DNS articles Brad Templeton Home Brad Ideas (My Blog) ClariNet
|
Fixing DNS -- how to break up ICANN
The internet's domain name service (DNS) -- the tool that converts the names of web sites and email addresses into the internal numbers used to get the bytes to the right place -- has stirred up a lot of controversy of late. No surprise, because it's the first big issue in "internet governance," the challenge of globally regulating one of the few things on the net that many people feel needs some level of regulation. I was around when the service was created, and mostly through the historical accident of being on the right mailing list at the right time, was the one who proposed that we use a "dot" to divide up the levels of an internet address. So I've been thinking about this problem for a long time. At the time I also supported, incorrectly, the idea of splitting domains up by function -- commercial, educational, military etc., but I've learned. At first the DNS was run by some volunteer sites in the academic and research world. Through a series of steps, stewardship became the bailiwick of the U.S. National Science Foundation, and a contracted company called Network Solutions. From there, the U.S. government created a supposedly independent body called ICANN to oversee the assignment of numbers and names in DNS. Not many are happy with ICANN, even though it's had good people work on the problem. The problem is hard, and the hardest part about it is that many powerful special interests want the DNS to run their way. The DNS has become the white pages of the internet, and as the internet became dominant, it's become the white pages of the global economy. No surprise that powerful special interests have sprung up. How it WorksAt this point, you may want to look at a short sidebar on how DNS works because it reveals an interesting consequence of the technology -- how ICANN has no actual power, other than from a natural monopoly. Understanding the problemTo understand how to fix the problem, it's important to understand the goals that people have for DNS. There are a lot of them, some of them part of the original design, and some adopted as the public rushed onto the net. The problem of course is that some of the goals conflict with one another, and so trouble arises. The GoalsThe list of goals is surprisingly long. As such I've prepared an essay on the goals to summarize the issues. The sometimes incompatible goals I've seen expressed are domains that are reliable, readable, expressive, memorable, typable, permanent, unique, cheap, allocated fairly, low-hassle, findable, guessable, prestigious, valuable and subject to control by large corporate interests. Oh yeah, and the legacy system has to continue, too. Break up ICANN!After studying the goals and the technology, I believe the solution can be reached by what might be called "breaking up ICANN." This includes, as ICANN director Karl Aurbauch has proposed, splitting ICANN's technical functions such as IP address management and root server maintenance into independent bodies, but also splitting the management of the most contentious sector -- naming. In effect, allow a moderate to large number of largely autonomous, competing name managers. Each could have its own system, its own rules, its own prices and its own dispute resolution policy. Each would innovate and price to attract users and win the competitive battle. Some might be almost identical in function, others might be quite radical. Each would have its own brand -- as a top level domain, and be fairly free about what was done below it. The stripped down remains of ICANN would be a trans-national organization, beyond the power of any single national government, which would exist only to maintain the root servers and to assure that the competing name companies remain on a level playing field. How do we keep the competitive naming companies on an even footing? Monopoly was the problemAfter examining the situation for some time, I concluded that most of the problems result from the fact that the way we're doing DNS today grants some inappropriate monopolies. DNS has become the most important naming system in the world. Yet when we created it, we ignored the lesson of centuries of experience in other naming systems. Control of a top level domain has become a monopoly on certain types of names on the internet. And as names on the internet have grown in importance, this translates into a monopoly on the sort of naming everybody wants. When a top level domain (TLD) has a meaning, as in ".com is the place for commercial domains," this implies that the entity that controls .com has a monopoly on the most desired names for commercial efforts. When the TLD ".museum" is granted, the entity controlling it will own a form of monopoly on naming museums on the internet. It's true that a museum can also get a name inside ".org" or ".com" or other TLDs, but the use of the generic English language word "museum" for a TLD implies a unique importance to such domains. In effect, ICANN has a monopoly on all DNS naming. That monopoly extends down further. If