POC Open Letter to the Internet Assigned Numbers Authority
Dr. Jon Postel
Internet Assigned Numbers Authority (IANA)
Information Sciences Institute
University of Southern California
Marina del Rey, California
United States of AmericaDear Dr. Postel;
In 1996, the Internet Assigned Numbers Authority (IANA) and the Internet Society (ISOC) created the International Ad Hoc Committee (IAHC), which was succeeded by the Policy Oversight Committee (POC), to analyze and propose solutions to problems in the generic Top-Level Domain Names (gTLD) part of the Domain Name System. Our experience with the first phase of that work, the creation of a Council of Registrars (CORE), Policy Advisory Board (PAB), and associated processes, has brought us to the following observations and recommendations for future directions of gTLD governance.
We hope that documenting our observations and recommendations will be useful to your ongoing efforts.
Although there has been much discussion and examination of the issues over this period, including the entry of new parties into the debate, there has been no significant change in the fundamental constraints and requirements which press upon gTLD and DNS administration. We always hope to see further insights and innovations on this issue. However, given the multi-year length of the discussion so far, it seems likely that a reasonably large fraction of the considerations and possible approaches have already been uncovered. Hence, we believe the following considerations will be relevant to any future structure and processes of gTLD governance.
We summarize our observations below, and follow with a detailed examination of the issues.
Four major types of organizations are required to give structure to, and manage, gTLD-related issues:
SummaryA) a single Name Policy Body (NPB), part of the new IANA;
B) some number of Name Registries, which are responsible for gTLD databases;
C) multiple Name Registrars, that submit names for inclusion into registries; and
D) a Name Advisory Body (NAB).
A) The Name Policy Body:
1) Administers the gTLD policies established by the new IANA;
2) Allocates gTLDs to specific registries;
3) Establishes a common dispute resolution policy; and,
4) Contracts with registries, binding them to operate in accordance with the policies established by the new IANA, including at least the following:
a) technical and operational standards, and,B) Some Number of Name Registries:b) dispute resolution policies, including exclusion policies to prevent "cyber-squatting".
1) Are owned by registrars;
2) Are operated not-for-profit on a cost-recovery basis according to established accounting procedures;
3) Must allow any registrar to register second-level domain names (SLDNs), on a non-discriminatory basis, in the TLD operated by the registry, provided, however, that appropriate cost-recovery based charges may be made to non-member registrars for registration services.
4) Must allow any registrar to become a member-owner on an open and non-discriminatory basis.
5) Contract with registrars to require operation in accordance with the policies established by the new IANA, including at least the following:
a) technical and operational standards,C) Name Registrars:b) adherence to dispute resolution policies, including exclusion policies to prevent "cyber-squatting", and
c) prohibition of "trafficking", i.e. registration of SLDNs by a registrar for the registrar's own financial advantage.
1) May be any entity which meets the standards set by the registry or registries (which in turn will meet the requirements established by IANA) and enters into a contract with a registry or registries providing for a well-defined process for submission of SLDNs to that registry or registries.
2) Are not constrained with respect to for-profit or not-for-profit business models.
3) May be, but are not required to be, a member-owner of one or more registries.
D) The Name Advisory Body:
1) Is a separate entity, elected by votes from Internet users, interest groups and stakeholders.
2) Elects the NPB.
Detailed Examination
These recommendations are based upon the study and experience of the POC and the gTLD-MoU, which envisions four major organizations as the management structure of the DNS, namely, a Name Policy Body, some number of Name Registries (responsible for gTLD databases), Name Registrars (that submit names for inclusion in registries), and a Name Advisory Body.The Name Policy Body, which should be part of the new IANA, will have the following major roles:
1) Administers the gTLD policies established by the new IANA;
2) Allocates gTLDs to specific registries;
3) Establishes a common dispute resolution policy; and
4) Contracts with registries, binding them to operate in accordance with the policies established by the new IANA, including at least the following:
a) technical and operational standards, andThe activities of the Policy Body will be subject to oversight and review by the IANA. However, naming within the Internet is new and extraordinarily complex, and there are very few people with significant experience in this area. There are almost none with deep experience in both the Internet and other related disciplines (e.g., trademark law). This argues for keeping the Policy Body within the IANA itself, rather than as an independent organization. The IANA may wish to review its structure at some time in the future to determine if separation of the Policy Body is appropriate.b) dispute resolution policies, including exclusion policies to prevent "cyber-squatting".
