Home page logo

nanog logo nanog mailing list archives

Response to NOI from NTIA on DNA
From: "Jay R. Ashworth" <jra () scfn thpl lib fl us>
Date: Wed, 9 Jul 1997 12:26:52 -0400 (EDT)

... and if the VC gets the VP who's here on the QT we'll all get put on KP.


Follows a fairly long message containing my comments and opinion
subject to a Notice of Inquiry issued by the US Government's NTIA
(which means something, but I forget what.)

The rough idea as I understand the NOI is "you Internet people got
important, and you seem to be having trouble sorting out your domain
name registration management stuff.  Do we need to step in and help
you?"  (read: tell you how to do it)

I'd appreciate any comments y'all care to make on this, either
technically, stylistically... or simply pointing out stuff that my
spell checker missed.  ;-)  My intent is to hit somewhere about halfway
between formal corporate comments and much of the self-interested,
poorly thought out garbage the website show that they've been getting.


(which URL worries me all by itself, but...)

-- jra
Follow my comments on the Notice of Inquiry concerning Domain Name
Service management.  I speak as a commercial consultant on
internetworking and computer systems design with 15 years experience.

I've used the "call and response" format customary to Internet email;
hopefully, my responses will be comprehensible, rather than compost.

   Various private sector groups have proposed systems for allocating and
   managing generic top level domains (gTLDs). The Government is studying

Actually, the initialism "GTLD" is customarily understood to mean
"Global Top Level Domain".

   A. Appropriate Principles 
   The Government seeks comment on the principles by which it should
   evaluate proposals for the registration and administration of Internet
   domain names. Are the following principles appropriate? Are they
   complete? If not, how should they be revised? How might such
   principles best be fostered?
   a. Competition in and expansion of the domain name registration system
   should be encouraged. Conflicting domains, systems, and registries
   should not be permitted to jeopardize the interoperation of the
   Internet, however. The addressing scheme should not prevent any user
   from connecting to any other site.

   b. The private sector, with input from governments, should develop
   stable, consensus-based self-governing mechanisms for domain name
   registration and management that adequately defines responsibilities
   and maintains accountability.
   c. These self-governance mechanisms should recognize the inherently
   global nature of the Internet and be able to evolve as necessary over
   d. The overall framework for accommodating competition should be open,
   robust, efficient, and fair.

These first four points are platitudes... but they're well thought out
platitudes.  :-)

   e. The overall policy framework as well as name allocation and
   management mechanisms should promote prompt, fair, and efficient
   resolution of conflicts, including conflicts over proprietary rights.

This is well phrased, but will be quite difficult to manage in
practice.  The precise reasons why, I'll take up shortly.

   f. A framework should be adopted as quickly as prudent consideration
   of these issues permits.

In light of the current travails with NSF contractor Network Solutions,
yeah, this is a good idea, too.

   B. General/Organizational Framework Issues
   1. What are the advantages and disadvantages of current domain name
   registration systems?

From an operational standpoint, the major disadvantage to the current
registration system is that Network Solutions appears, based on reports
from a statistically significant number of it's customers, incapable of
providing reasonable customer service, from a standpoint of response
time if no other.

If a request is at all out of the ordinary, the systems in place at
NetSol are guaranteed to both mishandle it and delay it.  Even normal
requests are often troublesome.

For example, NSI apparently has an undocumented policy of allowing
the "Host Registration" necessary to use a host as a DNS server to be
done only once for any given IP address.

I'm involved in a situation right now where administrative control of a
network is about to change hands, and I attempted to register two hosts
in that domain to use as servers.  The two registration templates
templates were sent out within 60 seconds of one another, the
"automated acknowledgement" messages came in 2 and 9 hours later
respectively, and 3 _days_ later, _one_ of the registrations was
acknowledged.  The other registration vanished into limbo, and 60
minutes of toll phone calls a week later were necessary to discover
that the registration was bounced "because another host is already
registered with that address".