somebody registers the domain "modernart.museum" then they will have a monopoly on that name when it comes to naming things on the internet, and now thus the world. The owner of "drugstore.com" has a monopoly on what everybody would guess as the internet name for a drugstore, and they know it because they paid a lot for it. The domain namespace is infinite, but we created an artificial scarcity by letting people fight for a space that's not infinite -- names which have already got generic meanings. Fanciful namesIt turns out that this is not a new problem. It's a problem that was solved centuries ago, as people sought to name products fairly and without confusion, but we ignored the solution. Trademarks give limited monopolies on names too, in various fields of commerce. They are usually bounded geographically, and normally they only exist in commerce, but nonetheless they are monopolies. If you get ownership of a trademark like "Apple Computer" then nobody else, legally, can use the word Apple in naming a product in the computer industry. Trademark law established a good principle. Nobody can get trademark ownership of a generic term. If a term has a real-life inherent meaning in the commercial area you're applying it, you can't own it as a trademark and get a monopoly on its use. You can use it, but so can anybody else. However, to help make this concept simpler, let's start with a rule that, while probably too strict, can be agreed upon by everybody as fair. This would allow any name reseller to have a TLD which is totally made up -- it never existed before. A simple and highly reliable test would be to check if the proposed TLD exists (with and without spaces in the likely places) in the Google search engine or other major search engines. If nobody but the proposer has used the term on the web, we can be pretty sure it's not a word or phrase in any language, nor being used as a name by anybody in the online business. It turns out this is not that hard to do. It's easy to find nonsense words that are easy to pronounce but have never been used. In trademark law, this is called a "fanciful" trademark, and its one of the strongest kinds. As it turns out, I don't think we have to be that strict. I think a workable test would be "Is the proposed TLD a valid non-generic trademark in the global directory and naming business?" The rules for this are more complex, so I have split out this sidebar on the issue. You may wonder about the above example, since Apple is an ordinary word. Apple Computer's trademark, however, only applies in the computer industry. In spite of what you might think, they don't own the word "Apple" on its own, they only own it when it comes to computers. The word "apple" has no meaning in the computer field. Within that sphere it's just a random word. So it's a suitable trademark. Apple Records, the Beatles' label, owns the trademark in the field of music. You could not, for example, get a trademark for a "Binary Computer." "Binary" is a word that has real meaning when it comes to computers, and even if you try to pretend you own that name, anybody making a binary computer can call it that. Nobody is allowed ownership of the word "binary" when it comes to computers. Yet in DNS we have let people get ownership of ordinary words or special words with established meanings. Apple Computer's ownership of "apple.com" means that Apple Records, Apple Auto Glass and the Washington Apple Board can't have what they would view as the obvious name for a commercial entity known by the name "apple." It's my contention that most of the problems in DNS have come from us ignoring the lesson of trademarks, and letting people have monopoly ownership of generic words and phrases. By saying, "there is one proper domain for commercial domains, named .com" we made every domain within .com a monopoly over that name in the commercial space. That included both generic terms, and even non-generic terms which have different meanings in different commercial spaces. The AnswerIf you've read the sheet of goals you might quickly conclude that there's no way to reconcile all the goals in one place. And indeed, within one hierarchy like .com there is not. And alas, there is no way to reconcile the other goals with the goal of control. If powerful forces decide that not only do they want certain names for themselves but that there is a range of domains that nobody else can have, in no directory in the world, nothing can reconcile that desire except an equal amount of power allied against it. Nonetheless, I believe the right answer is to allow lots of competing systems. Different TLDs in which different sets of goals can be attained. Completing ICANNs, each with its own rules, and each with its own brand-name TLD. Thus, it is important that no one TLD be given an inherent advantage over any other TLD. Aside from the value of the goalset and rules it chooses, and the value it builds for itself over time, no TLD should be a better place than another for somebody seeking to register a domain name. TLDs, as it turns out, are lookup-tables or directories, much