Foreign Affairs on Internet Governance

| Comments (3) | TrackBacks (6) |
Kenneth Neil Cukier has an article in the Nov/Dec issue of Foreign Affairs about control of the Internet. Unfortunately, while the broad message (the EU and China want to take control away from ICANN) is right, it's full of errors, which in many cases are seriously misleading. Here's what I've noticed so far:

Any network requires some centralized control in order to function. The global phone system, for example, is administered by the world's oldest international treaty organization, the International Telecommunication Union, founded in 1865 and now a part of the UN family. The Internet is different. It is coordinated by a private-sector nonprofit organization called the Internet Corporation for Assigned Names and Numbers (ICANN), which was set up by the United States in 1998 to take over the activities performed for 30 years, amazingly, by a single ponytailed professor in California.


One of the most cherished myths of cyberspace is that the Internet is totally decentralized and inherently uncontrollable. Like all myths, this one is based on a bit of truth and a heavy dose of wishful thinking. It is true that compared with the century-old telephone system, the Internet is a paragon of deregulation and decentralization. In four critical areas, however, it requires oversight and coordination in order to operate smoothly. Together, these areas constitute the "domain name system" of addresses, with which users navigate the Internet and send e-mail.

The four areas Cukier is talking about are (1) domain names (2) IP addresses (3) root servers, and (4) standards. First of all, only domain names and root servers are part of the "domain name system". Second, ICANN's control of the DNS really devolves to their control (partly by contract and partly by moral suasion) of the roots. Third, you might get the impression from this that ICANN controls IP addresses and standards, which is only sort of true. ICANN does have the contract to do IP address allocation, but they do so under the direction of the IETF and as documented in RFC 2050. And of course, ICANN doesn't control standards at all. They're made by IETF and to a lesser degree W3C and a host of other standards organizations.

Third are what are called root servers. Some form of control is needed in the actual machines that make the domain name system work. When users visit Web sites or send e-mail, big computers known as root servers match the domain names with their corresponding Internet Protocol numbers in a matter of milliseconds. The database is the world's most important Rolodex. Yet due to a technical hiccup that occurred when the network was young, there can be only 13 root servers, some of which provide data to mirror sites around the world. As a result, somebody must decide who will operate the root servers and where those operators will be based. Because the system evolved informally, the root servers' administrators are diverse, including NASA, a Dutch nonprofit organization, universities, the U.S. military, and private companies. Today, all told, ten root servers are operated from the United States and one each from Amsterdam, Stockholm, and Tokyo.

This paragraph is really confusing because it gives you the impression that DNS service is somehow basically centralized and that somehow the root servers know the address of e.g., But as I've written before, this isn't how things work. DNS is a distributed system. The root servers just delegate to the TLDs (.com, .net, etc.) (This database is actually quite small). The actual resolution of the next level of domains is done by entirely different servers.

By the way, the 13 root servers thing is kind of interesting. When you contact the root servers, the response contains NS records and A records telling you which name servers are authoritative for the root zone (.). The maximum guaranteed size of a UDP datagram (without fragmentation) is 512 bytes, which is just large enough to fit 13 results. This limits the number of root nameservers to 13, though many of them are anycast.

Until 1998, the Internet was overseen almost exclusively by one man: Jon Postel, a computer science professor at the University of Southern California. As a graduate student in the 1960s, he was among the handful of engineers who built the Internet. For the next 30 years, he managed it on behalf of the Department of Defense's Advanced Research Projects Agency, which funded the Internet's initial development.

This bit about Postel running the Internet is oft-repeated but basically a serious overstatement. It's true that Postel did a lot of important stuff: In particular running IANA and the RFC Editor, but many of these tasks were fundamentally administrative and done under direction of the IETF. In particular, Postel certainly never wrote all the Internet technical standards himself, though he did have a hand in some of the key ones. Postel did have a pretty free hand with name assignment (again, of the TLDs) but even then, his control was pretty limited. When Postel tried to move the root, the Clinton administration came down on him pretty hard and he had to back down. It's important to remember that Postel's control depended in large part on the cooperation of others who respected his judgement. People didn't have to do what he said, but they did in many cases because they trusted him.

ICANN's private-sector status, moreover, has helped keep the Internet free from political interference. When in 2002 members of the Federal Communications Commission were asked by their counterparts at China's Ministry of Information Industry why Taiwan had been allocated its own two-letter domain (".tw"), the commissioners could pass the buck to ICANN and breathe a sigh of relief.

