of this note.

This file tells the intermediary server what root servers to use.

If the intermediary uses a file that lists root servers that know about
.per and .biz, as well as the normal TLDs, .com/.edu/.net/.org ... and the
various ccTLDs, then you will have no problem resolving any name in any of
that set of TLDs.

If the intermediary uses a file that lists root servers that don't know
about the TLD you are uttering in your query, then you will get an answer
that says "we dunno".

It all comes down to what I have been calling the "inventory" of TLD
references that are adopted by the operator of the root server group which
your intermediary server points to.

If the root server group operator has a big inventory, you can resolve
lots of TLDs.  If the root server operator has a small inventory, your
name resolution experience will be diminished.

It takes only a short period of time (usually tens of seconds) to re-aim
one of those intermediary servers from one root system to another -
generally one simply copies a new cache.db file and then executes a very
simple three word command.

As a general matter, those who operate root or TLD servers do not allow
those servers to accept "recursive" queries.  Rather the work of walking
down through the DNS label hierarchy is expected to be done by the
intermediary server and not by the root or TLD servers.

That may be a bit cryptic, but it means that as a general matter, an end
user computer needs to use an intermediary server that is willing to do
the "recursion".  Fortunately virtually all intermediary servers are
willing to do this.

But it does mean that the end user tends to have to select which root
server group (and hence the inventory of TLDs) by the indirect method of
selecting an intermediary server that, in turn, points to the desired root
group.

It is easy and relatively inexpensive, however, to set up intermediary
servers.  The main problem typically being administrations that have
firewalls that limit the passage of outgoing DNS queries to packets
originating from a limited set of machines.  In those cases, some
additional doors may have to be configured into the firewall.

Much of this may sound a bit complicated.  But it's really not all that
hard to do in practice.

Below is a copy of the file that intermediary servers use to find the
"legacy" set of root servers.

To change the roots that one uses, one simply drops in a different version
of this file and pokes the DNS server software to say "new configuration
is available, use it".

(An somewhat different method, which I won't get into here, and which is a
bit harder, but more flexible, is for a user with a box with a real
operating system, to run their own root with their own favorite inventory
of TLDs.)

--karl--


;   This file holds the information on root name servers needed to
;   initialize cache of Internet domain name servers
;   (e.g. reference this file in the "cache  .  "
;   configuration file of BIND domain name servers).
;
;   This file is made available by InterNIC registration services
;   under anonymous FTP as
;   file/domain/named.root
;   on server   FTP.RS.INTERNIC.NET
;   -OR- under Gopher atRS.INTERNIC.NET
;   under menu  InterNIC Registration Services (NSI)
;  submenu  InterNIC Registration Archives
;   filenamed.root
;
;   last update:Aug 22, 1997
;   related version of root zone:   1997082200
;
;
; formerly NS.INTERN

Re: [IFWP] Re: Membership & supermajorities

[Karl Auerbach]

> > Consequently, ICANN will have the power
> > to set the terms and conditions under
> > which a name server's domain name will
> > exist.
> >
> > These "flow down" contracts are the
> > essence of a strict REGULATORY regime
> > that will not only affect name servers,
> > but virtually every aspect of the entire,
> > world-wide Internet.
> 
> Yes.  They certainly have that potential.  What happens if the name
> server owners band together and say "Stuff it"?

Not much unless they establish a new version of the TLD to which they
belong or a new root system.

An interesting twist is that multiple root systems not only tend to limit
the effectivness of the contractual flow-down mechanism, but they also
limit the application of the WIPO rules as well.

In other words, if there were to be established a viable non-ICANN root
system, then all this effort to establish advisory committees, Supporting
Organizations, WIPO rules, ADR, taxes/fees, etc would all exist only on
those things willing to voluntarily accept the rules derived from the
ICANN root (and possibly the ICANN TLDs).  Everyone and everything else
would be exempt.

--karl--

[IFWP] Where'd the money go?