like telephone white pages. As such, their names should be names that would be suitable trademarks for a directory service. A Diversion -- Meaningless TLDsOne way to do that would be to just make all the TLDs meaningless. For example make them random numbers, or strings which don't show up in a current "google" search. Such TLDs would be pretty much guaranteed to be meaningless in all languages, and not in use online by anybody else. As such, giving them to their first claimaint is entirely fair. Any name formed with such a TLD could not be generic because it contains this clearly meaningless component. And there would be an infinite space of names to register. Companies would compete and gain customers by giving the best service, the best rules, the best marketing. However, names like these would, by their nature, be not very easy to use. They would be hard to type and remember, and for little reason. Fortunately, there is another discipline which has worked out well established and time-tested standards for how to allocate more pleasant terms in a non-generic namespace. It's trademark law. Brand-Name TLDsThe way to do that is to make the TLDs have no semantic meaning. They must be terms for which one could get a global trademark in the directory business. Just like in trademark law, they must not themselves be be generic terms with inherent meanings. Their meaning and value must derive from the work done by their creators. What are such terms? Well, many exist already. For example, Dunn & Bradstreet is a well known trademark in directories. If they wished to run a TLD called ".dunn" it would be appropriate. Another might be ".yahoo" to be run by the well known web directory company. Even though "Yahoo" exists as an exclamation of joy and as the name of a race in Gilliver's Travels, it does not have a generic meaning when it comes to naming and directories. Network Solutions might wish to run ".nsi" and the World IP Organization might want to run ".wipo" by its rules. The phone companies might create ".yellowpages" for their (shared) well known trademark in the directory business. And of course, newly created directory companies could create marks using any non-generic term. What's more important is what should not be a TLD. You should not create ".museum" because you could not trademark a directory of museums called "The Museum Directory." Anybody is allowed to call their museum list that. And of course the idea that there be one right directory for commercial sites (.com) was in hindsight a grand mistake. Adding similar words like ".biz" and ".firm" helps slightly, but doesn't really solve the problem unless there are scores of them, all of equivalent merit. Due to the cachet of ".com" this has become impossible. Most of the existing TLDs have meanings, and thus have some inherent advantage over the others. ".com" is viewed as the right place for a business to have a domain, and the proposed TLDs like ".aero" and ".museum" will be viewed as the one best place to have a domain in aerospace or museums. Nobody should control a monopoly on the use of a generic term in something that's become such a vital part of society as names on the internet. There is no technical reason there can't be many TLDs. So let there be many, each on equal footing, with no value or meaning than what it builds for itself. DiversityThis allows all sets of goals to coexist -- other than those which want to stop other people, anywhere from using a name. One TLD, perhaps ".wipo," might advertise that it gives strong power to trademark holders. Trademark holders might gravitate there because of those rules, and thus domains there might garner prestige. It could have the strongest anti-cybersquatting rules on the planet. Another TLD might issue simply plain random numbers as domains. With no meaning, they would be totally dispute free, unique and permanent. They would also be extremely cheap, possibly free. These might be suitable as another layer of indirection, letting users create URLs they know will be permanent. Bob Frankston has enumerated the virtues of such a system. Another TLD might focus on typability, assuring that when you get a domain, all the domains that sound or look the same, and even the typos on them also point to you. These would be great domains to use in ads on the radio or on billboards. Most systems might allocate "first come first served," but some system might require each domain to contain a non-semantic string (such as a number or unrelated word) to disambiguate it from others. So that while in this domain nobody could own the word "drugstore," not even the party who asked for it first, lots of people could use the term "drugstore" in combination with another term. This was in fact the system first proposed by the RealNames company for their directory. And I am sure they would want to have a TLD in which to pursue it. (Though .realnames is too generic in my opinion, but .centraal, their original name, would be fine.) Imagine a company called .bestsite ("best" in spite of its generic meaning is often considered brandable because there are