Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
The Internet Your Rights Online

Internet Governance; ICANN and Accountability 64

Contention writes: "The following policy was released by ICANN today (9th July), reiterating their commitment to 'A Unique, Authoritive Root for the DNS'. The document contains a stern warning to anyone '[working] under the philosophy that if they get there first with something that looks like a TLD and invite many registrants to participate, then ICANN will be required [...] to recognize in perpetuity these pseudo TLDs, inhibiting new TLDs with the same top-level name' while at the same time encouraging clearly marked, experimental alternate DNS roots." So ICANN says, unsurprisingly, that ICANN is needed to govern the domain system. Meanwhile, the Markle Foundation released a study of internet governance and accountability issues today. Read the study, or the NYT article about it.
This discussion has been archived. No new comments can be posted.

Internet Governance; ICANN and Accountability

Comments Filter:
  • by Anonymous Coward

    As soon as Microsoft roles out UDDI [] in all of their products, DNS users will be about as relevant as modern day trailer trash. So, who gives a rats ass what ICANN is doing since their going to be obsolete.

    Prove me wrong.

  • by Anonymous Coward
    So how do I go about setting up a root server for the .goat domain?
  • Then what happens when ICANN breaks?
  • Before 1913, the US Monetary system was under Government control. But, in a sudden take-over maneuver, the monetary system it was given to a private company called the "Federal Reserve". (Check out who owns it and sits on the board)

    If you want a better understanding of what the Government is trying to do with ICANN, look at the history or the Fed. How did a nation founded on a tax revolution end up paying over 50% to the government? (or, are we really paying it into the banking system?)

    The ICANN take-over is the latest model for Government "tax" collection. Taxing people rights to exist... or, for their ideas to exist online.

  • ... if the .cx ccTLD is any indication. ICAN'T has been blocking redelegation for over a year now without stating any reason as far as I understand. The shit really hit the fan when Planet Three (who initiated the redelegation in June 2000) became insolvent. Those who were using their e-mail and web forwarding services simply disappeared from the Internet. Those who are running their own nameservers should cross their fingers and hope they don't need to change their DNS entries, because they can't. All this because ICAN'T was unable to transfer control of the TLD to within 12 months !
    You can read about it here: []
    The IANA page still lists the wrong contact information: []
    If they are unable to keep their existing database in order, how can they possibly manage new top-level domains ?
  • I live in China, and the arguments ICANN makes for its continuing role are exactly, and I mean exactly, the arguments that the Chinese Communist Party makes for not allowing the existence of competing political parties.

    Simply substitute "social stability" wherever you see "Internet stability", and there you go.

  • But why should ICANN worry about the policies associated with each TLD?

    Why can't it delegate the policies to the domain owner along with the right to create sub-domains?

    For example, it has been suggested that .eu (European Community) should take the opportunity to be more strict about what organizations could own names etc. and so 'add value' over existing alternatives such as .uk or .com. I don't happen to agree with this suggestion for .eu, but is a perfectly reasonable requirement in the general case.

    Perhaps the fact that such basic concept distinctions are still not being made - here, between authority for names and authority for other things - is a consequence of the lack of formal definitions underpinning documents such as RFC 2826? (Exercise for the reader: go through 2826 and figure out when they mean fully-qualified name vs. partial (domain) name).

    There must be rigorous specifications around that could be used - I used to use The ANSA Naming Model [] some years ago, but there must be more recent equivalents - anyone got any pointers?



  • But there is a middle way between e.g.



    it is (amazingly enough)

    Profound? Well, not exactly - the point is that by putting the naming authority (Newnet) explicitly into the name at the appropriate place - the top - the battle for 'highly desirable' names will be avoided provided ICANN avoids upsetting people by allocating TLDs which have general significance in the real world - .good, .holy, .cheap etc. itself. Instead, its only function would be to delegate to other authorities and let them allocate the 'desirable' subdomains if they want.

  • I'll admit I'm not all that well-informed about the DNS system, but I think this idea makes a lot of sense... Has anybody given any thought to the idea of multiple existing DNS systems, with the ability to specify which DNS you're using?

