Why they're talking about Internet governance

by Andy Oram

(Originally printed in the
American Reporter)

It's an unlikely matter for the United States and other nations to
lock horns over: the administration of names and numbers used to reach
Internet sites. But this seemingly trivial function is occupying a lot
of time among government representatives traveling from continent to
continent. A United Nations body wants to wrest power over these
things from their current master, the Internet Corporation For
Assigned Names and Numbers (ICANN). The United States says that with
ICANN in charge, things are running just fine (which they
aren't). Many people condemn one side or the other for trying to carry
out a power grab, or call the engagement a lot of hot air.

But to me the first question to ask is: who called the
names-and-numbers issue one of "governance" in the first place? Why
did this ever become something for corporations, governments, and
international bodies to wrestle over? Why isn't it going on quietly,
cheaply, and with universal acceptance in the background, like so many
other aspects of Internet operation?

The matter of Internet names and numbers is actually a sad and sordid
history that goes back over ten years. It never should have come to
this point, where it is wasting millions upon millions of dollars,
along with time and energy of some top Internet thinkers--and where
real initiatives that could improve Internet access get shoved to the
corners and left to gather dust.

Domain names get hot

ICANN has control over three types of addressing, sometimes called
resources. The very term "resources" biases its listeners right off
the start, because a resource is usually something valuable that's
limited and needs to be managed and bargained over. Addressing is
being treated that way, but it didn't have to be.

The first type of address is the number assigned to each computer for
the purposes of routing traffic. This is called the IP address (where

IP stands for "Internet protocols"), and in its current form it tends
to be printed in four parts, such as (the current
address of the site where you're reading this,

There used to be fears that we were running out of IP addresses, and
accusations that some sites were receiving more than they needed, were
hoarding them, etc. There may be pockets where scarcity exists, but to
address the problem (pun intended), the Internet body that designed
the IP address (and which has nothing to do with ICANN) created a new
version, IPv6, that vastly expands the number of available addresses.

Few sites have adopted IPv6, which requires enormous administrative
changes. One of the tragedies of ICANN's existence is that it has
played no role promoting this conversion to new addressing, even
though as a central controlling organization for IP addresses, it
would have a natural role as evangelist for the change. Instead,
ICANN is mired in the other controversies described in this article,
along with its own bureaucratic bumbling.

A second addressing category involves a collection of potpourri called
"assigned numbers."

But the towering controversy in ICANN is the third area of addressing,
the assignment of domain names. These are what let you request
www.american-reporter.com in your browser instead of,
and their presence is much appreciated. A lot of emotional baggage (as
well as commercial power, as we shall see) is loaded onto domain
names, but at base, they are simply another form of addressing.

In the mid-1990s a true governance issue struck the Internet: the U.S.
government opened it up for commercial use. Before then, it was
supposed to be used only for government, academic, and research
purposes. But now you could actually sell something over the Internet!
Driven by this new freedom and the recent invention of the graphical
web browser, thousands of companies poured the wares out before a
virtual marketplace.

Domain names were not designed for the new distribution of Internet
users. Just seven names existed at the top of the tree, such as .mil
for military use and .gov for government agencies. (A typical name is
whitehouse.gov.) These names--called top-level domains--were managed
by the U.S. government. Of course, other countries had come online by
then, but they had their own names, such as .fr for France. Only one
top-level name was allocated for commercial use--and for that reason,
the history of computing will always remember the mid- to-late 1990s
as the "dot-com" era.

Yes, having a name ending in .com became one of the most pressing
business requirements overnight. And businesses wanted a name that
reflected their trademark, such as ford.com or porsche.com.

Internet-savvy speculators bought up hundreds of thousands of famous
names with no goal in mind but to wait until the company with the
trademark came looking for it--and then they charged thousands or even
millions of dollars to make the transfer. This was simply the free
market at work, but the capitalists who got in line too late for their
favorite domain names steamed up and called it cyber-squatting.

There are many possible solutions to cyber-squatting. Companies could
choose a name that wasn't taken yet, or just pay the squatter. But
quite large corporations started making ugly noises about possessing
trademarks and launched lawsuits to gain control over their own names.