many interchangeable words of the same order. Thus we have a store called "BestBuy") They promote that if you go to drugstore.bestsite you will get the best drugstore. If you got to books.bestsite the best bookstore, etc. Perhaps they spend a fortune to advertise that idea, and then stores pay heavily in the domain. Let them do this if they can sell it. Some TLDs might specialize in freedom of expression. Or in high reliability. Some might offer guessable domains to the highest bidder, which is another definition of "fair." And of course, some TLDs would want to focus on certain industry sectors, and try to become "the" TLD of choice for holders of a certain type. As long as they do this by building a reputation, or good marketing, and thus beat the competition, there is nothing wrong with this. Imagine the Persian Kitty company, which has a leading directory of sex sites, wants to create ".pkitty" or some similar name. They won't be the only TLD for sex sites, but perhaps they can develop a reputation as the best, so that people pay a lot for domains like "hotwomen.pkitty" within their purview. That's OK. What's not OK is giving some operator a domain like ".sex", and thus monopoly ownership of that ordinary (or extraordinary) word. A TLD like ".sex" would be desired and important regardless of how well it is operated or how popular the rules under which it runs are. If ".pkitty" does a bad job, then perhaps ".playboy" will take over the market from them. That's as it should be. (The other reason .sex or .xxx are bad ideas is that because what they mean is a favourite target of censors, creating such domains just puts a big "censor me" sign on those who use them, and a greater legal risk on those who don't.) A few minor rulesThe remaining, minimalist ICANN would enforce a few rules on the competing naming companies. You'll note above I suggested a TLD ".playboy" (owned by the magazine) even though that's an ordinary word. Ordinary words can be trademarks if they don't have an inherent meaning in the industry in which they operate. So while one could have "The Playboy Directory" of sex sites as a trademark, one could not use it as a trademark for a directory of actual affluent sexually active men. In that case it would be generic. Fortunately these rules of what can be a trademark are well established and there are courts to enforce them, though admittedly they are not fully international. Another minor rule will be the requirement that any TLD be almost entirely for resale (or giving away) of subdomains. No getting a TLD just for yourself or your company. Otherwise, all the big companies would want their own TLDs, like ".ibm" and ".ford", which just takes the .com problem and moves it up a level. There is a debatable question of whether a domain that does a tremendous amount of legitimate resale might use some subdomains for its own businesses. The resale rule, strictly read, would allow .yahoo to have nic.yahoo for buying domains, but would force the Yahoo search and directory pages that exist today into a different TLD. It should be possible to relax this so that Yahoo could appear inside .yahoo, but IBM would not be allowed to get .ibm just for their own internal use. Of course, TLDs would have to pay something. Enough to support the root servers and a reasonable fee for the oversight committee (the new ICANN.) The biggest part of that fee would be to handle the court costs of setting the legal precedents to protect committee members from being sued when somebody has an issue with an individual TLD. The fee would also stop the number of TLDs from exploding to an overwhelming number. There's no technical reason the number can't be huge, but for human beings it's easier if the number can be grasped, because people have to remember these names. TrademarkTrademark law doesn't go away under such a system. If somebody uses a domain in a way that violates a trademark, the holder is still free to sue in trademark court to get them to stop. In addition, some domains will have dispute policies which favour trademark holders and some will have ones that don't. The courts, of course will always rule. The big question is what happens to TLDs that don't have dispute policies which give favour to rich and powerful trademark holders. The danger is that the holders will sue the TLD company as well as the violator. The hard truth is that this system, and most others, can only work if the courts with jurisdiction over the TLD holders decide that this can't happen, or more probably, can only happen under certain circumstances. Once these precedents are established, most TLD holders will adopt dispute resolution systems that match what the courts say their duties need to be to avoid being party to the lawsuits. One would hope the courts would not put much liability on the directory companies. In paper, they don't. If the yellow pages takes an ad from somebody that ends up violating a trademark (as often happens) the holder doesn't sue the yellow pages and make them recall all phone books. We don't make printing companies check for trademark violations in