    For example, say you have two websites, run by Siteowners Bob and Tom, who each want the domain "," and Siteowner Bob gets into the ICANN-run DNS before Siteowner Tom. So Tom goes to (and I'm pulling this name from nowhere -- I doubt it exists) CheeseDNS. The (hypothetical) newest versions of browsers are written under the assumption that there are multiple DNS' out there, and that functionality is written into them.

    So to get to Siteowner Bob's, you might type:


    ... whereas to get to Siteowner Tom's, you might type:


    ... or something to that effect.

    This would probably necessitate maintaing an active list of DNS' -- that could be kept by ISPs, or some regulating body (hopefully not ICANN -- preferably some newly-created regulating body whose members are voted on REGULARLY, to avoid problems like the ones we're having with ICANN.

    Like I said, this issue is not my area of expertise, so by all means tell me why it will or will not work.

  • It was much better than Cats. I laughed. I cried. I want to see it again and again...
  • I'd like to see a distributed DNS system based on cryptographically signed keys. Hmm. I'll have to think about how one would implement one of those...

    Dan Bernstein [] is working on something like that. See his website [] for his ideas on how to do it, at the end of the page following his rant about DNSSEC.

    The idea is simply to give each computer a name that includes the computer's nym, a fingerprint of the computer's public key. Other computers then discard DNS records for these names if the records aren't accompanied by signatures under the corresponding public keys.

    My top priority for djbdns is to support nym-based security.

  • Folks who insist that ICANN should vastly expand the number of TLDs need to understand that the current root servers are already overloaded, and that drastically increasing the number of TLDs will also decrease the hit rates in everybody's resolver cache (the probability that the resolver has the TLD records cached goes way down). This further increases the load on the root servers.

    There is a separate set of problems with adding more root servers, because the more servers for a zone (including the root), the harder it is to keep them in sync.

  • According to this article, does that mean the death of sites such as []?
  • Well, for one thing (and unlike ICANN) every one of our users has explicitly endorsed our operation of a DNS root ... ;-)

    To respond to a few of your other statements:

    1) OpenNIC is not, and does not want to be, _the_ root operator. We want to be _a_ root operator, and we encourage anyone who doesn't want their DNS root to run the way we do to set up their own and discuss root peering with us. A global DNS run by a collaboration between hetrogenous operators is the best possible structure for something as varied as the Net.

    2) Yep, we just decided we were a root and, lo!, we were. ;-) That's the way it works: anyone with the technical competence and the equipmewnt can set up a DNS root. It's not really very difficult.

    3) The complaint against ICANN is not that they did this (the U.S. government did it, not ICANN, for one thing), but that they did it without the consent of the users and that they refuse to cooperate with others. There are independant roots who don't cooperate either, and they're in much the same box as ICANN except, of course, that their users generally choose to use their system. ( is the more ICANN-like exception to this, since their agreements with Earthlink and such do mean the users had no real choice.)

    4) As the only person with root on the box that tabulates our votes, I can assure you there was no tampering, but that's not really sufficient, is it? We are working on a PGP signed voting mechanism, but as the Software Libre world is well aware, these things take time to build for a volunteer project. We are concerned about this, and we are working on it. It'd be great if you wanted to help on that.

    I don't know who the "Atlantic" is you're saying controls .net, so I can't answer the next two bits there.

    From the above, you can see that I do think OpenNIC (if not the other independant roots) is a very different beast from ICANN. We have a 100% voluntary participation and a true democracy, rather than a captive usership and just enough of the trappings of community to disguise the fascist operation underneath. So, I think there are differences. ;-)

  • wow, a Fp the said somthing. imagin that

    and to reply to your question, If you only had a million or 2 poeple on the net like the good old days that would be ok

  • The WWW needs the domain name system. Virtual hosting relies on the domainname to be transmitted in the HTTP request. Otherwise the server wouldn't know which of the many websites hosted on a single IP is the one you want to see. Other important aspects of the web would also fall victim to the no-DNS approach, for example multihoming and transparent migration of servers (which would be deadly for the email-system).
  • Redirecting and rerouting can not be used to transparently and permanently move a server or an entire subnet to a different IP-space. While transparency could temporarily be achieved with redirection, redirecting permanently would defeat the purpose. An abstract layer of names is necessary for the internet to work. My proposal is this: Create a top-level domain with a meaningless name, like ".TPMNKT". Then, just like the current domain name system, delegate subdomains, but require that these subdomains are handed must be random strings of consonants. Also require that these strings are at least 20 chars long and contain at least 10 different consonants. This way, all vanity should be removed from the game and domain names become just an abstract addressing layer. With that layer of fallback names in place, additional naming schemes can be proposed and tested by anyone without harming the basic operability of the net.
  • Instead of just posting your diatribe to slashdot, join opennic [] and see just how we vote (in fact, you can vote on the issue yourself).