At the same time, the company called Network Solutions that happened
to have gained control over handing out .com names--through a process
somewhat less orderly than a game of musical chairs--realized they
were sitting on the Fort Knox of Internet gold mines and started
charging money for a service that used to be free. The fee was nominal
by commercial standards, but high enough to make individuals think
twice about reserving names for themselves.

The clamor got worse and worse until a set of Internet public
activists suggested a conference pulling together everyone interested
in the domain name problem. This conference took place in July 1998 in
Virginia under the name Global Incorporation Alliance Workshop. The
name reflected a recent white paper from the U.S. commerce department
that indicated the government's resolve to incorporate a new
corporation that would handle names and numbers. Computer Professionals for Social Responsibility (CPSR) submitted a
paper (to which I contributed) called
"Domain Name Resolutions."

Amazingly enough, progress was made at the workshop. The many
contending stakeholders came to consensus on some key points that
would protect free expression and diversity among domain names. Had
negotiations proceeded in that direction, the whole issue of
allocating domain names might have been resolved harmoniously and the
world could have gone on to more weighty topics. Whether or not
everyone abided by the decisions, the results of the workshop would
have represented a powerful moral direction post pointing toward an
open Internet governed by consensus--had the results been the basis
for further developments.

The first power grab

It should be understood, before we go further, that pressure on the
.com space could easily and immediately relieved by creating new
names, such as .biz. The allure of the "dot-com" name held
corporations back from endorsing this simple solution. But a more
sinister drive lies behind the domain name controversy.

Having established commercial beachheads on the Internet, corporations
wanted to own the whole terrain. Through the World Intellectual
Property Organization--an organization that make international
policies regarding trademarks, copyright, and so on--they were
designing a new regime for handling domain names. It was nicely suited
to large corporations with the money to take out trademarks, litigate
disputes, and so forth, but was unfriendly to individuals or
organizations of limited means. For a variety of reasons, an
artificial scarcity served the purposes of some powerful institutions.

Within weeks of the successful conclusion of the Global Incorporation
Alliance Workshop, a lash-up of Internet leaders, Network Solutions,
and other back room forces popped a proposal of their own on a
surprised and unprepared Internet community. The proposal (which was
the second try for most of these actors, the first having collapsed as
a half-baked exercise) ultimately led to ICANN. Most stakeholders were
left out of the decision--even many large corporations were angry--but
the Commerce Department approved the proposal, happy to wash its hands
of the issue.

Or so they thought. ICANN was to come back and pain them year after
year--through lapses in following through on their requirements,
through financial problems, and through sheer all-around failure. At
least once, the renewal of ICANN's contract was seriously imperiled.
Each time, perhaps grudgingly, the Commerce Department would give
ICANN a new lease on life. Yet now the U.S. government staunchly
defends the organization they castigated and threatened, when it comes
up against U.N. criticism.

And do you know what was the most absurd aspect of the whole domain
name mess? Within a couple years, search engines had progressed enough
that content could be easily located regardless of domain name.
Whether you are ford.com or porsche.com or american-reporter.com isn't
very important anymore. The problem that caused ICANN to be created,
after so Machiavellian manipulation, simply evaporated. And yet ICANN
existed, and exists to this day. Thus it provides spur for the current
debate over "Internet governance."

An international brouhaha

Two aspects of ICANN--IP addressing and assigned numbers--roll along
with hardly any discussion; the third aspect--domain names--could have
done the same if the trademark holders and World Intellectual Property
Organization and ICANN hadn't raised such a stink over them. But now
that a locus of control has been established, everybody wants a piece
of it.

The debate currently goes on within the World Summit on the
Information Society (WSIS), a body set up by the United Nations in
December 2001 to make international policy regarding Internet access.
The summit approved a declaration of principles that is almost
completely laudable, stocked with such standard fare as bringing poor
people online and protecting freedom of speech.

But they have a bee in their bonnet concerning
ICANN. Certainly, it is controlled by the United States
government--which reneges on its duties by letting ICANN blunder about
so much--but the solution is not to bring it under U.N. control. The
solution is to hand all its powers over to leaner, more technically
focused groups that operate with less fuss and more consensus.