Inasmuch as the very DNS system these registrations were intended to
support allows multiple names for one address, this is puzzling, but
the lack of response, the lack of documentation, and my total
inability to successfully contact anyone in authority to discuss the
matter are unconscionable.

It _has_ to be possible to provide better customer service than this...
with a $50M annual revenue stream.

From a _structural_ standpoint, the current Domain Registration system
is deficient primarily in it's centralization.  Many other components
of the Internet have evolved over the course of the last 20 years, but
DNS and registration administration is just now reaching it's adolescence.

The other major, and probably insoluble, problem is that the DNS system
uses names as addresses.  The problem is that names can change, and
addresses usually shouldn't.  The quintessential example of this is
professional service companies like law firms.

When Trenam, Simmons, Kemker, Scharf, Barkin, Frye and O'Neill loses a
partner and becomes Trenam, Kemker, Scharf, Barkin, Frye, O'Neill and
Mullis, what do you do with all that stationary... and more to the
point, all those bookmarks and web index engine entries, that say
"trensim.com" (or "tsks.com", or whatever)?

But it's _way_ too late to do anything about this now, and I'm not sure
there ever was a time when it wasn't.

   2. How might current domain name systems be improved?

Caution is needed here; what's at odds is primarily the registration
systems that underlie DNS, not the technology itself.

It's difficult to answer this question without getting "personal" about
NetSol; the primary improvement I can see at the moment would be for
NSI to start earning the incredible amount of money they unilaterally
decided to charge for domain registration service.

The other answer to this question is global, and the primary target of
this NOI; I'll return to it after building some more ground work.

   3. By what entity, entities, or types of entities should current
   domain name systems be administered? What should the makeup of such an
   entity be?

There have been half a dozen proposals made for a restructuring of the
DNS registration services infrastructure.  Of all the approaches I've
investigated, I believe that the Denninger/Postel Internet Draft on the
topic is the best thought-out, and most comprehensive.

Extreme care is necessary here: one of the reasons that the Internet
has successfully scaled to the degree that it has in the short amount
of time it took is that the underlying foundations of the protocol
designs and their implementations were subject almost entirely to
engineering discipline; commercial and (say it softly) political
concerns were ignored.

Make no mistake, the expansion of the DNS registration infrastructure
which everyone agrees is necessary must take commercial concerns into
account... but it _MUST_ be designed by engineers; it's an engineering

We don't allow politicians to design interstate highways.

   4. Are there decision-making processes that can serve as models for
   deciding on domain name registration systems (e.g., network numbering
   plan, standard-setting processes, spectrum allocation)? Are there
   private/public sector administered models or regimes that can be used
   for domain name registration (e.g., network numbering plan, standard
   setting processes, or spectrum allocation processes)?

These issues are covered in the Denninger/Postel draft, but I'll note
that while the primary concerns are infrastructural, and thus engineering,
the main secondary, operational, concern is that of validation of
registration entities, providing for a common set of clearly enumerated
policies (for things like trademark disputes) which all registration
entities must agree upon(/have imposed on them).

                                                          What is the
   proper role of national or international governmental/non-governmental
   organizations, if any, in national and international domain name
   registration systems?

From an operational standpoint, there _must_ be some centralized agency
with responsibility for the "ownership" of the root of the DNS
namespace (commonly, but incorrectly, referred to as ".").

However, this agency's sole duty should be to delegate it's authority
to TLD registries and arbitrate disputes.  The design of the system and
the charter of this board should be such as to make it structurally
immune to litigation about issues like, for example, trademarks.  It
must have both the authority and the resources to reassign or
temporarily support any domain whose registrar become unable to continue
it's services.

Two points are important here: 

1) Registry services and DNS service provision are related but need not
be combined: it's possible to envision an environment in which
registries contract out the actual provision of DNS root services to a
technically competent third party, thus isolating customers from
business problems at the registry entity, and

2) Regardless of the legalities, domain names are being viewed as
property by their holders, and substantial investments are being made
in them, primarily in publicity, but also in customer mindshare.  The
nature of the net is such that it depends on this behavior, and
therefore it must be taken into account when prioritizing such items as
continuance of service.