    We do things entirely democratic at opennic --- which is one of the problems that we have with ICANN, in that they are not democratic, and are not even playing by their own rules.

  • Damn straight. Besides which, bookmarks can remember IPs, and search engines can be modified (if they have to be) to use IPs instead of a DNS.

    What's the biggie?

    Oh yeah, it would neuter ICANN....

    (no! it's not an anagram!)
  • ...released by ICANN today (9th July)...

    >Isn't today July 10th?

    Not necessarily.
    It may be July 11th in your timezone.


  • Check out theses cool satiric cartoons about ICANN. They say it all. []
  • Do we want to be the sole registrar for 30 pretty desirable TLDs just because they have a lot of venture capital from Idealab! to spend?

    It depends on what the alternatives are. looks a lot better than Network Solutions.

  • ICANN drags it's feet over creating TLDs, and then complains when someone else does the work for them?

    If this were a software project, we wouldn't listen to anyone who didn't contribute code.
    Show me the patches ICANN.
    What TLDs have you created?
    What has been done to promote competition?
    What have you done for the public?

    Instead of wasting time tearing down the others, make them all moot.
    If ICANN got off it's ass and approved a few hundred new TLDs,
    then no one would care a whit about, alternic, or any of the others.

  • ICANN is definitely _not_ needed and I wouldn't be leaning to far out of the window as to say their money grubbing big business approach to the net is definitely not appreciated.

    I have a dns server that serves the .lan zone. This machine from where I'm posting this has the ip address and goes (and resolves!) by the name vmhost1.lan. And getting there wasn't all that hard. First I set up a zone file for .lan and then I told the dns server to relay anything it doesn't know about to a another dns server.

    _Anybody_ can put up an alternate root, though I guess it'll be illegal soon because it could potentially wreck someone's business plan and prevent a couple of really obscenely rich people from becoming insanely rich at the expense and well-being of as ICANN puts it, that "broader community"...
  • As much I believe that we should be able to whip out a .xxx or a .biz or whatever the people and the market want, it simply will not work. is trying to peer up with ISPs to get them to modify their hints file or named.conf to alow resolution of all the pseudo TLDS's. Great. So only the peple who use or have dl their nifty patch can see these sites? What if I set up a similar system here in Canada? Then when my swell Windows 9x box looks up, where will it take you? To the UK site, or to Hmmm? It will depend on the order of your search domains. If is first on the list to check unqualified names, I get the UK site. If not, I get the Canadian site. For those of you who think that DNS is broken now, just wait. You and I will be looking up the same "name" and possible get totally different sites, depending on our ISP or what region we are in.

    The only way I can see around this is to get a really short domain containing only ONE letter. For example, Very 21st century. Then, as the holder of that domain, allow others to use * or * is better than, as using is much easier to imprint in the brain for that average user.

    I know that is trying to do this, but in order for this to succeed, you basically need to be a carrier or in the postion to meter out the bandwith to major ISP's, and coerce them into modifying their name resolution. Asking or setting up an alliance wont cut it. You need to be the big dog who calls the shots. Not likely gonna happen with a start-up during the dot-com-crunch.

  • But then who "agrees" on the existing conventions? What happens when you wind up with multiple roots serving the same TLD with different information? Unless you administer your own name servers you're at the mercy of your dns provider's choice of root servers. And with the current trend towards conglomeration in the ISP industry most users of the Internet will find that the "choices" proponents of multiple roots crow about have disappeared--do you think MSN (for instance) would carry the .microsoftsucks TLD?
  • Yes, I can, and you can...and so can most everyone reading this discussion. But can your parents? Or your grandparents? Or your neighbor Bob? Do they even know what DNS is? Probably not. Which means they'll use whatever settings get pushed down to them from their provider and never be the wiser. Andrew
  • try and take it. It's behind a NAT barrier, so you can't see it anyway.
  • go read the dns FAQ; it's as easy as adminning any other domain. I did it for the .local domain so my boxes behind the firewall had DNS.
  • I agree . You need a starting point or it's just an endless loop. Without these standards that work very very well, you have chaos.

