IP: Sept COOK Report: Internet Governance and IANA

[David Farber <farber () cis upenn edu>]

Date: Sun, 27 Jul 1997 11:16:25 -0400 (EDT)
From: Gordon Cook <cook () netaxs com>
To: farber () cis upenn edu
Subject: Sept COOK Report:  Internet Governance and IANA


Hello Dave, Would appreciate it if you would share with IP the following
Executive Summary of the 115,000 character long cover story from the just
published September 1997 COOK Report on Internet. I have largely trimmed
the content of two other interviews in this issue from this mailing to
you. I will be republishing under separate cover my last 6 months' worth
of Internet governance coverage in about a week.


INTERNET GOVERNANCE NOT SCALING WELL


IANA & IP NUMBER REGISTRY POLICY NEED FORMALIZING
NSF TELLS NSI NOT TO ENTER NEW TOP LEVEL DOMAINS


NSI Operational Failures & Direction of US Government Policy Could 
Give Impetus to Move of DNS Operations to Europe as Opening of 
ARIN is Held up by Delay in Getting Liability Insurance in Place
pp. 1 - 19


We have examined IANA and IP registry policy closely during the past
month. In a long four part article we look at registry policy and
coordination problems; at IANA authority, and finally at evolving U.S.
policy. What we have found is disappointing. These well-intentioned and
critical elements of Internet governance are scaling very poorly. Part I
surveys registry policy. Part II focuses on the issue of IANA authority
and how it is coping with the internet's having gone from a sleepy
academic and research communications network to a critical piece of the
world's communications infrastructure. Part III covers the launching of
the American Registry for Internet Numbers (ARIN). Part IV surveys
jockeying for position between IAHC and IANA on the one hand and the US
Government's on-going effort to shape DNS issues on the other. Not
surprisingly developments in each of these areas impact processes underway
in the other areas. The cooperative model that enabled the original growth
of the Internet has been fractured.


Consider Network Solutions' evaluation of the situation in which it finds
itself [from its July 3rd SEC filing] : "Continuing to achieve consensus
may become difficult or impossible and may become extremely time consuming
and costly. Achieving consensus may be made more difficult because of the
lack of leadership by any one entity. This lack of regulation creates
great uncertainty as to the legality of any action, making business
planning and operations difficult. Conversely, the lack of regulation
could theoretically result in individuals and entities taking harmful or
disruptive actions with respect to the Internet with impunity."


Part I: Registry Policy, pp. 2 - 7


We found that correct interpretation of RFC 2050 demands very careful
reading. RFC 2050 also does not inform its readers that policy among
registries differs significantly. For example, when an ISP joins RIPE it
receives a routable 19/. While there are reasons for this, no single
document exists that serves as a clear guidance mechanism to global
registry and IANA policy in an area that is increasingly contentious for
ISPs served by InterNic. Many of these ISPs wish to receive a globally
routable 19/ IP block direct from the Registry in order to be able to
multi-home effectively to two or more different upstream providers. But
many who want 19/s find themselves unable to meet the InterNic's
requirements in terms of total number of customers and allocation of their
existing IP space.


One of the critical reasons for the creation of ARIN is to move policy
making for the allocation of IP numbers from the very slow and laborious
IETF RFC best current practice track to a membership organization
responsive to the needs of its members. We present some highlights of
pagan and apnic list discussion from July. This discussion highlights the
reasons why multi-homed providers need provider independent 19/
allocations from InterNic/ARIN. It also contains suggestions for the
formulation of policy designed to deal with concerns about route flap,
routing table entries, and efficient use of IPv4 space. ARIN hopes to have
its first membership meeting in October. Its intent is to have member
driven policy before the end of this year.


Part II IANA Authority, pp. 7 - 13


Depending on which metaphor one prefers Jon Postel is either thought of by
Internet insiders as the Supreme Court, the FCC, or God. His decisions are
considered to be final and beyond the review of the Internet Architecture
Board and Internet Engineering Steering Group. They include final
decisions affecting all of DNS, all of IP, serving as secretary for all
Internet RFCs and making port assignments for various Internet protocols.


Jon is widely and we find deservedly respected and trusted. However, the
Internet has grown and changed so fast that the current environment has
outstripped his ability to function adequately. IANA, as now constituted,
is having difficulty dealing with an environment where attorneys appeal IP
allocation decisions directly to Jon and then, finding inconsistencies and
what may look, at first glance, to be loop holes in the allocation
process, threaten to sue him if he does not grant the allocation they
seek. Having been the recent target of one suit and, as far as we can
ascertain without serious legal liability insurance, he would be under
pressure just from the sheer numbers of issues that he is called to deal
with, even had the  atmosphere had not grown vastly more contentious as
well. It is folly to expect Jon to continue to operate as the sole world
authority in this area without putting a sound foundation of checks and
balances underneath him. The difficulty of Jon's position has been further
increased, by USC's unwillingness to provide him with any legal defense
for actions taken as IANA, even though, as a USC employee carrying out his
official duties, he'd normally be entitled as such.