   5. Should generic top level domains (gTLDs), (e.g., .com), be retired
   from circulation?

I think not, for the reasons enumerated above.  Many companies are
actually _named after_ their domain names; and while "no law guarantees
that anyone will be able to continue making his living in a certain
manner" (Judge Learned Hand), neither are flag days looked upon kindly;
justification for such things must be reached by consensus.

                     Should geographic or country codes (e.g., .US) be

See above; ie: no.

             If so, what should happen to the .com registry? Are gTLD
   management issues separable from questions about International
   Standards Organization (ISO) country code domains?

I don't see any good reason to need to separate the topics; the
parallel structures don't seem to be what is causing the problem.

   6. Are there any technological solutions to current domain name
   registration issues? Are there any issues concerning the relationship
   of registrars and gTLDs with root servers?

The current issues appear to be architectural and commercial, rather
than technical, and therefore require architectural solutions.

   7. How can we ensure the scalability of the domain name system name
   and address spaces as well as ensure that root servers continue to
   interoperate and coordinate?

These are mostly technical questions, and I don't claim to be an expert
on the topic, but if I don't see the names Vixie, Halley, Margolin, and
Liu on any paper asserting to answer this question authoritatively,
I'll assume it doesn't know what it's talking about.  That is: there
are experts on these topics, and anyone in authority who flouts them,
or worse, ignores them, does so at the peril of the entire Internet.

(Note to readers: there are other DNS experts, obviously; I simply
picked the top 4 I see on the mailing list as examples.)

   8. How should the transition to any new systems be accomplished?

This is already taking place.  There are root nameservers which are
_not_ authoritative for .com and the other domains currently run by
NSI; this experiment seems to be working.  There are also currently
operational root servers for view of the namespace which include
alternate TLDs, these include alternic.nic.  In short, as long as the
current operators of the DNS roots (which primarily means NSI) help
rather than hinder, a transition will be a Small Matter of Administration.

   C. Creation of New gTLDs
   10. Are there technical, practical, and/or policy considerations that
   constrain the total number of different gTLDs that can be created?

Mostly, the size of the TLD tag.  Traditionally, these have been 2 or 3
characters; the D/P draft suggests a maximum of 4 or 5, which seems
sand, but does impose an absolute limit. 

Also, this limit is smaller than it might seem it ought to be: all
components of domain names _must_ be pronounceable.  This is more a
social limitation than a technical one (indeed, the software doesn't 
care), but it's a requirement nonetheless.

   11. Should additional gTLDs be created?

Let's be careful here: the same namespace issues apply to TLD's that
apply to Usenet newsgroups: creating new ones without extensive
discussion and justification ought to be _expensive_ and _time
consuming_.  Much too little concern is given to namespace control...
which isn't surprising; it's an architectural issue, and most people
aren't architects.  But it's nonetheless crucial to the ongoing
simplification and "consumerizing" of the net of the net.

Case in point example: ".firm".  Is there really anyone who's
_thinking_ about this, who doesn't know which company will register
"ibm.firm" the second it hits the table?  They've probably got an
employee whose job is nothing else, by now.

That is to say, "horizontal" segmentation of the namespace will not
work; the problems are identical to those in the botched release of the
888 toll free NPA.

Who owns 1 888 FLOWERS?

And ".nom" is simply stupid.

However, in the grand scheme of things, yes.

   12. Are there technical, business, and/or policy issues about
   guaranteeing the scalability of the name space associated with
   increasing the number of gTLDs?

Well, it's likely that as long as the scaling doesn't go too fast, the
technology and policy issues involved can keep up with it.  Ensuring
this is probably the job of whatever group gets appointed to own the
root of the namespace.

And I'll say this again.  This is an architectural function.

Would _you_ want to live in a house designed by a politician?