    It's easy to bash the standards but you better know what ur doing before you start creating endless loops of .whatevers!

    M$ tried this overthrow of DNS called WINS (hahah we all love wins don't we... NOT). Talk about corrupt databases.

  • Mail won't work without MX records.
  • Even if there were a whole bunch of new TLDs, how would they be accessed by the average internet user? They average user depends on her ISP for DNS service, and that ISP would have to set up their DNS servers to know about the new TLD servers or so other global authority that knew about them. So no matter how many new ones there are, if ISPs aren't using these ad hoc root servers they are really pointless beyond a small club of hackers. When it comes down to it, you can't get around hard coding somebody's IP or other identifier in any naming system that will scale well to the internet. Whoever's IP is the one that gets hardcoded automatically becomes the authority.
  • IP's can also be redirected and rerouted. Devices for redirecting and distributing load based on domain names can just as easily be built to use the IP's to accomplish the same thing. True many systems currently depend on it, but things can change... As long as the tech community allows for the growing intrusion into network space by self appointed governing agencies (which many times does not understand what they are dealing with) we are going to see problems.
  • Not a bad plan, till I come around and trademark your TPMNKT and go whining to ICANN.... IE the problem with the current system. To keep domain names for the layman, I really don't see a good solution... too many lawyers and non technical folks are now involved... Let's just all go back to BBS's ;0) I know you want to hit my site, otherwise you wouldn't have called my number (Ok... the last section is a BIT sarcastic)
  • Dyson again: this time for democracy - political parties for ICANN. "Can a global civil society emerge for the net?" Or did slashdot get there first? *snick-snick-snicker* s.asp?CatID=12&DocID=482 []
  • Congratulations you have just invented, get this, a single root. I mentioned this in my post.

    TLD's are NOT roots. They are top level domains. One stop down from the root.

    How are you going to get everyone to agree on who should be the TLD servers? You can setup any organization you want. Somehow they'll have to agree, perhaps by voting. Guess what, you've just invented equivalent of ICANN.

  • Is OpenNIC's method fair? How did they get to be the defined operator? Didn't they just show up and say they were doing it? Isn't this the same complaint you're making about ICANN?

    How do you know the ballot boxes weren't stuffed? When do we change Atlantic's rullership of .net? What do we do when it changes?

    You're inventing the same mechanisms and just putting different names on it.

  • Don't you people understand why a single root IS required?

    Let's make this clear. Right now there is one root. It means there's one name space. If I look up, I'm sure I get this site. Now, lets say there are other root servers that some "new" organization runs. What happens when this new organization puts in an entry for that points somewhere else?

    The answer is that you no longer have any faith that any address you use is going to work for yourself. Even if it works for you, if you give an address to someone else you don't know what root server they're using and whether or not it works. Your email address becomes useless, because you can't be sure it actually works for any other user. You can also get into all the criminal activity if users connect to fake sites.

    Before someone makes the argument, that the various root servers will just "agree" on how they share the name space, that ends up being the same as having a single root! The "agreement" just happens in the single version of the root server data file.

    So, the fact is, that a single consistant root really is needed unless you want to go back to IP addresses for everything.

    Now, I do agree that ICANN should be moving faster in granting new domains. They've had a hard time creating policies, and frankly creating policies that work for a VERY diverse group of people is extremely tough. But people should try to understand the TECHNICAL issues instead of just bashing on ICANN as a new form of government.

  • ICANN needs a single root so that they can continue to collect such fees as they choose. E.g., the fee to reserve the next right to a URL, once the current owner allows it to lapse.

    I accept that the structure that you are proposing might require a single root. That's a good argument for modifying it, not a good argument for using it.

    I can't assure myself that I'm the only person using my name. It's unreasonable for a url user to assume, merely from the url that it's the same one. The solution is to cross-check this against another key, e.g., a pgp key. Then if multiple possible url's resolved, you could choose the one that matched the one that you had visited before. If you hadn't visited any of them, you could do a brief scan to select the one you meant, and register their key.

