Comments on draft-iahc-gTLDspec-00

[Alan Sullivan <sully@frontiernet.net>]

Introduction -
	The comments made with regard to the IAHC proposal December 		19,1996
are indented. The actually text from the draft-iahc-		gTLDspec-00 is
included for reference of comments. The general 		thesis of these
comments is: "Shared gTLDs create many market 		barriers to registries."

	IAHC should adopt a process that allows a free market of 		competing
registries to offer exclusive service of a particular		domain name
space. This does not mean that the name space is not 	public - indeed it
is a public trust that is being cared for by 	competing custodial
registries.


IAHC has decided to create further gTLDs as a means of increasing the
level of competitive supply and access to the gTLD space for the global
Internet community.

In addition IAHC has decided to ensure that the new gTLDs are all to be
operated in a shared fashion across a number of domain operators. This
is regarded as a secondary mechanism to ensure that each of these
additional gTLDs are operated in an environment of a competitive market
for access to these name spaces, and the same checks and balances of the
competitive inter-gTLD access space also apply to the intra-gTLD space
through this mechanism.

	Another way to ensure that additional gTLDs are operated in an 	
environment of a competitive market would be to allow one 		registry per
a gTLD and not to limit the number of gTLDs. 

	There seem to be conflicting edicts - 

* The .com, .org and .net are classified as existing gTLDs. IAHC will
define an additional set of seven (7) gTLDs. Any addtional gTLDs will be
defined under the aegis and policy coordination of the CORE, described
below..

	and

IAHC has decided to create further gTLDs as a means of increasing the
level of competitive supply and access to the gTLD space for the global
Internet community.

	By the very definition given above IAHC will define 7 additional 	gTLDs
- not the market. By what means has IAHC determined that 		the gTLDs
they decide to add will necessarily increase a level 		of supply
demanded by the market? One could argue this is not 		competitive since
IAHC will limit the number of total additional 	to some arbitrary fixed
number (7).	 Registries can provide 	little market differentiation
therefore a non-competitive 		regulated environment akin to public
utilities will be created. 

It is noted by IAHC that competitive shared access to any domain
registry is a useful market control mechanism to reduce the risk of
monopolistic trading practises. This is a core principle in IAHC's
decision for administration and management of gTLD space. IAHC further
recommends this policy be considered by the relevant ISO 3166 TLD
national authorities and administrations.

	IAHC should also note that competitive registries that have 		exclusive
use of a domain name space also provide a useful 		market control
mechanism to reduce monopolistic trading 		practices.  What does IAHC
mean by "competitive shared access"? 	One could argue that what makes
sense - is "a competitive non-		shared access" or "a non-competitive
shared access". One could 	argue that IAHC is really describing is "a
non-competitive 		shared access." Thus removing any incentive for good
service		much like what is seen in the essentially monopolistic
regulated 	utilities industry. It should be noted many areas are
moving 		away from such non-competitive models.

It is noted that an immediate large increase of gTLDs does increase the
risk of impacting the coherence of the overall gTLD space, through
increasing the level of complexity in the process of determining which
is the appropriate gTLD for any end consumer of these services to
choose.

	How does increasing the number of choices a customer have in 		choosing
domain spaces increase complexity and impact coherence 	of the Internet?

Therefore, IAHC will adopt an initially conservative approach to the
number of additional gTLDs, through the initial expansion in the first
annual round to a total of ten gTLDs. This entails the creation of seven
new gTLDs.
 
	Let the market forces determine the number of gTLDs. Why does 		IAHC
want ten gTLDs? This seems like an arbitrary number. What 	not choose
100 gTLDs?



 
A REGISTRAR is the entity which is authorized to enter and modify a
registry's data, based on customer contact.

	This definition for registrar seems straight forward and makes 		sense
a long as one assumes a registrar is THE entity and NOT 	one of MANY
entities as is suggested by:

 A registry may have multiple registrars. A registrar may be authorized
for multiple registries.

	This definition of 'registrar' starts to resemble that of 		'agent'.

In determining the numbers of registrars for a registry, a fundamental
issue is one of trust and cooperation. If multiple registrars share a
registry and they have a fully cooperative relationship, the repository
for the registry can be maintained using fully distributed
data base technology.

If the registrars for a registry have a mutually suspicious relationship
--
as is typical in competitive business circumstances -- then the
repository for that registry needs to be operated by a trusted,
independent third party, with simple rules of access. Particularly
appropriate rules include fair use and assigning precedence for
competing requests on first come, first served basis.

	How do you keep hostile non-cooperative registrars coordinated 		for
any registry? By definition on could argue these are not 	 	registrars.
The registrars are more akin to ticket brokers or 		travel agents.