Insiders are critical of aspects of his recent performance, yet they will
not say so in public. Consider some of the testimony given us by a recent
former member of the Internet Architecture Board. ExIAB: Jon honestly
believes he has the ability to make the right and ethical decisions on a
consistent basis. I have known him for a long time and know better than to
ever try to convince him differently.  We need his help and backing often
on many things, so every now and then we even tend to be a little extra
compliant. COOK Report: In the sense of propitiating the "gods"? ExIAB:
Yes. COOK Report: What we are most fearful of right now is that Jon Postel
may wind up moving too slowly to broaden and share his authority. IANA
institutionalization remains the achilles heel of the net. It needs to
happen rapidly. ExIAB: I agree.  What do you think would help
Postel/Whomever Else to make it happen better?  I think many feel that the
IANA institution needs to become broad-based.


We reviewed some of the recent IANA decisions that have been criticized:
The case of the 19/ allocation in March of this year, the @home
allocation, the Genuity board membership, and the Haiti TLD decision in
March of this year. In every case we found nothing serious for which Jon
can be blamed - except that, when operating with little support structure
and essentially alone in midst of turmoil and under great pressure, it is
very difficult to be always completely consistent.


Both @home and the March 97 19/ Geist allocation involve the not well
documented area of appeals. Even though Kim Hubbard says she has precisely
described the @home situation on network mailing list, her description is
not easily retrievable. The decision which given the identity of players
has taken on an undeserved life of its own was nothing more than @home
requesting a very large allocation from InterNic, being turned down, and
appealing to Jon,who, on the basis of information presented by them to
InterNic, said they qualified for a 14/ - period. We described March 97's
19/ appeal last month. 


Rodney Joffe, the CTO of Genuity, was kind enough to answer our questions
about Jon's involvement with Genuity. He explained that he prevailed on
Jon to join his Board after he sold Bechtel a 75% interest in Genuity. He
did so in order for Jon to make it very clear to Bechtel management the
kinds of behavior that were appropriate in order to be a good citizen
within the Internet community. He also stated that Jon said while he would
advise Bechtel about of some ways in which it could improve the Internet
community, he would never permit himself to be involved in advising
Bechtel how to improve its own interests.
 
Unfortunately, we did not recall, until we were going to press, that the
member of a Board of Directors of a corporation has a legal, fiduciary
responsibility to that corporation. Thus, contrary to Rodney's assertion
about Jon's insisting that his membership not benefit Genuity, it could be
said that, if Jon had information about an action that he would take as
IANA, and he did not disclose it to Genuity, he might be acting in
violation of his legal, fiduciary responsibility to Genuity. If Jon served
on an advisory board, this liability would vanish. Unfortunately the web
page http://www.genuity.net/about_genuity/officers.html makes it very
clear he is a full member of the Board of Directors of the corporation. We
see this as one more example that, filled with good intentions as he may
be, Jon has gotten in over his head.


The issue of the Haiti TLD is a bit different and, some people feel,
potentially serious. Jon delegated the HT TLD to REHRED, a non
governmental group, in early March. When soon there after the Haitian
government came to him and demanded that it get the TLD, Jon gave in,
contravening as he did so the process established in RFC 1591. In the
words of an observer: "was not about to stick his neck out without any
protection from our government by refusing to grant what even smelled like
a request from any other government." For on April 3 Jon wrote to REHRED
(from who he had removed control of the HT Top Level Domain). "Hello: I am
sorry if you do not understand that we have explained to you that there is
a rule we have adopted since RFC 1591 was published: 'Follow the expressed
wishes of the government of the country with regard to the domain name
manager for the country code corresponding to that country'. We have
decided that this rule takes priority.  We do not believe it is wise to
argue with the government of a country about the TLD for that country."
"In other words," continued the observer, "he gave in, and issuing a
*private* directive that, in effect, said that 1591 applies unless a
government objects, in which case the government gets its way in its own
country. Jon was told that if governments were given special consideration
and permitted to contravene standard IANA procedures, he might just as
well pack up the IANA and let the U.N take over."


Looking at these events, we must ask from a policy point of view whether
the issue is Postel or the functions of IANA? If we argue that it is Jon,
we have the problems of whether we can get him to go along with the
conclusion that he should retire because neither he nor any other fallible
human should have to be asked to carry responsibility, in isolation, for
the financial consequences that flow from the decisions he is being asked
to make. On the other hand if we argue that the issue is the IANA
FUNCTIONS, we can entertain the following scenario.


We see three alternatives. 1. Jon Postel bails out and retires by year end
exacerbating the present "authority problem and destabilizing an already
troubled Internet. 2. Jon hangs on. Makes mistakes. Legal actions begin.
IP gets as controversial as DNS and US government decides to intercede. Or
3. Jon shares power and convenes the Council of Global Registries (CGR) in
which he participates (perhaps, initially, as Chair) providing stability
and guidance in time of transition. Eventually, he turns the IANA
Functions over to the CGR and Council over completely to the registries
while remaining as an Emeritus IANA available for guidance and
consultation.. He creates an institutionalized function for appeals, for
coordination and development of procedures. This function, its set of by
laws and procedures, becomes the legal basis for policy.