    This just a quick off - the - top - of - my - head approach. There are almost certainly more elegant ways. But centralized control is an inherently bad idea, and should (almost) always be designed around.

    Caution: Now approaching the (technological) singularity.
  • "you're at the mercy of your dns provider's choice of root servers."

    True, but you do have the choice of DNS providers, I've almost never used the one from my ISP, but rather the servers I keep alive at work. You can pick a name server and use it from anywhere in the world, regardless of what your ISP wants you to do.


  • I've build my own root.db [] for my DNS servers to feed off of. It's simple to do, even a Windows user like myself can deal with it. It's tempting to add my own domains, which I may do at some time in the future, but for now it was just to get some independence from ICANN.

    I've got the file saved as "rebeldb.root" in my c:\bind directory, and updated named.boot with the following info at the bottom...
    ; prime the DNS with root server 'hint'
    ;cache . db.cache
    cache . rebeldb.root

    So there it is, you too can declare independance from ICANN, and decide for yourself who you trust to be the authority for each domain. Let the vanity TLD games begin.

    I don't use Microsoft's DNS server, so your milage may vary, I suspect this should work with newer versions of BIND.

  • Don't you people understand why a single root IS required?

    A single namespace is required. Each root zone operator can decide what TLDs to publish delegations for. But ICANN confuses the namespace with their own version of the root zone file. So do you.

    What happens when this new organization puts in an entry for that points somewhere else?

    What happens when the sole root operator decides is subversive, and yanks the domain altogether?

    Now, I do agree that ICANN should be moving faster in granting new domains. They've had a hard time creating policies, and frankly creating policies that work for a VERY diverse group of people is extremely tough.

    But they are creating policies for moneyed interests, not a diverse group. The operators of the other roots are operating on behalf of a diverse group, precisely because they are themselves a diverse group.

    But people should try to understand the TECHNICAL issues instead of just bashing on ICANN as a new form of government.

    But they are trying to be a new form of government. They are trying to assert authority where none has been granted to them. Their charter calls for them to create technical policies aimed at maintaining internet stability. Yet they themselves loaded a colliding .biz TLD, which has now created a fractured namespace. They are responsible for introducing ambiguity, not Atlantic Root []. Their .biz has been in operation since before ICANN was chartered, and ICANN's board knew it when they approved the plan to usurp it.

    If ICANN is a governmental agency, then the previous registrants and registry under the pre-existing .biz are entitled to compensation under the doctrine of emminent domain. Yet nothing of the sort is forthcoming from ICANN. This is not governance, this is not stability, this is capricousness and tyranny.

    It may interest you to know that OpenNIC has recently called for a vote [] to determine which .biz to carry in the root zone they operate. Atlantic Root's .biz is winning by a wide margin. The same sort of deliberations are taking place in other root-zone-operating organizations.

  • Transparent caching proxies, such as most of the major ISPs use these days, are also a complication in this regard. If you are behind a caching proxy, and your proxy does not use OpenNIC DNS, then you will get a 404 from the proxy, regardless of what nameserver your computer uses. Of course, one could strip the HTTP host header, and the proxy would be forced to fall back to IP number, but that isn't a good solution, given how common name-based virtual hosting is these days.

    Anyway, some OpenNIC people have had problems with this. ISPs are usually totally uncoorperative. The only solution is usually to switch to a "mom-and-pop" local corner-store type ISP. Hey, they almost always have better service, anyway.

    Claim your namespace.

  • The following policy was released by ICANN today (9th July), reiterating their commitment to 'A Unique, Authoritive Root for the DNS'.

    Uh, shouldn't that be their commitment to 'ICANN as the Unique, Authoritative Root for the DNS'?

    Funny how that works. Ask the authorities, and the authorities will tell you, "Of course we should be the authorities!" No bias there, eh?

  • Well, OpenNIC peers the original .biz (which is run by Atlantic Root Network) from the pacific Root. It's not an internal TLD for us.

    The vote on whether to accept ICANN's new .biz is running on our members' Forum right now and it does look like the original will win out in our root.

    Thanks to ICANN, their great fear of fracturing the namespace is to come about due to their own actions. There's nothing like consistency, is there?