[Karl Auerbach]

I hear that ICANN has run out of money.

Have they published a statement showing the expenses to date.

(I, for one, wouldn't want to to pay the $1 domain name tax [not to
mention the probable eventual $$ for IP address space tax] when there is
no published record of how the entity which is imposing the tax is
spending it.)

For those who object to the word "tax", you can do a replace the word
"tax" with 'mandatory fee unrelated to costs".

--karl--

Re: [IFWP] Voter authentication

[Karl Auerbach]

> > I still believe that dishonesty of the voters is not the central problem
> > and that web based voting can easily be audited after an election in case
> > the results are challenged.
> 
> The Committee disagreed.  99% of the voters may be honest, but the remaining 1%
> can do so much damage.

Two points 

 - Such voters can do damage only when the race is so close that 1%
   differences matter.

 - The greater damage may be caused by allowing the fear to enable the
   alternative, no elections at all and the establishment of a permanent
   non democratic system.

Perfection is simply not part of our world.

The IDNO is still the only element near or within ICANN that has a working
voting system.

And ICANN has not indicated when, if ever, the IDNO will be recognized to
become a single tiny minority against the already recognized, highly
commercially biased set of DNSO constituencies.

I would submit that the later prejudical structure of the DNSO is a form
of built-in electorial dishonesty that is more real and more damaging than
any imagined electorial fraud in the IDNO or the that seemingly remote
possibility that we call the ICANN General Membership.

--karl--

Re: [IFWP] Why fail on purpose

[Karl Auerbach]

> >Nobody was railroaded out.  There was a short period when some hot-tempers
> >caused a few short-lived changes to the mail list.  All members of the
> >IDNO are welcome on its mailing lists.  But one should also not forget,
> >that like any other organization, the members are free to set the
> >membership criteria, just as all the other constituencies of the DNSO have
> >done.
> 
> Karl, nicely said, but unfortunately the situation was rather more 
> complicated and destructive.
> 
> Minor items like an entire lack of documentation for the organizational 
> details you cited -- which therefore led to ad hoc policy setting by the 
> list owner, and even removing one list participant without their requesting 
> it  -- reflected sufficient confusion and contrariness to the 
> organization's operation to suggest that it is nothing at all like an 
> "individual domain name owners" constituency.

There is no doubt that the actions were made ad hoc and in the heat of
temper.

But then again, the Names Council excluded legitimate attendees and
observers in Berlin.  And the GAC excluded entire countries.

Under the proprosed rubric, both of those bodies should now be banned
utterly from ICANN.

I might add, that ICANN itself has excluded, and continues to exclude,
legitimate parties from its processes by the simple act of closing its
meetings, a clear violation of its organic documents.  By the logic being
suggested, ICANN itself should be suppressed.


> >By-the-way, what is wrong with a group that has questions about ICANN?  Is
> >it the case that all you want in ICANN are sychophants and yes-sayers?
> 
> Nothing wrong with having questions.  That, however, was not what IDNO was 
> devoting its list time to.  It was simply engaging in bashing, and not even 
> bothering to spend time in the details of its own formation.

Not true, we were formulating the membership policy.  Those who refused
to be members were simply engaging in the Monty Python skit called "the
Argument" in which they simply engaged in blind, automatic, knee-jerk,
unconstructive contradiction of every step that the members were taking.

Although I did not agree with the steps taken, I do agree with Joop as to
the disruptive character of the postings which caused the situation to
develop.


> >It is amazing to see all the petty complaints being made about the IDNO
> >voting system.
> 
> >It works.  It has not been abused.  And it is inexpensive to operate.
> 
> How do you know it hasn't been abused?

Because the results are published and the votes accord with the rough
mental audit process that most of us do to validate that the results are
in line with what one would expect.

There is no evidence of fraud or of abuse.

As it stands the IDNO is the only body near or in ICANN that has a working
voting system.

That system has now been sucessfully used several times, including an
election on the IDNO's membership policy.