Part III Launching ARIN, pp. 15 - 23


The process of getting ARIN up and running is ensnared in a kind of catch
22 position because prior to the founding of ARIN, NSI has paid for IP
number allocation costs out of income from sale of domain names. Therefore
ARIN is setting up a membership organization with no cash flow. Given the
criticality of its functions for the Internet and the volume of its
day-to-day business, the resources needed to perform these tasks are
substantial. The execution of these tasks cannot stop while ARIN collects
membership fees and ramps up its activities. Therefore NSI's Year 5
Program Plan proposed that NSI would bear the full costs of the transition
and this has been incorporated into the NSF co-operative agreement. NSI's
responsibility for the IP functions includes the financial responsibility
to establish ARIN and pay its expenses until it is financially self
sustaining.


NSI with its July 3rd IPO filing and recent DNS infrastructure troubles
has had its hands full and the launch of ARIN has progressed more slowly
than we would like. When we set out to rebut Dave McClure's recent attack
on ARIN, we found out in a phone interview with NSI's Senior Vice
President Don Telage that due to a delay in getting legal liability
insurance in place, what we had assumed to be the ARIN board was not yet
legally seated and ARIN would be unable to accept members until the Board
was in place. We are now confident that it will be in place in less than
two weeks.


Part IV DNS, IANA and US Government on a Collision Course?, pp. 16 - 19


Jon Postel not surprisingly, regards much of his stewardship over the IANA
processes as being one of making sure that the infrastructure works. We
can imagine that the events of the last ten days (Kashpureff's attacks and
the defective tape loaded into the root servers) have given him severe
indigestion on this account. In this context, a wide range of people to
whom we have talked say that Jon has the power to remove the root or "."
server from the control of Network Solutions. 


The tension existing in the area of the ownership of root has been
heightened by a move on the part of the US government.  On page 14 of
NSI's IPO filing with the SEC we have found a very telling statement:  The
NSF has given "written direction . . . not to take any action to create
additional TLDs or to add any new TLDs to the Internet root servers until
further guidance is provided." The chances that this would happen without
the direction of either DOJ or the Interagency Task Force or both would be
remote. We will no longer find the NSF making independent policy in this
very sensitive area. Furthermore "written direction" sounds like an order
and not a request. An order would not be given without the US government
having decided that it has authority to make law and determine policy.


Ignoring the question of whether root moves, if the US government has
decided that the best interests of the Internet, from an American
perspective, would be served by no new TLDs in the root servers, the
decision on whether to try to keep the IAHC domains out of them, is likely
to be some time away. Dave Crocker has told us that it will be October
before IAHC/IPOC has any new TLDs ready for the root servers. Furthermore,
other sources suggest that the more likely moment of decision for Jon
Postel on this issue won't come until January.


Consider his situation. (1) out of money at home. (2) his leadership on
DNS new TLDs stymied by US government. (3) ARIN approved but not yet
operational. (4) his IAHC TLD process more centered in Europe than the
U.S. (5) the RIPE registry in Europe under Daniel Karrenberg strongly
supportive of his goals. (6) a new TLD root server in London (7) DNS
infrastructure under control of Network Solutions in the US crumbling.
Given these facts it would be hard to imagine Jon not thinking of ordering
a move of the DNS root from NSI to Europe at some point in the next few
months. 


It In the meantime, ISOC, IANA and IAHC/IPOC appear to be well ensconced
in the driver's seat on this issue and are showing no signs of being
willing to back off. Consequently, the U.S. government has painted itself
into kind of a corner. For, if it comes down openly and hard in the next
few weeks with the position that no new TLDs should go into the root
servers, it seems likely to us that such action would ensure - barring a
major change of heart on the part of Jon Postel, a move of root to Europe.


Forecasting a denouement for these highly uncertain variables is not easy.
is also difficult to imagine an outcome - other than one involving prompt
and creative cooperation among the three IP registries regarding the IANA
functions - that would really benefit the Internet. 


CAIDA Offers Tools for Inter NSP Cooperation, pp. 20-25


We interview KC Claffy and Tracie Monk of the National Laboratory for
Applied Network Research (NLANR) about the origin and progress of the
Cooperative Association for Internet Data Analysis.  .  .  .  .


David Holub on Peering: pp. 26 - 31


We interview David to assess his experience on the evolution of peering
and interconnection issues over the past two years.  .  .  .  .


************************************************************************
The COOK Report on Internet               For subsc. pricing & more than
431 Greenway Ave, Ewing, NJ 08618 USA     ten megabytes of free material
(609) 882-2572 (phone & fax)              visit   http://cookreport.com/
Internet: cook () cookreport com             On line speech of critics under
attack by Ewing NJ School Board, go to http://cookreport.com/sboard.shtml
************************************************************************