  • The Internet was pretty well served by the Internet Society, and the engineering details by the Internet Engineering Task Force. Why did the United States government decide THEY had to pick an agency, when the Internet Society is the place that represents ALL the people?

    That, of course, meant that the Internet Name Task Force (INTF) (to pick a name) would not be beholden to US trademark law...

  • Yeah, but is killing themselves. A program I installed (bearshare, a gnutella interface) shoved it around the back, I didn't notice. My DNS queries were ALL screwed up, servers wouldn't resolve at random, it kept giving me DNS errors. Then I tried to uninstall it. Big mistake. TCP became nonfunctional.
  • Even more funny excerpts:

    Traditionally, the responsibility for performing the central coordinating functions of the global Internet for the public good, including management of the unique public DNS root, has been carried out by the Internet Assigned Numbers Authority (the IANA). ICANN's core mission is to continue the work of the IANA in a more formalized and globally representative framework, to ensure the views of all the Internet's stakeholders are taken into account in carrying out this public trust.

    And by "stakeholders" we mean those who have the biggest pieces and the most cash.
  • From the ICANN page: The DNS was originally deployed in the mid-1980s as an improved means of mapping easy-to-remember names (e.g., "") to the IP addresses (e.g., "") by which packets are routed on the Internet.

    Oh, you mean like this:




  • IPs don't have the same functionality that domain names do. Instead of IP addresses, we could use secure hashes of public keys (like a P.G.P. finger print) and IPs which are signed by the public key. Since it's cryptographically hard to forge, no one would have to trust anybody.

    These would be hard for a human to remember, (20-30 random characters) but they have the other advantages of DNS, and a few extra;

    They are guaranteed to be unique,

    A single computer (IP address) can support multiple names
    - and -

    Hi-jacking a domain is nearly impossible,

    Anyone who wanted to could become a listing service (competition)

    They can be cached essentially forever

  • It sounds like they're cringing in response to the NewDotNet trojan DLL [] that's altering peoples' DNS configurations to use's proprietary TLD extensions (.shop, .mp3, .family, etc.), which are then sold off to unsuspecting registrants [more on this below]. What worries me about some of these new registrars is they seem to be intentionally stepping into namespaces already in use by older new registrars (Alternic, OpenNIC...). As if there aren't enough domain-name lawsuits already, what happens when the SAME domain name can be owned by several people at once, and typing the domain name brings you to a different site depending on your ISP or what dodgy shareware you've installed?

    On a personal note, I just got an email yesterday from someone trying (unsuccessfully) to get a refund from this 'bogus name registrar' ( because they did not adequately disclose that their domain names are currently invalid on most systems, and apt to stay that way, or that they are selling off names that may be *already taken* by other sites on other DNSes. (Also, in part, because the trojan causes one of her favourite internet programs to pagefault on startup, but that's a separate rant.) Personally, I think they should submit a refund to ALL of their customers.

    To top it all, this unhappy customer informs me that they are charging $50 USD for 2 years. An utter rip, IMHO, considering their domain-names aren't valid on systems that don't have their Trojan horse installed and aren't on one of their bed-partner ISPs. (For reference, I paid $35 to register my *real* domain [] for 2 years, and have the guarantee that it will be valid on *any* system running *any* internet-ready operating system, and won't display a porn site to Earthlink/Juno/NetZero customers.)


  • by Masem ( 1171 ) on Tuesday July 10, 2001 @09:18AM (#94147)
    More likely, they're trying to fend off the problem that .biz is already in active use by an alternive system (I think opennic), particularlly now that ICANN's version of .biz is now open to registeration. (None of NewNet's names conflict with ICANN's system, though it includes ones that were considered buy ignored). If an ISP is using Opennic's as well as ICANN's root servers, what happens when a .biz address is requested? ICANN has a reasonable question in terms of that situation, but only because they let that situation happen (they were fully aware of the alternate .biz domain when they approved it).

  • by unitron ( 5733 ) on Tuesday July 10, 2001 @08:50AM (#94148) Homepage Journal
    The public thinks that they, the public, should control and direct the internet and how it is run.

    Yeah, that'll work.