It is a sorry thing that so many are afraid of a simple thing called
"democracy" on the Internet.

--karl--

Re: [IFWP] Why fail on purpose

[Karl Auerbach]

> > The IDNO constituency will prove to you and to ICANN that Tony is right. 
> > Voting is now underway for a 21 member steering committee for the IDNO.
> 
> OTOH, you railroaded David Crocker, Kevin Connolly, and I out of the
> group, and there is a clear systematic anti-ICANN bias in the IDNO. 

Nobody was railroaded out.  There was a short period when some hot-tempers
caused a few short-lived changes to the mail list.  All members of the
IDNO are welcome on its mailing lists.  But one should also not forget,
that like any other organization, the members are free to set the
membership criteria, just as all the other constituencies of the DNSO have
done.

By-the-way, what is wrong with a group that has questions about ICANN?  Is
it the case that all you want in ICANN are sychophants and yes-sayers?

It is amazing to see all the petty complaints being made about the IDNO
voting system.

It works.  It has not been abused.  And it is inexpensive to operate.

And given the size of our ICANN and DNSO groups, perhaps it is sufficient
for ICANN's needs.

It is surprising at all the vehemance that is being brought down on the
only working voting system in all of the land of ICANN.

The IDNO voting system is a first step.  And it is a good step.

One may as well say that a child is a failure because on its first day of
walking it can't run and win a 100 meter race.

--karl--

Re: [Fwd: [IFWP] Multiple roots...]

[Karl Auerbach]

> >> So far as I know, consumers can edit the fields in their network control 
> >> settings for most OSs to direct themselves to any DNS server willing to 
> >> resolve names for them.
> >
> >Actually it is a bit more complicated than that.
> 
> I should think so.  Fact is, most consumers (Mom, Pop, Granny, etc.)
> get lost without an icon to click on. It is this mind set among the
> techie nerds which -- and this may surprise you -- lies at the direct
> root (no pun intended) of the reason why individual domain name
> holders cannot be recognized, no matter what they do.


You probably can't tune your automobile -- they are far too technical
nowadays for the average home joe.  Yet you can select which
professional mechanic you go to.

And one can evaluate how good a job that professional does -- if your car
doesn't run afterwords, overheats, dribbles oil, or the gas mileage drops,
you knew he/she screwed up and switch to a new mechanic.

Similarly, even if one can't run a DNS server, one can clearly know
whether when one gets the expected response when one types
"http://www.freds-barbershop.com/ into one's browser.

And in the case of IP telephony (bet you didn't know that DNS is being
used to help route calls in IP telephony) even if you don't understand
H.323, if you call "[EMAIL PROTECTED]" and you get Daves Travel
Agency, then you know that your IP phone company is screwed up and you
might consider switching.

--karl--

Re: [IFWP] Multiple roots...

[Karl Auerbach]

> But I said "direct themselves to any DNS server," not "direct themselves to 
> any root server."  Aren't we agreeing that any intermediary can set up a 
> DNS resolver, which in turn gets its info from any root server it chooses, 
> and then consumers can point to whatever intermediaries they please.  And 
> Richard Sexton has written an app to make it as easy as a click for 
> consumers to choose.

Yes, it is easy for most end-users to repoint his/her individual computer
to use any intermediary server/resolver that one choses (absent firewall
considerations that force one to use a particular intermediary inside the
firewall.)

Some "operating systems" tend to require a reboot to do this unless one
uses some non-OS-vendor software to do the switch.

Thus, as you say, for me as an individual to use a particular DNS resolver
(and hence by indirect reference) a particular root server system, I would
need to re-aim my personal computer to an intermediary server that, in
turn, uses the root system I want to use.

Most people who use ISP services or who live in organizations have this
information configured for them, so, they could be re-aimed en-masse by
the ISP or organization should that ISP or organization chose to use a new
root system.

But suppose I were a member of a community of some sort (a church for
example), I could easily set up such an intermediary DNS server and send
to my members by e-mail or otherwise the steps to switch to that
intermediary.

