The U.S. Is About To Relinquish Control of the Internet's Address Book. That's a Big Deal.

by Paul Rosenzweig | March 15, 2014

photo credit: AFP/Getty Images

It is almost axiomatic in Washington, that the bureaucracy buries news of which it is not proud with a release late in the day on a Friday afternoon. Though it is a bit harsh to say so, one suspects that the Department of Commerce felt that way about its announcement yesterday that the United States would relinquish part of its controlling role in managing the Internet Domain Name System (DNS). In effect, the last remaining legal vestige of American control of the network will vanish next year. Our stewardship of the network will transition to an international non-profit that may, or may not, have the capabilities required. That’s a big deal. To understand why requires a bit of explanation.

The DNS is, in effect, the address book of the internet. Someone, in the end, has to decide that “microsoft.com” means the big computer software company in Washington. And someone has to decide that in addition to dot-com addresses we will now start recognizing dot.bank and dot.xxx and dot.home as valid global top level domains (gTLDs). We call this role the Internet Assigned Numbers Authority (IANA)—that is the right and responsibility to assign names among the domains.

Historically, since the original architecture of the network was developed in the United States, that responsibility was originally given to American institutions—indeed, initially, it was the US government itself. Since the 1990s however, the US government has offloaded much of that responsibility to a third party—it has contracted out the IANA function to a non-profit group, the Internet Corporation for Assigned Names and Numbers (ICANN). 

ICANN is an American non-profit corporation with headquarters in Southern California. It was, to summarize and simplify, created for the purpose of being able to contract to run the IANA function. And so for roughly the last 25 years ICANN has entered into a contract with the National Telecommunications and Information Administration (NTIA), a component of the Department of Commerce, to manage the IANA function.

The contract was last let out for bid in 2011, and is due to expire in 2015. (I should add that “let out for bid” is a bit of a misnomer, since the way that the request for proposal was written only one entity, ICANN, could possibly have won the contract.) Boiled down to its simplest form, the announcement yesterday was a statement by NTIA that it was not going to enter into another contract—that, instead, it would let ICANN have the responsibility of running the IANA function on its own. The only condition that NTIA set for the transition was that ICANN develop an internal mechanism for oversight and win the trust of crucial stakeholders around the world.

There is one further piece to the puzzle that one needs to understand about the architecture of the administration of the DNS system and the IANA function. Though ICANN manages the IANA function under contract to NTIA, it does not actually do the work of implementing changes to the DNS when they are made. That technical work is managed under a cooperative agreement between the NTIA and Verisign, the American company that also manages the dot-com domain (under a separate arrangement with ICANN). Verisign maintains the root zone (that is the core list of the gTLD domains and their operators), for free as a service to the internet and the world. So, today, when ICANN decides to make a change in the DNS system, the ultimate responsibility for implementing that change lies with Verisign. (Full disclosure:  I have done consulting work for Verisign—though not with respect to its root zone maintenance function.)

In other words, today there are three parties who work cooperatively to keeping the web address DNS system running: ICANN, NTIA and Verisign (the Root Zone Maintainer). Here is how the NTIA describes the workings:

(1) TLD operators submit change requests to the IANA Functions Operator [i.e. ICANN]; (2) the IANA Functions Operator processes the request and conducts due diligence in verifying the request; (3) the IANA Functions Operator sends a recommendation regarding the request to the Administrator [of NTIA] for verification/authorization; (4) the Administrator verifies that the IANA Functions Operator has followed its agreed upon verification/processing policies and procedures; (5) the Administrator authorizes the Root Zone Maintainer [i.e. Verisign] to make the change; (6) the Root Zone Maintainer edits and generates the updated root zone file; and (7) the Root Zone Maintainer distributes the updated root zone file to the thirteen (13) root server operators

So, now you can see why this change is a big deal. Today, by contract, the NTIA has a verification and authorization role over how ICANN performs its functions. In other words, in the end, any changes that ICANN wants to make are subject to review by the US government. After the policy that was announced on Friday takes effect, the US government will give up that role. And according to the NTIA, this will likely mean that Verisign’s role will have to be modified, as well, if not completely transitioned to another root zone manager.

So what are we to make of this transition. Herewith a few thoughts:

For me, the bottom line seems relatively clear—despite the strum und drang of recent weeks, the United States has been a fundamentally good steward of the network. It has fostered innovation, openness, freedom and growth. Not perfectly to be sure and not always without a healthy dollop of self-interest, but at its core the US management of the network has been more benign than venal, with the result that we have today a vibrant network with more good than bad in it.

The transition to ICANN management may well upset that happy vision. While I am more optimistic about ICANN than I might be about the ITU as a new steward, the capabilities and political strength of the institution are unproven and remain a question mark. If, as the Chinese proverb goes, it is a curse to live in “interesting” times, I fear we may be facing several years of living dangerously.

This essay was cross-posted at Lawfare.

Source URL: http://www.newrepublic.com//article/117037/us-gives-iana-and-dns-control-icann