Oversight responsibility for a registry rests with a STEWARD. If the
registry is a monopoly, the steward, the registrar, and the operator of
the repository are typically one in the same. When multiple, competing
registrars exist for a registry, it is appropriate to have independent
stewardship. This ensures operation of the registry as a public trust
for the Internet. It assesses performance of the repository and the
registrars, enacting changes as necessary.

	Who will act as a steward and how will they be compensated?

The ultimate goal for registries operating in the gTLD space is that any
qualified entity may be a registrar, and that every registrar shares
responsibility for registering domain names in all gTLDs. Noting its
concern for managing change to a critical Internet resource, IAHC
believes that the number of additional Registrars authorized in the next
year should be limited to between twenty and thirty, with additional
Registrars added at the rate of twenty to thirty per year, subject to an
annual review of the efficient functioning of the system. The limit on
the number of Registrars should be completely removed when the capacity
to register domain names in the present gTLD .com, .org and .net domains
become shared
among all Registrars.

	The ultimate goal suggests name agents around the world. Even 		though
the concern for managing change is noble, the arbitrary 		limitation of
the authorized registrars creates a near term 		restraint of trade. Let
the market determine the number of 		registrars - not IAHC.

In order to ensure equitable international participation among
Registrars, IAHC has determined that a fixed number of Registrars will
be initially allocated equally to each of the six (6) ITU designated
geographical world zones (X.121 world zones 2-7); the current list being
available at <http://www.itu.int/intreg/itu-zones.html>.

	These zones do not reflect an equal distribution based upon the 
current Internet population. This is inherently unfair since 		more
populated domains such as zone 2 and 3 will be under 		represented on a
per capita basis.

The selection of registries in a region will be by lottery among
qualified applicants. Registrar rights are non-transferable to other
entities.

	Why does IAHC limit the choice of registries by region and limit 	the
number of registries by lottery? Why does IAHC not let 	market forces
determine this? 

IAHC will establish the qualifications required of each applicant to
become a registrar. These qualifications will be objective and will be
subject to independent confirmation.

	What are these qualifications? Much more space is devoted in the 
proposal to the lottery, quantity of gTLDS, geographic 		distribution,
and other market barriers rather than the most 		important question that
is "What constitutes a qualified 		registry?" More importantly - rather
than IAHC concentrating 		on erecting market barriers (which the current
proposal has 		many), IAHC should determine the criteria of a
qualified 		registry. IAHC should develop a process for qualification,
and 	let the market determine how 	many and what distribution of 
registrars, registries, and gTLDs exists.

 
5. Applicants must commit to sharing all gTLDs.

	Registrars might have many legitimate reasons for not 		supporting all
gTLDs.
 
IAHC delegates stewardship for the set of gTLDs to the Council of
Registrars (CORE), comprising the multiple, competing gTLD registrars.
All gTLDs are shared among all member registrars.

	Does that make CORE the steward referred to by? :

Oversight responsibility for a registry rests with a STEWARD.

Registrars for existing gTLDs are encouraged to join CORE and abide by
CORE principles and rules, unifying the handling of all gTLDs and
obtaining equal benefits with other gTLD registries.

	Registrars are not required but only encouraged to join CORE?

CORE will contract with an independent and neutral third-party for
operation of the shared gTLD repository data base (gDB). The specific
details of gDB subcontracting and operation will be determined by CORE.

	Who can apply to be subcontractors?

IAHC will specify the information to be required in all applications for
SLDs under gTLDs. 

	This is  clearly outside the IAHC charter. The reason this must 	now be
inclusive in the IAHC charter is because all power to 		determine what
is required from SLD applicants has been moved 		from the registries up
the hierarchy to IAHC. This is a good 		example of the types of problems
that exist when trying to 		implement a shared gTLD. There are probably
lots of others. IAHC 	members will find themselves in an International
Not So Ad Hoc 		Committee if they begin to takes up SLD issues.
 
To promote accountability, discourage extortion and minimize obsolete
entries, SLD assignments must be renewed annually.

	Again, this is outside if the IAHC charter. This should be up to 	the
registries to determine - but since the IAHC clearly intends 	these
registries to share the registry - then they have 		effectively removed
this discretion and control from the 		registries. In a true free market
system, each registry would 	run their domain as they please. The market
would determine if 		their policies make sense. I think the market is
wiser than any 	committee.


There is no single, universal international law of trademark, so it is
not possible to reserve disputes involving trademark and domain names to
an international body applying a globally recognized body of law.

	Exactly - so why has the IAHC devoted a large section of the 		proposal
to the trademark concerns for SLDs? Let each registry 		run their domain
as they see fit. If they have a policy that 		creates lots of problems -
they will not stay in business very 		long. Again - the market should
determine this - not IAHC.