This may not be best in terms of the network traffic matrix, but there are
always some prices that we pay for flexibility.

 
> So what's stopping market forces, as you say, from creating the nicely 
> nested (but still not completely overlapping) competitive set of DNS 
> services?  I'd imagine only the market itself so far--which has been known 
> to miss good opportunities in the space, to be sure.  ...JZ

There's a couple of reasons why multiple root systems have not really
happened in any big way, yet.

(I might note that I have heard that some of the larger providers and
corporations do actually run their own root systems, but that they are
exact mimics of the "legacy" root system and are there to prevent
reflecting NSI-derived problems onto their customer/employee base.)

Here's my list of reasons:

- The current root system has worked reasonably well so far.
  (Although if one looks at the talk on NANOG today, there are a
  lot of reports of NSI foul-ups, but those are in the TLDs, not
  the root zone.)  So theres a strong, but diminishing, feeling of
  "if it ain't broke, don't fix it"

- There has been a technical and personal prejudice against
  multiple roots.  Those who have suggested it have been belittled
  by some.

- There is a fear of network instability.  There is technical
  basis for these fears.  (Although in my mind people ought to be
  more afraid of our Internet routing systems creating unreachable
  areas as peering/transit arrangements get more complicated.)

  The issue is how much fear is reasonable fear.  To me, this is
  where the main part of the dissussion needs to happen.

- There is a concern (in my mind at least) of the potential of ISC
  changing the BIND [the most common form of DNS server] license or code
  to restrict the creation of multiple root systems.

- Few have yet thought of using a root system as an entrapreneural
  vehicle.

- There have been many eminations from NTIA and ICANN through the
  last couple of years that there is and shall be but one and only
  one "authoritative" root system.  By implication, all other root
  systems would not be "authoritative", an untrue statement.

In other words, most of the hesitation has been mental/attitudinal rather
than technical.

--karl--

[IFWP] Multiple roots...

[Karl Auerbach]

> So far as I know, consumers can edit the fields in their network control 
> settings for most OSs to direct themselves to any DNS server willing to 
> resolve names for them.

Actually it is a bit more complicated than that.

Relatively few user machines really point directly at any root server
system.

Rather, the settings on a host generally point to an intermediary server
that acts as a resolver.  This is a good thing because the intermediary,
unless it is on one of those "operating systems" tends to run long enough
to build up a reasonable cache of resolved names (and hence helps the
system scale.)

These intermediary servers are the things that usually point to a root
sever system and these machines are generally run by an user's ISP or the
user's organization.  Some of us (like me) run our own.

I'm now making a context switch and jumping into the notion of multiple
roots

The key is to change our way of thinking about the DNS -- rather than
treating it as a core, fundamental service, it can be conceived of as a
service that can be offered by any number of providers and that users
chose among those offerings according to their needs.

We have an existance proof that this works -- there are a large number of
publishers of telephone directories.  Some of these are published by the
phone companies, some are by folks who want to sell yellow pages(tm)
advertising, some are on CD-ROMs (hence the Supreme Court case on the
copyrightability of collections of facts), some are on web pages.

Yet, they all lead to usable answers.  If any one of these didn't it would
lose market share and fade away.

The DNS can work the same way - we simply consider that there can be a
multiplicity of root systems, all operated independently, and all putting
into their "inventory" those TLDs that they think they can sell.

Because TLDs are now inventory, the root system operators will avoid those
TLDs that are troublesome, particularly those that are disputed.

That gets rid of the debate over how many and which TLDs to have -- the
competition of market economics decides.

Every root server system operator will try to trump its competitors by
having the most complete inventory of TLDs.  This leads to an end
situation in which every root server system has all the viable TLDs, so
they are all essentially equivalent.

Then the distinction becomes that of value added services.  And yes there
are value added services that a root server system can offer to its
customers.  I've thought of a few that I mentioned - pointing to versions
of the TLDs that filter out porn sites, or offering free registration
services in your TLD to people who use your root system, etc etc.