  • by ka9dgx ( 72702 ) on Tuesday July 10, 2001 @09:33AM (#94149) Homepage Journal
    A single root for the entire Domain Name Space is NOT required. It is only required for each TLD. If I want to get uniform handling of .COM, .NET, etc.. I just have to respect the conventions that have been agreed on so far by telling my DNS serves to use the existing root servers, for those TLDs. This is consistent with existing TLDs and doesn't break anything.

    When I want to support a new TLD such as .BIZ, or whatever, and I don't agree with ICANN, I just update my root.db [] to reflect my own choice for that TLD, which does break things, but only for that TLD.

    So, you can have your cake (interoperable .COM, etc) and choose your own icing (.BIZ, etc) instead of letting ICANN tell you what to do.


  • by Chagrin ( 128939 ) on Tuesday July 10, 2001 @08:33AM (#94150) Homepage [] is currently selling domains under a wide array of TLDs (like ".xxx", ".shop", or ".mp3" etc.). They suggest to ISPs to add additional entries to their named.conf, of course, but for end users you can change your "search" in your resolv.conf and add domains like "www.guitar.mp3" will resolve correctly under "".
  • by Garry Anderson ( 194949 ) on Tuesday July 10, 2001 @10:59AM (#94151) Homepage
    Most of the current problems are due to the authorities perverted and twisted sense of protectionism towards big business trademarks.

    What makes it bad - they know how solve this trademark and domain name problem.

    The solution has been ratified by honest attorneys - even the honourable G. Gervaise Davis III, United Nations World Intellectual Property Organization panellist judge.

    There is only one conclusion that could be drawn, for it not being used.

    By not using solution, trademarks have priority, this stops free speech.

    Fact: domain names were not designed to be trademarks - ask Paul Mockapetris, creator of Domain Name System. He was asked, "What do you wish you had invented?" - His reply, "A directory system for the Internet that wouldn't be controlled by the politicians, lawyers and bureaucrats."

    Nor can they be used as such - reason: Most trademarks share same or similar name with many others e.g. Caterpillar tractors claimed 'cat' is 'their' trademark on the Internet - even though there are 1746 'cat' trademarks - IN THE U.S. ALONE. Conflict is IMPOSSIBLE to avoid.

    They ALL legally have to protect their 'cat' trademark. For only one business to use, gives it dominant position over all the others. This is against 'unfair competition' laws.

    What about free speech rights? The 'cat' was on this earth long before these tractors.

    I thought the US Government were pretty hot on that - something you call the First Amendment, I believe.

    The only logical conclussion that I can come to is - they want it that way. Amongst many other things, the legal profession get rich and corporations can abuse their trademark powers.

    Please visit [] - for the easy solution. comments to World Intellectual Property Organization [] .
  • by Zeinfeld ( 263942 ) on Tuesday July 10, 2001 @12:09PM (#94153) Homepage
    First off, those bashing on ICANN need to understand that are not in the business of live and let live. What they really want to happen is for ICANN to include their TLDs into the ICANN managed root.

    Do we want to be the sole registrar for 30 pretty desirable TLDs just because they have a lot of venture capital from Idealab! to spend?

    What ICANN is doing is stating up front that they are not going to recognise this type of tactic as legitimate.

    People have always been able to set up their own roots, I do it myself on my home machine where I root the .test TLD for systems I don't want to register in the external Internet space.

    Setting up your own TLD is a bit like setting up your own internal telephone area codes however. It is not a good thing if there are two competing companies handing out 1-800 numbers.

    This leads to an important security issue, multiple DNS roots leaves companies open to the risk of having their DNS names hijacked. If I buy the name from the ICANN appointed registrar some smart alex could register at and steal some of my trafic.

    In the worst case there is no authoratative root and the site a domain name will resolve to will differ randomly depending on the ISP you select. To be frank the people who claim this is a good idea either have no idea what they are talking about or are paid shills of some alternate registrar looking to muscle in and make some quick cash.

    If DNS addresses or IP addresses cease to have the uniqueness properties relied upon in the IP protocol then we no longer have an Internet, all we have is a patchwork of partially interoperable networks.

  • by President of The US ( 443103 ) on Tuesday July 10, 2001 @08:43AM (#94154) Homepage
    Why do they need to vigorously defend their position in a community that gets to choose who they point their DNS servers at?