the real world. Then trademark holders will try the dispute policies, and if those fail, they can try the courts to force the holder of the disputed domain to give it up. (The TLD operator would of course comply quickly and easily with the result of such a case, without having been party to it.) Research is needed into existing precedent in this area, in jurisdictions where TLD holders, and the minimalist issuer of TLDs will live. ICANNThe new ICANN, which I call NOVAM, under this system is minimalist. It simply verifies that a proposed TLD is indeed not generic for the type of subdomain that will be sold within it. If it isn't, it collects the fees and adds the TLD. It also needs a small enforcement branch able to revoke a TLD, after due process, if a company is not mostly reselling, or starts using the TLD in a generic way. Of course, a simple way to assure TLDs are not generic would be to make them all be made-up terms and words. For example, any word or phrase that doesn't yet exist in google is assuredly not a word in any language, and not currently being used as the name of an online directory. The main concern is what happens when a lawsuit against a TLD is percolated up to the root. This organization must exist in a jurisdiction that will define a clear precedent that it is not a viable party to suits as long as it follows its rules to make sure TLDs are not generic. Or the organization could exist in no jurisdiction at all! Here's a description of how. Legacy TLDsSome existing TLDs, like .com, .org, .edu, .int and .mil, along with some of the newly proposed TLDs, do have generic meanings, or acquired them as the abbreviations become famous. This presents a problem in that this is unfair. Unfortunately, barring new domains within them is also unfair and gives the existing names even more prestige. We may accept this as a legacy fault, and hope that over time other TLDs will reduce the value of the legacy domains, or we may try to exploit their value. For example, so long as these domains need some threshold of dominance, such as percentage of active domains, or statistically measured percentage of web hits or emails over a certain value, they can be considered to be exploiting their legacy monopoly status. As such, the registry of these domains should pay more (based on the percentages) and in effect subsidize the other TLDs. In fact, quite possibly the Brand-Name TLDs would not have to pay at all, and might even be paid for what they register so that new domains in the brand-name TLDs are free while legacy 2nd level domains cost money. The many registrar, single registry system is also a good step, though again, part of the mandated monopoly that, for example, NSI has on .com. While the monopoly remains strong, it should pay to subsidise the rest of the system. The country codes also have meaning, but they fit so well with the system of law that they should continue. In effect, each country can claim to own the rights to its two letter country code, and thus fairly can control what's under it. Since no other party can really claim those rights (civil wars notwithstanding) these legacy domains can exist. However there is an argument that it's not always easy to tell just who is the authority that "owns" the name of a country. For example, the United States government does not own the name of the USA, it belongs to all the people. If there is dispute about who owns a country name, then one answer is just to not have a country TLD. Branded TLDs that specialize in that country can instead compete. If the government wants to pass a law blessing just one of them, so be it. The net need have no participation in that process. Generic TLDsAre there any generic TLDs, aside from country codes, that don't grant an unfair monopoly to their manager over some ordinary term? Probably not globally, though they could easily exist inside countries. For example, within the USA, the term "inc" is legally permitted to only be used in a name by an incorporated company, and their names are registered with the states and assured unique. So a domain like ".inc.ca.us" for corporations in California, USA could exist because it would be owned by the secretary of state for California, the only party legally allowed to hand out names for California corporations. But there are very few generic words, in the global sense, that some party already owns and thus deserves a monopoly on. Abbreviations and Global TrademarkOne unfortunate problem is that while some organizations have or might develop established brand-names for their directory services, many will want to use their abbreviated name -- in particular their initials -- for a TLD directory. Often the initials are much easier to type. This problem also comes up in trademark law of course, since many companies with fine trademarked names have the same initials. In trademark law is where this question should remain. However, right now there is not really such a thing as a global trademark. At best there are large brands that establish themselves in every trademark jurisdiction. For new brands in the domain