One gTLD registrar has attempted to address this problem by inserting
itself as an arbiter of disputes between trademark owners and SLD
holders: The registrar will put an SLD on hold at the behest of the
owner of a trademark registration certificate if the holder of an
"identical" SLD, once challenged, cannot produce its own, trumping
trademark certificate or otherwise establish that its use of the domain
predates either the effective date or first use date of trademark
registration. This well-intentioned policy, which has generated
significant controversy, unjustifiably confers upon a non-judicial body
the discretion to essentially grant an injunction against continued use
of a SLD, without any adjudication of the merits of the trademark
owner's claim against the domain holder. Such an approach is
inconsistent with basic tenets of trademark law and principles of equity
and fair play. The dispute policy unfairly burdens the domain holder -
who may actually have trademark rights
superior to those of the challenging trademark registrant.

	This describes NSI policy. In my opinion - this is bad policy. 		In an
open market - most businesses would simply take their 		business else
where. Right now that is not possible, since there 	are no competing
registries.

In light of the legitimate interests of domain name holders and
trademark owners, and in the overall interests of consistency and fair
play, IAHC strongly believes all gTLD registries and ISO country code
registries should, therefore, publish applications for SLDs, for a
period of sixty (60) days prior to assigning the requested SLD to the
applicant. Such publication should take place on a publicly available,
publicized web site and include the SLD and the contact and use
information contained in the application (see Appendix A).

However, in view of the fact that an existing gTLD registrar currently
registers SLDs without a waiting period, the requirement that gTLD
registries institute a 60 day publication period will not be effective
until that registrar changes its policy to include the 60 day
publication period. In the interim, other gTLD registries are
encouraged, but not required, to use this 60 day waiting period. Once
that registrar agrees to the 60 day publication period, CORE will
implement the 60 day publication period immediately across the other
gTLD registries.

	In my opinion this is a bad policy. This 	policy is 	somewhat like 
those of US gun control laws, that is to provide 	sufficient time for a
background check. Some US States have even 	gone to computerized
background check systems to REDUCE this 	wait time. Publication for a 60
day period will be great for 	intellectual property lawyers looking for
business but at too 	large a cost to the Internet community. Leave it up
to the 	registry that is running a particular domain (which of course 
assumes NO SHARED REGISTRIES) to determine that policy. I would 	predict
that the market would reject ANY waiting period.

To ensure immediate availability of some domain names, it is recommended
that gTLD registries offer "random alphanumeric" domain names which
require no waiting period.

	I would argue that the free market would also reject this 		policy. I
predict, if implemented - it 	would not be used - 		unless the need was
artificially created by 	an artificial 		waiting period. I would rather
just use my IP 	address, and I 		suspect others would too.

In further considering the existing operation of the ISO 3166 second
level domain spaces, IAHC recommends that the administrators of these
spaces add a fixed 60 day notification period between application and
delegation as a means of reducing the subsequent levels of litigation
within these name spaces, as per the related recommendations in section
4 of this document relating to gTLDs.

	I believe this to be a bad recommendation due to the reasons 		given
above.

IAHC notes that the implication of the recommendation in section 5.4.4
is that there will be a consequent market demand for domain names which
are available within a more rapid period than 60 days. IAHC recommends
that the administrators of ISO3166 name spaces consider the addition of
a functional name space, proposed to be a network user identifer:
.nui.<iso3166-code>" . The characteristic of this space is that it would
be filled by randomly generated, meaningless alphanumeric strings,
available within a short period after application, in order to provide
an alternative mechanism to
the process of obtaining a specified name which may include a 60 day
notification period.
	
	What a complicated web we weave to accommodate that 60 day 		waiting
period. We are now forced to introduce an artificial 	name space as well
as random artificial names to accommodate 	this artificial 60 day
waiting period.

 SECURITY CONSIDERATIONS

The Domain Name Service is essential to the smooth operation of the
Internet. Changes to the structure or style of DNS operation therefore
carry considerable risk. The specification offered here attempts to make
substantial changes to the administration and operation of gTLD names,
but limits the scale of those changes during an initial, "experimental"
period, permitting expansion of the changes as experience dictates.

	What does this have to do with security?

ACKNOWLEDGMENTS

The IAHC's efforts have greatly benefited from extensive on-line
discussion, both within the committee and on public discussion lists.
Also, the Committee's open request for proposals resulted in numerous
submissions from which some concepts and details in IAHC's proposal were
adapted. The current draft specification is the result of integrating
the discussions and proposals, seeking a fair and practical balance.

	Please list the acknowledgments. It is good form to list all 	
participants.

REFERENCES

[Post94] Postel, J. , Domain Name System Structure and Delegation, RFC
1591, March 1994.

	There are clearly more references than this.



-- 
Alan Sullivan
President
Top Domain Registry Inc.