As for fights over TLDs -- this approach says "let the contestants 'em
duke it out among themselves using standard economic and legal weapons."
We don't need any new bureaucracy to decide, we'll just let the law evolve
as it has over hundreds, if not thousands of years, through the resolution
of actual disputes between actual parties.

There are those who will wail and gnash their teeth and paint pictures of
doom, of internet instability, of internet non-connectivity.

To them I say: yea be of little faith in economics and competitive forces.

It is my assertion that multiple root systems, if recognized as legitimate
rather than routinely kicked and condemned, would quickly evolve into a
very stable system -- each root system would carry all the TLDs that
people want, otherwise the root system with the inadequate inventory would
failas customers migrate to places they like better.

And the TLDs will be the TLDs we expect.  Any root server operator that
includes versions of TLD servers that don't return the answers that people
expect is a root server operator who is soon going to learn the phrase
"Would you like fries with that" at his/her new job.

In addition, the net would be in fact more stable with multiple root
systems -- we would have elminated a single point of failure.  We have
seen what happens when a root zone is polluted, all kinds of bad things
can happen.  With multiple roots, we have an easy and hot fallback for any
user that happens to encounter root pollution.

The Internet has run for some years now with some small-scale multiple
root systems operating in parallal to the one big "authoritative" root
system.  I've used 'em.  Nothing went wrong.  I can attest from direct
experience that it it all works just fine.

One reason it that it hasn't taken off is that those who espouse this idea
have often been belittled and condemned and the idea is never allowed to
be discussed fully and without prejudice.  I hope that that is no longer
the case.

Another reason is that there is a great deal of momentum behind the
current root system.  That's why I've explored the thought that there can
actually be value-added differences that would create a reason for a user
(or, in most cases, the administration of whatever intermediary server is
being used) to switch.

Re: [IFWP] Re: Fw: Re: [ga] Letter from Mike Roberts re: gTLD Constituency Group

[Karl Auerbach]

> >You might also be surprised by the number of people who find no reason
> >to point to the alternative roots. Not because they are afraid of things
> >being broken, but simply because there is no compelling business/pleasure/
> >whatever reason that they *need* the alternative roots.
> 
> Hey good point. What would make you switch ?

What if I said "use my root and I'll offer you two years of free
registration in my new TLD"?

What if I said "use my root and I'll point you to versions of the TLDs
that filter out known porn sites."

Etc, etc.


--karl--

Re: [IFWP] DNSO Names Council Teleconference Webcast

[Karl Auerbach]

> Since nobody but NC members can participate in the Names Council 
> teleconf.

Are they really being so stupid as to hold yet another closed meeting?

Of course that would be a violation of the ICANN bylaws that require open
meetings "to the maximum extent".

There is *NOTHING* that they can be talking about that requires a closed
session.  The names council has no personel matters to discuss, no
contracts being negotiated.

> If they expect any feeling of legitimacy whatsoever from the GA 

How about from anybody?

Closed meetings are an insult to all of us, a violation of the organic
documents, and fly in the face of NTIA's letter to Congressman Bliley.

--karl--

Re: [IFWP] More detail on DNSO WG-A

[Karl Auerbach]

 
> 3.Your Representations.  By applying to register for a Domain Name, or by
> asking us to administer or renew a Domain Name registration, you hereby
> represent to us that (a) the then-current statements that you made in your
> Registration Agreement are complete and accurate; (b) to the best of your
> knowledge, the registration of the Domain Name will not interfere with,
> infringe upon or otherwise violate the rights of any third party anywhere in
> the world; (c) you are not registering the Domain Name for an unlawful
> purpose; and (d) you will not use the Domain Name unlawfully.

I would expect nothing less than reciprocal undertakings to be made by
those registering trade and service marks -- that those marks do not
infringe on or otherwise violate the rights of any third party anywere in
the world.

