[a dated, biased (what isn't?), insightful, and
relevant interview]
Published on Policy DevCenter
(http://www.oreillynet.com/policy/)
http://www.oreillynet.com/pub/a/policy/2002/12/05/karl.html
Karl Auerbach: ICANN Out of Control
by Richard Koman
12/05/2002
Editor's note: Strong forces are reshaping the
Internet these days. To understand these forces--
governmental, business, and technical--Richard Koman
interviews the people in the midst of the changes.
This month, Richard talks to Karl Auerbach, a public
board member of ICANN and one of the Internet
governing body's strongest critics.
October's distributed, denial-of-service attack
against the domain name system--the most serious yet,
in which seven of the thirteen DNS roots were cut off
from the Internet--put a spotlight on ICANN, the
nongovernmental corporation responsible for Internet
addressing and DNS. The security of DNS is on ICANN's
watch. Why is it so susceptible to attack, when the
Internet as a whole is touted as being able to
withstand nuclear Armageddon?
It's religious dogma, says Karl Auerbach, a public
representative to ICANN's board. There's no reason DNS
shouldn't be decentralized, except that ICANN wants to
maintain central control over this critical function.
Worse, Auerbach said in a telephone interview with
O'Reilly Network, ICANN uses its domain name dispute
resolution process to expand the rights of trademark
holders, routinely taking away domains from people
with legitimate rights to them, only to reward them to
multinational corporations with similar names.
Auerbach--who successfully sued ICANN over access to
corporate documents (ICANN wanted him to sign a
nondisclosure agreement before he could see the
documents)--will only be an ICANN director for a few
more weeks. As part of ICANN's reform process, the
ICANN board voted last month to end public
representation on the board. As of December 15, there
will be zero public representatives on the ICANN
board.
How does ICANN justify banishing the public from its
decision-making process? Stuart Lynn, president and
CEO of ICANN, said the change was needed to make
ICANN's process more efficient. In a Washington Post
online discussion, Lynn said: The board decided that
at this time [online elections] are too open to fraud
and capture to be practical, and we have to look for
other ways to represent the public interest. It was
also not clear that enough people were really
interested in voting in these elections to create a
large enough body of voters that could be reflective
of the public interest. This decision could always be
reexamined in the future. In the meantime, we are
encouraging other forms of at-large organizations to
self-organize and create and encourage a body of
individuals who could provide the user input and
public interest input into the ICANN process.
Former ICANN president Esther Dyson is also supporting
the move away from public representation on the board.
I did believe that it was a good idea to have a
globally elected executive board, [but] you can't have
a global democracy without a globally informed
electorate, Dyson told the Post. What you really
need [in order] to have effective end-user
representation is to have them in the bowels (of the
organization) rather than on the board.
Auerbach isn't buying. ICANN is pursuing various spin
stories to pretend that they haven't abandoned the
public interest, he says in this interview. ICANN is
trying to create a situation where individuals are not
allowed in and the only organizations that are allowed
in are those that hew to ICANN's party line.
In this interview, Auerbach makes a number of strong
criticisms of ICANN, beyond the issue of public
access:
* ICANN uses its domain name dispute resolution
process to expand the rights of trademark holders,
routinely taking away domains from people with
legitimate rights to them, only to reward them to
multinational corps with similar names, Auerbach says.
* ICANN unnecessarily maintains the domain name
system as a centralized database, making it vulnerable
to attack.
* ICANN has failed to improve network security
since September 11 and has ignored Auerbach's
suggestions for improving DNS security.
* ICANN staff takes actions without consulting the
board, withholds information from the board, and
misleads board members.
* Finally, Auerbach charges that ICANN is guilty
of corporate malfeasance.
Koman: On October 21, there was a denial-of-service
attack on DNS, which was widely reported as the most
serious yet. Something like seven of the thirteen root
servers were unavailable for as long as three hours.
What is ICANN's responsibility for DNS, and how
vulnerable is it to attack?
Auerbach: On the Internet, there are a couple of areas
that arguably need some centralized authority. One of
these is IP address allocation--addresses need to
handed out with some notion of