By Karl Auerbach
I have had time to dig deeper into ICANN's so-called Strategic
Plan. (See First thoughts on ICANN's so-called "Plan"
and Vodoo Economics a la ICANN)
Like ICANN's former CRADA
Report this "Strategic Plan" is buzzword-full but content-empty.
If we look into section 1 we find the following:
Section 1a.i: We see that ICANN is doing nothing more than planning to adopt
better paper-pushing procedures to better serve the IETF when the IETF needs a
Section 1a.ii: It is good that ICANN is thinking about cooperating in the
construction of a DNS test bed. Some of us have been doing this kind of
testing for years on our own dime and have been suggesting to ICANN that this
would be a good thing to have. It is only this week that on the NANOG
mailing list there has been a discussion of measurements being made privately
about the question of routing jitter with regard to anycast roots.
Unfortunately ICANN intends merely to "cooperate" - ICANN is not
actually stating an intention to do anything more. ICANN is not committing
to provide staffing, space, or funding for this. As usual, ICANN is making
a promise to do nothing.
Also in Section 1a.ii we see that ICANN is planning on moving the L root
server - again. The first move was described in the CRADA
report nearly two years ago and, from my conversations with ICANN, was an
expensive move that was fully intended to resolve all the issues that are
apparently going to be re-solved. The term "Brownian
motion" - motion for motion's sake - seems appropriate.
In Section 1a.iii ICANN promises to do more reporting. Given that ICANN
has virtually no existing history of doing reporting - Where,
for example, is the report on this summer's outage of .org? - any
reporting would be an improvement over the status quo. However, the
reporting that is enumerated by this section is nothing more than reports about
business related activities rather than the kind of operational information that
we need to evaluate how well the internet DNS and IP address systems allocation
systems are running and how well ICANN is protecting us against technical
instability in those systems.
In section 1a.iv ICANN promises to work harder to maintain the root zone
file. That's nice. That file has a rate of change on the order of
one item changed per day, and that is mainly changes in the NS records for ccTLD
name servers. Verisign has been doing this job for years with only a few
(and now quite ancient) problems - ICANN is making a big deal about an issue
that has already been solved.
Section 1a.v contains a bold bit of claim jumping. In that section
ICANN asserts that the L root server was "entrusted to ICANN".
That is not true. The internet community has never "entrusted ICANN"
with the operation of the L root server. The truth is that the L root
server was entrusted to IANA, not to ICANN. ICANN
operates the L root server only through ICANN's undertaking of the IANA function
under a purchase order from the US National Atmospheric and Oceanic
Administration. Should ICANN relinquish or lose the IANA function (for
example if the IETF transfers that function as part of the IETF's presently
ongoing re-organization, then ICANN would have to say "bye bye" to the
L root server.
Section 1a.v makes no service level commitments - so just like every other
root server operator, ICANN (channeling for IANA) is unwilling to make any
concrete service level promises to the internet community. The most that
ICANN-as-IANA promises is to build what amounts to a routinely hardened facility
and to chat it up with people in ICANN sponsored committees. ICANN needs
to give enforceable, specific, and verifiable promises about server
availability, responsively, and accuracy. In addition, ICANN/IANA needs to
demonstrate a viable, and practiced, suite of disaster contingency plans and
demonstrate that it has the human and fiscal resources to draw upon should the
Section 1b, beginning on page 32, is similarly full of sound and fury that,
in the end, signifies nothing.
Section 1b.i is a laugh. ICANN has from the beginning promised to do
these things yet it has never done so except twice. The first was with
regard to internationalized domain names. The second was in response to
Versign's "Sitefinder". In every other instance, ICANN has
passively watched as other actors make decisions. For example, ICANN
allowed the removal of IPv4 information from the root zone, an action that
weakens the resilience of DNS during times of stress, without as much as a chirp
of concern or even the ability to articulate reasons for its non-concern.
Section 1b.ii is simply a claim to a more expansive role for ICANN. We
have plenty of groups already working on internet security. Even if ICANN
could be a contender in this area it would be simply one more Johhny Come
Lately. But ICANN has demonstrated an amazing incompetence in this
area. For example ICANN has long known that data escrow would help DNS
registrars recover from disasters. Yet ICANN has never bothered to require
that registrars engage in good information protection practices. Given
ICANN's general technical incapacities it would not be wise to allow ICANN to
expand into yet another realm. In addition, one has to ask where is the
community concensus that drove ICANN to put this idea into its "Strategic
Section 1b.iii is a subtle misrepresentation - ICANN counts even vacuous
"understandings" to be counted as firm "agreements".
If one actually examines ICANN's existing or proposed "understandings"
with root server operators and address registries one sees that they are
documents that contain no binding obligations on either side. These
understandings are more akin to papers describing a divorce than ones describing
a partnership. The community of internet users is looking to ICANN for
protection against network instability; yet ICANN has, through these
understandings, abandoned any role of oversight.
Section 1b.iii also overstates the rate in which even these empty
understandings are being entered into. One would think from the language
of ICANN's plan that ccTLDs are anxiously queuing up in long lines to sign
ICANN's "pay and obey" ccTLD agreements. In truth they are not -
the rate of ccTLD agreements has been very slow and there is no sign that ICANN
has done more than sign up the easy ccTLD pickings. Not even ICANN's home
country, and the country of its founding governmental agency, has bothered to
sign ICANN's ccTLD agreement.
As for the Strategic Plan's section 2 - "Competition and Choice" -
all I can say is this: Why should ICANN even be engaged in what amounts to
legislative activities that regulate business practices, determine property
rights, impose judicial mechanisms, and select who among competitors can enter a
There are two kinds of words - there are words that simply consume ink and
occupy space. And there are words that communicate concrete ideas,
intentions, and promises. With regard to ICANN's principal role as
protector of internet stability ICANN has filled its so-called "Strategic
Plan" with the first kind of words. There is nothing in this plan
that says anything that goes beyond vague promises and platitudes. And to
make it more unappetizing, the words that are used are the same tired words and
empty phrases that ICANN has been pawning off ever since its inception.
There is one thing that can be said on a positive note: ICANN certainly put a
lot of work into creating a pretty document.