--karl--

Re: [IFWP] Trademark Stupidity

[Karl Auerbach]

 
> I am referring to the fact that first-come, first-serve doesn't recognize
> trademark or other rights as they apply to the use/registration of words.

Should the law be in the business of constraining technical development or
should it try to reflect its acceptable modes of use?

This is an important question -- ICANN's policy vis-a-vis the DNS is
founded upon, and institionalizes a particular view of the way DNS is and
should be used.

As such, ICANN's policies are constraining and limiting certain directions
of technical development and entraprenureal activity.

In particular, should law, via ICANN, dictate that the Internet shall be
forever a system with a single DNS root?  Or should the law/ICANN step
back and say "let us recognize technology and its evolution?"

Should the law ban digital photography because it substantially damages
the evidentary value of photographic evidence?

Should we ban the Internet because it diminishes international borders?

Should we ossify the DNS in the image of trademark?

I would suggest that law, in these cases, should be reactive to limit
harm, not proactive and try to dictate technical direction.

--karl--

Re: [IFWP] RE: Lou Gerstner on what IBM wants from ICANN

[Karl Auerbach]

> > You do not own your domain name. 
> 
> There is now case law on the books that says otherwise.
> 
> You are quite simply wrong.

This is one of those cases where "ownership' is a soft concept.

Maybe one doesn't have absolute, unlimited title to a domain name, but one
has some collection of rights, contractual and perhaps otherwise, that are
in and of themselves rights that can be transferred (perhaps for a quid
pro quo, i.e. sold), used as security for debt, licensed, delegated, etc
etc.

One should remember that even in land, nobody has absolute title -- the
government always has an overriding power to take it away, to levy
taxes, and to limit use.

My conclusion is that domain names do come with a bundle of rights and
that those rights do constitute sufficient discretionary power over the
domain name that they, or at least the rights towards the domain name if
not the name itself, could be considered a form of property right.

Of course, this sub-thread started off on the issue of whether the DNS
root is a public resource or "private property".

Given that there can perfectly well be multiple roots, I would tend
towards, but I don't go all the way, towards the latter.  But ICANN and
its regulation are being based on the presumption of a single, universal
root.

--karl--

Re: [IFWP] Re: Speculation

[Karl Auerbach]

> TM holders have a fairly strong case that speculation causes them 
> harm.

How is the harm caused by a domain name speculator worse than the harm
done by another trademark owner who happens to have the same string and
the domain name?

And if mark holders are harmed by domain names, then the converse is just
as true, and the proposed law should be adjused accordingly.

--karl--

RE: [IFWP] The Sims-Auerbach Correspondence (was: The CPT- ICANN Correspondence

[Karl Auerbach]

> > Then there ought to be absolutely no objection to removing virtually all
> > but the last paragraph of section VI.2.(e), all of section VI.2.(f), and
> > the middle part of VI.2.(g) from the ICANN bylaws.
> > 
> Not really.
> Under the current bylaws, nothing prevents the Board from doing what they
> want with a recommandation, with the justification that they reject it
> because they think that it is not in the best interest of the Corporation
> (see VI.2.e.1 below)
> 
> (1) furthers the purposes of, and is in the best interest of,
> the
> Corporation;
> 
> According to my reading, the current bylaws only set a frame of reference
> for the political context in which the recommendations will be
> accepted/rejected, but do not limit the real power of the Board.
> 
> May I know what is the *real* reason why you insist in making changes to the
> bylaws that would have no added value?

As you seem to agree, the bylaws contain language which has no value.

And since that language uses mandatory words to define what you say are
really discretionary acts, to that extent the bylaws are misleading.

Don't you think the bylaws should say what they are purported to mean.


By-the-way, I don't like the tone that says that there is an evil motive
in asking that the bylaws reflect what they are supposed to mean.

If the bylaws use the word "shall" and the intent is "may", then the
bylaws should be amended.