Actually ICANN didn't have discretion about whether to allocate .tw either. RFC 1591 (another IETF document, of course) defines the criteria for allocation of ccTLDs and ties them closely to ISO 3166. ISO 3166 defines .tw and so ICANN allocated it.

Watching the United States go to war in Iraq despite global opposition, these diplomats saw ICANN as yet another example of American unilateralism. What would prevent Washington, they argued, from one day choosing, say, to knock Iran off the Internet by simply deleting its two-letter moniker, ".ir," from the domain name system?

I hear this stuff a lot, but realistically I don't believe that it's going to happen, because the root server operators would revolt and if they didn't the big network operators would arrange to replace them because disrupting the network is bad for business.

At the end of the day, what's wrong with this article--and most of the other coverage I read of the Internet governance issue is that it assumes that the Internet is basically a command and control system, and so whoever has nominal control has real control. The truth of the matter is that it's a collaborative effort and that common practice is more important than top-down direction, especially in the area of standards, which are almost entirely dependent on vendor and user deployment. Failure to realize this--and the bogus assumption that somebody has to be in charge--is what leads to absurdities like the notion that somehow Jon Postel controlled the entire Internet. Until people realize this, they'll be in the same position as Seabright's Communist official who asked who was in charge of the bread supply to London.

6 TrackBacks

Listed below are links to blogs that reference this entry: Foreign Affairs on Internet Governance.

TrackBack URL for this entry:

christmas tree from christmas tree on November 28, 2005 9:23 PM

christmas tree Read More

Small Cash Loans from Small Cash Loans on January 10, 2006 5:15 PM

American express cash advance micrometeoritic american express cash advance cash advance pro-Castro cash advance. Read More

valentines day ideas from valentines day ideas on January 11, 2006 1:06 AM

valentines day ideas Read More

Debt Consolidation California from Debt Consolidation California on January 11, 2006 6:30 AM

Debt management sweaty debt management debt consolidation albuquerque substitutionary debt consolidation albuquerque. Read More

reexamining?deliverance receive disconcertingly:Alva instance poker online Read More


It may not be that ICANN does all the things that are attributed to it in this article, but I do not doubt for a second that the intent of the takeover by the UN is to control all these things. If the UN/ITU gets control fo the Internet, it will be a short amount of time before they start asserting authority as the standards setting body. Afterall, they are already replicating a lot of the IDN work because they feel they know better.

What you say about standards--that they're "almost entirely dependent on vendor and user deployment"--applies equally to naming and root servers, and in a sense to addressing as well. The various Internet governance and standards bodies essentially offer their decisions as a service to the world, and the world accepts them because it's useful to have these decisions made in a centralized manner.

A corollary is that control of the vendors and (particularly) the users implies control of everything else. Suppose, for example, that the EU were to pass a law tomorrow dictating that after a certain transition period all governments, businesses and organizations within EU jurisdiction would be obliged to register exclusively with the EU's brand new Brussels-based root DNS servers, which by the way use the new EU-DNS protocol. Vendors would eventually figure out a way to make their products compatible with both EU-DNS and DNS, and the EU would effectively have wrested (at least partial) control of Internet naming from ICANN. In fact, if the system worked as well as or better than the current DNS, then the rest of the world might well decide to migrate to EU-DNS, and DNS might eventually be phased out. (Of course, the US could retaliate by requiring everyone under American jurisdiction to use DNS exclusively....) Similarly, if the EU were to take over DNS and run it into the ground, someone else would likely set up a superior DNS-like system, draw customers, and gradually take over control from "EUCANN".

In other words, although the whole structure may seem collaborative, it's actually much more market-driven. The "collaborative effort" that characterizes Internet governance is analogous to the "customer focus" of successful businesses--it's a way for these bodies to avoid irrelevance by finding out what uniform services and standards Internet users want, so that they can provide them. If it turns out the customers want something different from what ICANN, IANA, IETF, etc. provide, then they'll simply go elsewhere.


I think the reporting that the EU has pushed for control of ICANN is in error. The EU position at WSIS called for:

A) No net change in ICANN's authority.

B) Customer input into ICANN

C) Establishment of the end-to-end principle as the primary operating mode world-wide.

The United States should use this opportunity to help American business benefit from the world-wide adoption of the end-to-end principle. I will be happy to email you the official proceedings from WSIS if you have not reviewed them.

Leave a comment