Allocation of gTLDs to a Specific Registry or to Specific Registries:
Ideally, each gTLD would be allocated across all, or at least multiple, registries. However, this is technically not possible at present. This unfortunate consequence of the state of the art in distributed systems reduces the degree to which competitive mechanisms may be used to ensure reasonable operation by registries. We address this in more detail below.Multiple gTLDs should be assigned to individual registries. IANA will have to determine initially whether there is to be a single registry for all gTLDs, or multiple registries. We address below the question of how many registries there should be. There is no technical reason for there to be one registry per gTLD. On the contrary, there is a practical requirement to have multiple names per registry if there is to be economy of scale in registry operation.
Adherence to a Common Dispute Resolution Policy for Domain Name-Trademark Disputes:
A well-defined and uniform set of substantive requirements for dispute resolution is needed to provide manageability for trademark holders, and to permit reasonable dispute resolution applicable uniformly to all registries. Uniformity in substantive rules applicable to disputes need not constrain flexibility for individual registries or groups of registries, which should be able to offer a selection of procedural means of dealing with disputes, i.e., options for bringing suits in national courts as well as options for arbitration and other means of alternative dispute resolution. Different registries (or groups of registries) may offer different procedures for resolving disputes so long as the uniform substantive requirements are applicable across the board at all registries pursuant to their agreements with the NPB. The goal is to permit as much innovation and experimentation among registries as possible, while preserving the principle of a uniform substantive policy.
Agreements between NPB and Registries:
Agreements between the NPB and each registry will remain in effect as long as the registry meets IANA requirements. The agreements will establish that:a) the signatory may operate a gTLD registry,
b) will adhere to the common dispute resolution policy,
c) will maintain minimum technical and operational standards,
d) will comply with well-defined operational procedures required to protect the interest of gTLD name holders, and,
e) will meet minimum data escrow or recovery policies
Minimum technical and operational standards will include, for example:
a) compliance with IETF standards where applicable and required by the IANA, and,
b) standards for performance and hardware redundancy to ensure effective operation of the DNS.
Data escrow and recovery policies are designed to protect name holders in case the registry should cease operation. Cessation of registry operation could occur, for example, because of business failure, lack of technical competence, force majeure, or by direction of the IANA due to failure to meet minimum requirements.
The Name Policy Body will be composed of persons from among the major Internet names stakeholders, including registrars and registries, and users and technical experts, who should come from the major regions of the world.
Members will not specifically represent their home organizations or regions; rather, they will serve the requirements of the Name Policy Body and the interests of the Internet at large. Having members from all stakeholder groups may not be possible at all times. Rather, the number of members should be sufficiently large as to ensure that the majority of different stakeholder groups will be represented during any one term of office, but not so large as to preclude effective discussions and decision-making at plenary meetings.
Name Registries will be cost-recovery based, and owned and managed as a common resource by groups of registrars. Cost-recovery is a requirement because each registry has monopoly status over the respective assigned gTLDs and because it is apparent that user switching costs between domain names will often be high. The likelihood that a specific registry will engage in abusive practices may be reduced during high-growth periods (during which there will be a large proportion of new to existing registrations), but it appears unreasonable to assume that all gTLDs will grow monotonically in the future. Hence inherent pressure against abuse will likely be insufficient.
Given the controversial operation of the existing single for-profit registry, it is appropriate to begin with the most conservative starting point: multiple, not-for-profit registries. The IANA will be able to observe the behavior of registries, registrars, users, and related technical developments. If it is desired to make changes to the system, it will be easier to go from not-for-profit to for-profit than the other way around.