If the bylaws contain limitations which are redundant then the redundancy
should be removed because it tends to mislead one into believing that the
enumerated list of things is the exclusive and sole list of things.

ICANN is already on the verge of failing.  It doesn't need to add to its
woes by by-laws that apparently have a meaning that the opposite of what
is intended.

So let's dispense with the innuendo about my "*real* reason".

By-the-way, if you think bylaws are merely a "frame of reference" to be
disregarded as the political winds blow, then you might be surprised when
California Corporations law comes to roost on the doorstep and says
"nevermore".

--karl--

[IFWP] Re: [IDNO:429] Re: GA as IDNO

[Karl Auerbach]

> > And, as I've pointed out before, the notion that the IDNO is obviated  
> > by membership in the General Assembly is a false notion.
> > 
> > Constituencies in the DNSO have significant powers that are different and
> > distinct from the powers of the DNSO General Assembly.
> 
> True, but irrelevant.

Balderdash!

The fact that they are different destroys your argument that one can
substitute membership in the General Assembly in lieu of a constituency
for individuals.

The fact is that the powers of the two roles are different.

Exclusion from either of the roles results in a diminuation of power.

That is raw, naked, and unjustified discrimination against individual
domain name owners in favor of registries, registrars, ISPs, intellectual
and property interests.

If you want a "modified" general assembly, then let's do it right - let us
simply have a DNSO general assembly and dump this discriminatory nonesense
called "constituencies".

--karl--

Re: [IFWP] RE: Next Names Council Meeting

[Karl Auerbach]

> >>In any case, there will be a Names Council meeting on June 25 in San Jose.

I will be present.

I will be admitted.

I will participate according to the rights and privileges granted to me
under the Bylaws of ICANN and the laws of the State of California.

--karl--

Re: [IFWP] Board Resolution on Constituencies

[Karl Auerbach]

Let's put that Board resolution into a form that says what it really means:
 
> DNSO Constituencies
> 
> The Board discussed the applications received to date from groups desiring
> to form Constituencies of the Domain Names Supporting Organization.  After
> consideration, the Board unanimously adopted the following resolutions.
> 
> RESOLVED, 

that non-commercial interests and individual holders of domain names
shall have no means of participation in the critical early decisions
of the DNSO, and indeed may perhaps never participate in the DNSO.

In particular, it is resolved that non-commercial interests and
individual holders of domain names shall have no means of
participation in the debates on, and the decisions about, the WIPO
matters which the board has delegated to the DNSO.

The Board Resolves that the Domain Name System of the Internet shall be
the property of commercial registrars, commercial ISPs, and commercial and
business entities.

The board wishes to emphasise that individuals, indiginious groups,
schools, churches, charities, and community organizations have no place in
the DNSO or the Domain Name System.

The board finally wishes to point out that, as this resolution was adopted
unanimously, that this feeling is held by all members of the board.

--karl--

Re: [IFWP] use of domain name, and infringement

[Karl Auerbach]

> I don't want to sound like an NSF apologist, but I think it's an
> oversimplification to say that they guaranteed NSI a profit in the
> cooperative agreement.  NSF could not have predicted the future, where
> domain name registrations would take off as a result of the popularity of
> the web.

Cost+fee means that the contractor gets from the goverment two things:

- Reimbursement for costs (lots of accounting issues as to
  what constitute "costs")

- A fee

Most folks would call that fee a "profit".

The original cooperative agreement was a cost+fee agreement.

The only risk involved is if NSI were to incur expenses that the
accounting rules did not allow as "costs".  This would tend to be things
like buying expensive real estate, etc.

It was exactly because the difficulty of predicting the future workload
that that this kind of cost+fee arrangement is used.

Guaranteed profit is not an uncommon thing in aerospace and other
quasi-scientific kinds of contexts.

--karl--

[IFWP] MAC Final Recommendations

[Karl Auerbach]

This just in...

The final MAC Report may now be found at:

http://cyber.law.harvard.edu/rcs/macberlin.html

--karl--