Building a Wall Around IANA

Wednesday’s hearing of the Senate Judiciary Subcommittee on Oversight, Agency Action, Federal Rights and Federal Courts on the IANA transition was simply bizarre. For background, ICANN is the organization that makes policy for the Internet’s Domain Name System, and IANA is ICANN’s clerical function.

What are ICANN and IANA?

ICANN is a California corporation that convenes Internet stakeholders to make policy decisions about such things as whether there should be a top-level domain like .horse. If ICANN decides there should be a .horse, it then has to decide who should control registrations of second level domains such as ICANN does this by authorizing some organization to operate .horse, and then that organization gets to decide who has

ICANN supports itself by adding fees on all transactions that confer ownership of domain names. ICANN’s planned budget for the the 2017 fiscal year is $126M. Historically, ICANN revenues and expenditures have been around $100M, give or take a few million, and it employs some 350 people around the world.

The Commerce Department pays ICANN exactly nothing for running IANA. NTIA – part of the Commerce Department – simply issues no-fee contracts with ICANN periodically, specifying responsibilities and procedures and expressing high hopes for the future.

ICANN Does Two Things

Once ICANN decides there should be a .horse domain, it directs its IANA department to include the name .horse and all of its properties in the root zone file. This allows all of the DNS servers in the world to learn where to go for information about The zone file operation is a clerical function that ensures the Internet doesn’t have more than one owner of .horse. By controlling the root zone file, IANA makes the identity and network location of the party responsible for .horse available to the Internet.  IANA does not actually decide where is, it simply directs the Internet to the owner of .horse to get that information. It’s up to ICANN to determine who has .horse, and it’s up to IANA to publish that decision.

So in a very broad sense, ICANN does two different things: 1) ICANN makes domain name policy; and 2) through IANA, it performs clerical functions that make its policy visible to the Internet. IANA also assigns IP addresses to regional IP address registrars and keeps track of some protocol details. The Commerce Department contracts with ICANN for the IANA clerical function, but not for the policy function. IANA in turn contracts with Verisign for to make the root zone functional after ICANN decides what should be in it.

IANA doesn’t do much and plans have been in place for 20 years to transfer control over it to ICANN directly. All this does is relinquish some oversight on a relatively trivial department within ICANN that simply subcontracts its own work.

Senator Cruz is Mistaken about IANA

Senator Cruz and his Republican colleagues assert that ICANN can be made to comply with the policy wishes of the US by threatening it with the withdrawal of its no-fee IANA contract. This belief is wrong, if not completely delusional. IANA is simply a provider of information, much like Google or Bing but much, much smaller. It has no control over web site operators at all. ICANN tends to the part of the Internet that allows you to get to a web site, but it has no control over the fact that Facebook took down that picture you thought was so funny.

Facebook is registered in the .com domain, which in turn is run by Verisign under a contract it has with ICANN. Verisign also has a contract with ICANN to operate the root zone, which may be where the confusion comes in. Facebook could in principle be kicked around by ICANN, but only to the extent that ICANN’s membership and board approved. That’s not really very far.

Sen. Cruz et al. seem to believe that the Commerce Department’s NTIA can pressure Verisign to make Facebook behave by threatening to eliminate Verisign would presumably do this because it makes a lot of money operating .com as well as the root zone and doesn’t want this cash cow to go away. But .com and the root zone aren’t the same thing. Moreover, .com and the root zone simply don’t work the same way either technically or politically.

.com is owned by the US government and will continue as it always has. The current issue has to do with the root zone and only the root zone. Perhaps Sen. Cruz is confused by the fact that Verisign has its fingers in two different pies.

DNS is a Voluntary System

If the US government designated Bing to be the Internet’s search engine by issuing it a no-fee NTIA contract, Google would continue to dominate the Internet search business and the Bing contract would be worthless. The US could try to bar Google from operating web search, but only within US borders (and probably not even here because of the First Amendment.) In the rest of the world, people would carry on using Google or whatever local language search service appealed to them.

Similarly, if the US tries to impose its will on the global name and address system for the Internet, not much will happen outside our borders. Barring extraordinary statecraft such as bribes and extortion, the rest of the world will go its merry way.

At a purely technical level, Internet users obtain DNS functions from their ISPs, who are ultimately responsible for supplying those functions in a way that appeals to their customers. ISPs are controlled by local laws as well as by marketplace competition, and aren’t very fond of obeying the dictates of foreign politicians.

You Can’t Build a Wall Around DNS

The US has had no real control over the Internet as a whole since the Clinton Administration privatized it in the 1990s. Even before privatization, US control was limited to the parts of the Internet operated with government money such as NSFNet. Consequently, the US surrenders nothing but some cheap talking points by dropping the pretense that its no-fee contract with ICANN to operate the root zone has any real value.

ICANN will continue to control the root zone, the naming policy, the assignment of IP addresses, and the registry of protocol parameters because these things need to be done and nobody else can practically do them but ICANN. Very few people who work with ICANN are 100% pleased (or even 51% pleased) with its behavior. ICANN does bizarre things from time to time, and seems to require way too much money to operate. But these are ongoing issues that need to be addressed in the proper forum – ICANN – instead of in soundbite-riddled Congressional hearings.

The IANA Proposal Self-Destructs Upon Publication

Compared to the Cruz alternative that would make the root zone a political football controlled by the US Congress, the case for full independence of IANA from NTIA couldn’t be stronger.  The Cruz proposal to delay the transition of IANA from NTIA to ICANN control is effectively a plan for the US to withdraw from the global Internet into an AOL-style walled garden.

Building a wall in cyberspace between the US and the rest of the world – paid for by the foreigners – is the kind of policy that may appeal to a basket of deplorables, but it’s unsound at both a technical and a political level. The mere fact that the US Congress is considering this proves that governments should not be involved in the Internet in such a hands-on way. Congress simply lacks the understanding to pull something like this off and proved as much in today’s hearing.

And shame on the witnesses who tried to split the baby, arguing for a little transition but not too much. All you did was muddy the waters.