It is not clear whether we can go back to a golden age of a
technically run, frictionless Internet. There was a time when control
over the servers for domain names, along with the top-level allocation
of IP addresses and assigned numbers, rested in a single computer
scientist who had done early work on the Internet and was respected by
all, named Jon Postel. Clearly, this was not a sustainable solution
(ironically, Postel died tragically a few weeks after helping to
create ICANN), but the length of its successful operation shows that
basic solutions can be quite light-weight.

Domain names do raise policy concerns of a technical nature,
and various actors in the space can take action to improve them. The
two main issues are making sure the servers don't go down or get
overloaded (technical robustness) and making sure nobody can spoof a
name in order to direct you to a fake site (technical security).
Providing names in every language, using character sets recognized by
each culture and country, is another technical issue.

But ICANN has done virtually nothing on the first two issues,
and acted very slowly on the third. Instead, it concerns itself with
policy issues that fall into two broad categories:

  • Scarcity: Users can't get a name they want--one they
    consider a "good" name.

  • Squatting: Possession by one user of a name that another
    person or organization thinks is rightfully theirs.

The first problem can be solved by loosening rules for
top-level domains, so that more are created. To ensure that all users
can find all valid domain names. some central body is needed to create
and hand out control over new top-level domains. This could be done by
a small service center in a manner similar to how registrars hand out
names within each top-level domain.

The second problem can be solved by a policy that treats
domain names simply as references--like book titles, which are never
treated as trademark violations--and therefore things to which no one
has more right than anyone else.

What really needs governance?

Thanks to ICANN, WSIS is now worried about "governance." In
the book Internet Governance: A Grand Collaboration (available
in PDF format)
contributor Wolfgang Kleinwächter says the term "Internet governance"
first appeared in a WSIS document in January 2002, and become a "hot
item" at a February 2003 conference. WSIS now devotes a clause to that
term in its
plan of action.

And now that governance is on the table in the form of the ICANN
debate, a number of other cards have been played by various
governments. Many are indeed pressing issues that can use the help of
governments and international agencies:

  • Spreading access to the disadvantaged, and providing content of value
    to them in their native languages.

  • Inequitable costs paid by underdeveloped countries to connect to the
    major countries that offer Internet service.

  • The need to guarantee business transactions online. Such issues
    include legal recognition of digital signatures, and adapting consumer
    protection laws so a person in Germany can buy goods from Mali.

  • Revising laws regarding speech for the Internet. Should bloggers, for
    instance, meet the same standards for accuracy as professional

  • Preparing police and courts internationally--both technically and
    legally--to prosecute someone from another continent who messes up
    your hard drive or tricks you into revealing sensitive information.

These issues were thrusting to the surface anyway, and had been
brought before many governments as well as international bodies such
as the Organization for Economic Co-operation and Development. But the
existence of the obtrusive, non-consensus-based, quasi-governmental
ICANN furnished an example of governance that countries unfortunately
treated with envy rather than repugnance.

Resources do require management. Our oceans are becoming polluted and
devoid of edible fish; our energy sources are running out; armaments
ranging from rifles to nuclear materials are traversing borders far
too freely.

But the Internet is not a resource as these are. It is a medium,
infinitely expandable. The U.N. can certainly help governments adapt
to its bounty, and its challenges. Well-placed funding for access,
content, and law enforcement are valuable.

Luckily, most of the actors (including the authors of the book
mentioned earlier in this article) give at least lip-service to
multilateralism and transparency. They recognize that Internet issues
require cooperation among many actors--rather like that Global
Incorporation Alliance Workshop back in 1998. In his contribution to
that book, William Drake (a colleague of mine in CPSR) calls for an
"integrative analysis" that would probably be a loose coalition of
stakeholders, rather than a centralized governing body.

By taking names and numbers off the bargaining table, we can free up
space for policy issues we really need to deal with.


2005-10-20 06:24:42
if only the world was perfect?

You wrote: The very term "resources" biases its listeners right off the start, because a resource is usually something valuable that's limited and needs to be managed and bargained over. Addressing is being treated that way, but it didn't have to be. and then Two aspects of ICANN--IP addressing and assigned numbers--roll along with hardly any discussion; the third aspect--domain names--could have done the same if the trademark holders and World Intellectual Property Organization and ICANN hadn't raised such a stink over them. But now that a locus of control has been established, everybody wants a piece of it.