Ownership of registries by registrars will provide pressure for keeping registry costs at a minimum. However, since such ownership and a cost-recovery model are not on their own sufficient to preclude abuse (e.g., unusually high staff salaries or perks), it will be necessary to establish additional review mechanisms such as independent accounting review with the assistance of an internationally recognized public accounting firm.
The registries, as financially self-standing businesses without a profit motive, even though the existence of multiple registries will encourage a basic tone of competition among them, could conceivably lack motivation to foster innovation and for the same reason could have difficulty raising capital. This will, however, not be a problem since the owners of the registries, the registrars, will generally be businesses operating for-profit. This will enable them to raise capital and will provide the motivation to drive innovation within the registries.
Selection of registries will be accomplished by the IANA using published objective criteria.
The Number of Name Registries
Technically, there is no specific need for more than one Name Registry, which would provide for economy of scale. However, there is a general principle of avoiding single points of control in order to encourage competition, innovation, and efficiency. Furthermore, the Internet community is highly suspicious of single points of control. Maintaining broad support requires adherence to this principle.At present, there is only one gTLD registry. That registry's provision and domination of the gTLD naming function has been controversial.
The above principle, its general acceptance, and recent experience, argue for there being more than one registry. In the transition, in order to ensure that there is a clean "re-start" of registry functions, it is likely that at least one new and separate registry will be formed.
Once there is a second registry, there is a question of the total number of registries. There will likely be pressure for the creation of additional registries since some organizations may exert pressure to participate in this activity. Although there is no requirement for a large number of registries, there is no technical or administrative upward limit on their number other than as determined by economies of scale considerations. Without a profit motive, it is likely that the number of registries will be rather small. It is even possible that, after the creation of some number of registries, over time, some of these registries will combine operations and the total number decline.
The IANA will need to balance these issues to determine the correct number of registries, and variance in their number.
Ownership of registries will be open to all registrars that meet objective requirements, applied in a non-discriminatory way. Each registry must permit registration of SLDNs by non-owners, provided, however, that appropriate cost-recovery based charges may be made to non-member registrars for registration services.
We also foresee registrar groups splitting off and combining as the industry evolves and business interests change. During this time we expect to gain significant insights into the relationships between operational efficiency, innovations driven by a diversity of multiple registries and groups, and the manifestation of the threat of monopoly. In the long run, it is not clear if gTLD management will converge on one registry and registrars group, or if it will fan out into many. As long as the above principles are followed, we see no reason to preclude such evolution at this time. The IANA should retain the option to modify objective criteria so as to be able to respond to these sorts of changes.
Name Registrars may be any entity which has signed an agreement with one or more registries that requires compliance with the established technical and operational requirements and permits exercise of the well-defined process for submission of names to that registry. There is no need for any constraint on the business models of registrars (e.g., cost-recovery or for-profit). Registrars may be, but are not required to be, a member/owner of one or more registries. If a registrar is not a member or owner of a registry, its agreement with a registry will provide that registration services will be provided by the registry for appropriate cost-recovery based charges. It is understood that member/owner registrars may secure registration services at more favorable rates because such registrars will have made an investment in the registry of which they are a member/owner.
Since membership/ownership of a registry must be open on a non-discriminatory basis, there will always be constraints to assure the fairness of charges for registration services.
The Name Advisory Body will be elected by votes from Internet users, interest groups and stakeholders, including registries and registrars. It will in turn elect the Policy Body, and will advise the Policy Body. The Advisory body will be open to the participation of all such entities, and will be an electorate for the oversight body. There is no requirement that the Advisory Body be distinct from whatever advisory body may be created by and for the IANA overall. If there is such a general IANA advisory body, it may be useful for there to be a distinct section which focuses specifically on DNS or gTLD issues.
gTLD-MoU Policy Oversight CommitteeJune 12, 1998* End *