    Their policy seems to be "We're not the only game in town, but we should be." Competition is one of the best principles of a free economy/society. Their position that "competition causes instability" is far stupider than any FUD Microsoft or any other monopolist would come up with. Think of it - "windows should be the only desktop OS because it would cause instability to have incompatible OS's proliferating among PC users". How fast would the anti-trust lawyers be on that?

    Their argument is weak. If they could force admins to point their DNS at them or shut down "rogue" DNS for .com/.net/.org/.whatever else they decide to sell, they would. The fact that they cannot, that there is freedom to operate a whole new .com root DNS outside of their control, that anyone who does not feel that ICANN is playing fair can use that DNS -- this is the dangerous "instability" that they speak of. Democracy is chaotic; tyranny is usually more ordered.
  • by Greyfox ( 87712 ) on Tuesday July 10, 2001 @08:26AM (#94155) Homepage Journal
    The ICANN just happens to be the biggest faction at the moment, but there's no reason you couldn't set up some root servers. It's easy to do. For that matter, you don't even really have to stick with the DNS protocol. You could hack gethostbyname et al and set them up to use LDAP or whatever you want to use. They have no enforcement power or any real authority except over their computers.

    I'd like to see a distributed DNS system based on cryptographically signed keys. Hmm. I'll have to think about how one would implement one of those...

  • by Inti ( 99884 ) on Tuesday July 10, 2001 @09:02AM (#94156) Homepage
    Here's one from the NYT article:

    • "I've found people want democracy, but they're often unwilling to do the work, whether it's looking at voting records or taking the most basic measures to protect their own privacy," said Ms. Dyson, who serves on a committee that is trying to increase public representation in Icann. "Frankly sometimes you don't need democracy, you need a market where people understand what's being offered and choose what they want."
    Esther Dyson, though no longer Chair of the ICANN board, sums up ICANN's approach to namespace governance. God, these people make me crazy. If you think that the namespace should, in fact, be accountable to its users, and not ruled by fiat, then start using an alternate root now. I recommend the OpenNIC [].

    Claim your namespace.

  • by jeffy124 ( 453342 ) on Tuesday July 10, 2001 @08:50AM (#94157) Homepage Journal
    ICANN is trying to protect themselves from services such as []. provides the ability to register domains under TLDs like .free, .games, and many others that ICANN has either rejected or taking their sweet time with. They provide a browser plugin for when people try to surf those sites so that their DNS servers are used as opposed to normal ones. Even without the plugin, you can still access those sites by appending to the address:

    ICANN is trying to block and fight back at these types of services and re-establish themselves as the organization in charge of TLDs.

  • by zpengo ( 99887 ) on Tuesday July 10, 2001 @08:26AM (#94158) Homepage
    Here are some funny excerpts from the report:
    • ICANN was subsequently selected by the United States Government from among several proposals submitted precisely because it was open, consensus-based, and rooted in the Internet community. (Consensus my left butt cheek)
    • This commitment to a unique and authoritative root is a key part of the broader public trust - to carry out the Internet's central coordination functions for the public good - that is ICANN's reason for existence. (Is this a technological organization or a religious movement?)
    • "As Internet names increasingly have commercial value, the decision to add new top-level domains cannot be made on an ad hoc basis by entities or individuals that are not formally accountable to the Internet community." (Now, if only we could get ICANN to be accountable to the Internet community...)
    • The success of the Internet and the guarantee of Internet stability rest on the cooperative activities of thousands, even millions, of people and institutions collaborating worldwide towards a common end. (...yet ICANN holds all the cards).
    • ICANN - in deference to its public trust - will continue to collaborate with these citizens of the Internet community to advance the notions of a unique root system as a prerequisite to Internet stability, and to ensure that community-based policies take precedence. (Translation: We only give TLDs to the highest bidder; Anything else would cause instability.)
  • by spellcheckur ( 253528 ) on Tuesday July 10, 2001 @08:25AM (#94159)
    From the article:
    These decisions of the alternate-root operators have been made without any apparent regard for the fundamental public-interest concern of Internet stability.

    ICANN has the best interests of the public in mind?
    Next you'll be telling me the RIAA has the best interests of the artists in mind.

Neutrinos have bad breadth.