Of course addresses are resources. There can be only one www.mcdonalds.com, and in any restructuring of the domain namespace, people with a trademark would want to be able to own their trademarks. Maybe some other arrangement could have avoided McDonald's feeling like they need to own www.mcdonalds.org.su, but that's hardly the issue.

It should be blindingly obvious why nobody gets as irate over the allocation of port 80 to HTTP or or to Level3. It's The Users, Stupid! My dad doesn't need to know how IP or TCP work, but he does know how to type in a URL. In any network where people resolve names to resources, names will be finite, and the mapping of names to resources will be contentious.

It's easy to say, "ICANN is all screwed up!" It's also accurate. It's just weird to say, "The whole domain name problem could have been solved in a way that would have eliminated strife over domain allocation." Maybe your next entry should explain how.

2005-10-20 08:11:54
Why do people care?
All we're talking about is the same process that allocates telephone dialling codes to countries, registration letters to aircraft and callsigns to radio stations - all processes operated by the ITU, an executive arm of the UN, and completely uncontentious. The problem is that no sensible comment can be heard over the crackling of the tin-foil hats worn by the American "contributors" to the "debate".
2005-10-20 15:28:51
Thanks for the enlightening article.

I can't think of cyber-squatting as anything but unethical. There is no service provided at all, and not even the speculator makes use of the name while he has it.

Of course, how to stop it happening is a different matter.

Thankfully, as you say, the search engines have made it less of an issue.

2005-10-20 18:05:35
what about war?
If a nations' economy depends on the internet, what happens when they war with the US?
2005-10-21 11:34:48
Not running out of IPv4 addrs, running out of routing ability
Hi Andy,

I just sent this off to Dave Farber's IP list, which featured this article of yours today, and thought I'd post it here in direct reply as well. Good article, thanks for writing it-- but please dig a little deeper into net history on the IP addr 'shortage'.


Hi Dave,

I agree with many of Andy's points, but I'm surprised at his description of the 'shortage' of IP addresses. The issue was not running out of numbers, the issue was 'how many independent routes can current routing tables service'. Back when folks were scurrying about consolidating IP networks into CIDR blocks, it was because of limitations on the amount of memory that then-current routers could usefully address (or providers could afford, or both) to hold the route tables.

Take a look at Geoff Huston's excellent article about historical BGP table scaling[0], take a trip to the distant past of 1996 to RFC 2008 [1] or earlier to the 'growth plans' section of RFC 1519 [2]. That last document states:

"As of Jan '92, a default-free routing table (for example, the routing tables maintained by the routers in the NSFNET backbone) contained approximately 4700 entries. This number reflects the current size of the NSFNET routing database. Historic data shows that this number, on average, has doubled every 10 months between 1988 and 1991. ...

It should be stressed that these projections do not consider that the current shortage of class B network numbers may increase the number of instances where many class C's are used rather than a class B. Using an assumption that new organizations which formerly obtained class B's will now obtain somewhere between 4 and 16 class C's, the rate of routing table growth can conservatively be expected to at least double and probably quadruple. This means the number of entries in a default-free routing table may well exceed 10,000 entries within six months and 20,000 entries in less than a year."

There's an excellent set of descriptions of the Routeviews project, and some shortcomings of BGP (which itself is still more scaleable than OSPF on today's network) at the APNIC meeting transcript of February 2005 [3].


Disclaimer: I are not a network eNgineer, I'm a systems person, but I've been around the block long enough to know a bit of history, and less than 5 minutes of Googling lets me share it with you folks in better detail than I'd be able to write up personally. I was also looking for specific NANOG traffic from 'the day the net broke', eg when they separated the NAP/MAE traffic and handed off to ARIN(? was it ARIN?) and everyone with a backbone router found that suddenly they needed *double the memory* in their routers. Felt very sorry for my net-eng buddies that day! Anyone got cites for that lying around at hand?

[0] http://www.cisco.com/en/US/about/ac123/ac147/ac174/ac176/about_cisco_ipj_archive_article09186a00800c83cc.html
[1] http://www.faqs.org/rfcs/rfc2008.html
[2] http://www.freesoft.org/CIE/RFC/1519/10.htm
[3] http://www.apnic.net/meetings/19/docs/transcripts/routing-sig.txt