business, web searches can fairly easily spot if somebody is using the name in any sort of directory context, and spot any possible generic uses for it as well. NOVAM might very well then have agents in all the major countries who register the first domain in a new TLD, to establish the mark in that country under its laws. Of course, if a country with common law trademark law presents that a TLD is not a valid brand in their country, there is a conflict with no easy solution. That will be up to NOVAM. NOVAM might at a minimum tell the company not to register domains from that country, or encourage the holder in that country to register within their country code. It might also decide to pull the domain, if it was somehow a case of cybersquatting that got past them. However, little should get past them, because the number of TLDs will still be manageable due to the cost and the resale agreement. A number quite suitable for manual inspection. Replacing ICANNUnfortunately, due to the pressure from the special interests, I don't think ICANN will suddenly vote to move to a diversity-tolerant system like the one I've described. So there is another way. As I noted in my essay on how DNS works, ICANN does not have any actual direct power. Their power derives from the natural monopoly that comes from the desire of users to have a consistent root. So a new ICANN would be declared, or what is known as an "alternate root." Many have tried this before, and ICANN quite dislikes it, but they mostly fail because fracturing the net is not in anybody's interests. You need a serious groundswell of support before people will do it. You need to engineer a massive switch, with a critical mass of major ISPs and other sites switching to the alternate root, so that others are not scared to do so. To make this happen, we would need to charter and found this new DNS oversight organization. It would be structured to be ruled by a trusted global committee spread over the world. And it would be expected to stick by its charter of handing out non-generic TLDs freely to resellers who pay the proper supporting fee. I'll dub this organization NOVAM, to imply a new naming system. NOVAM would create a set of root servers that include all the current TLDs and country codes. Anybody could switch to this system at any time and see the same names everybody else sees. It would then start accepting new, brand-name TLDs. NOVAM would not be able to charge the existing TLDs a fee to be listed in their root servers, since at the start, NOVAM would need the existing TLDs more than they need it. It would declare that they could be listed, free of fees, for some period of time, such as 5 years from the date it goes live. That means the new TLDs would have to pay the (not that high) cost of NOVAM at the start, unless some charity is willing to make this happen. Now comes the hard part. Major ISPs, corporations and other large sites must endorse the philosophy of NOVAM. They must switch to its root servers. This must continue until a critical mass is attained, so that people are actually willing to create and use domain names in the new TLDs designated by NOVAM. So far, no alternate root has been this successful. If an alternate root is not widely used by ISPs, the names unique to it are near useless. You can't put them in URLs, can't use them as your E-mail address for fear that most people will get an error when they use them. One alternate root, new.net, has tried to solve this problem by saying that all their domains also work if you append ".new.net" to the end of them. That may be worth emulating. NOVAM may succeed where new.net does not because new.net is just another commercial organization trying to grant its own monopolies on the namespace. It's more liberal than ICANN and NSI, but it's really just another example of the same animal. Alas, the same is true of most of the alternate roots -- they all grant monopolies on generic terms, just asking for all the problems that come with this error. ICANN's failures came because it controlled those monopolies and thus became subject to pressure from powerful special interests. Most alternate root plans will suffer the same trouble. Critical mass, as described above is large. Once reached, however, if a major site decides to use a new domain found only in NOVAM and not in the ICANN/NSI roots, suddenly those who didn't switch over feel a lot of pressure to switch. There is no reason for them not to stitch unless they hate the philosophy of diversity behind NOVAM, or are subject to pressure from those who do. Once they start getting errors when they click on web pages, they will pressure their ISP to switch. However, the first site to advertise a domain in one of the new NOVAM TLDs will need courage, for it will annoy some of its users. As such, this needs to be a site where the users need the site more than the site needs the users. Such sites are rare but do exist. Of course, it's possible that ICANN or its masters in the U.S. government might agree with the philosophy of this plan and arrange an orderly switch. I don't expect it, though. |