   13. Are gTLD management issues separable from questions about ISO
   country code domains?

No; ISO3166 registries already exist, and by their nature, probably
should have their policy making continue unimpeded by any except
technical considerations.  The only control that appears necessary is
the "we're the new government, delegate to us now" sort of incident...
and this is large enough that it doesn't really matter _who_ has the
responsibility... professional diplomats will be the implementors.

   D. Policies for Registries
   15. Should a gTLD registrar have exclusive control over a particular
   gTLD? Are there any technical limitations on using shared registries
   for some or all gTLDs? Can exclusive and non-exclusive gTLDs coexist?

I should think that it would be difficult to have more than one
registrar for a TLD.

The difficulty can be better illustrated by observing that there are
three functions performed by registrars:

1) Policy and administration,

2) registration operations, and

3) nameserver operation.

The first is the largest problem, and for technical reasons, the
current implementation of DNS makes division of number 3 difficult as

   16. Should there be threshold requirements for domain name registrars,
   and what responsibilities should such registrars have? Who will
   determine these and how?

Yes, there should.  There is some merit to the idea, possibly original
to me, that these threshold requirements should be a contractual issue
between the registry and its clients (with the exception of
grandfathered TLD's, of course).

Since these requirements are to protect the clients, the only reason I
can see for externally-imposed requirements are in the event that more
than one entity applies to host the same TLD name simultaneously.

Arbitrating these types of disputes would be another job of the root

   17. Are there technical limitations on the possible number of domain
   name registrars?

Only the available number of registerable TLDs.

   18. Are there technical, business and/or policy issues about the name
   space raised by increasing the number of domain name registrars?

Hmmm...  technically, yes.  It becomes necessary to uncouple the root
nameservers from the TLD nameservers.

Business?  Making sure that customers see a _reasonably_ coherent view
of the TLD namespace, from a registration policies standpoint.

   19. Should there be a limit on the number of different gTLDs a given
   registrar can administer? Does this depend on whether the registrar
   has exclusive or non-exclusive rights to the gTLD?

I believe that this is a question of workload and the ability to handle
it.  I _do_ think that a raw numerical limit wouldn't work the way it
was intended, as there are groups of TLD's that comprise a "concept",
which probably ought to be administered together... like, for example,
.am, .fm, .tv, .news and .mag.  These also comprise a good example of
TLDs which ought to have special policies; I, for example, would allow
in the first three categories only customers who could document an FCC
broadcasting license for the appropriate domain.

   20. Are there any other issues that should be addressed in this area?

Probably, but I'm pretty certain that the D/P draft addresses them.

   E. Trademark Issues

Oh, God.

   21. What trademark rights (e.g., registered trademarks, common law
   trademarks, geographic indications, etc.), if any, should be protected
   on the Internet vis-a-vis domain names?

This is probably the single biggest problem with the current .com
domain.  As long as the policy is stable, and well documented, and
_doesn't change on a whim_, I'm not sure it matters.  The market will
fix any inequities here.

The reason this is really a problem, though--as is a surprise to no
one--is one of jurisdiction.  There are hundreds of geographical
jurisdictions for trademark control, and usually, the geographical
separation involved is enough.  "Smith's Plumbing" in Alaska probably
cares very little about competition from "Smith's Plumbing" in

And then along came the net.

There's no perfectly satisfactory solution... 

But disabling a domain name's service that a customer has both paid for
and advertised extensively, without warning, or right of contest --
NetSol's policy -- is simply _not_ acceptable.

   22. Should some process of preliminary review of an application for
   registration of a domain name be required, before allocation, to
   determine if it conflicts with a trademark, a trade name, a geographic
   indication, etc.?

Nothing would ever get registered.  _Everything_ conflicts with
something, somewhere on the globe.  In the course of ordinary business,
these factors are the responsibility of the business, I see no reason
why they shouldn't stay there.

                         If so, what standards should be used? Who should
   conduct the preliminary review? If a conflict is found, what should be
   done, e.g., domain name applicant and/or trademark owner notified of
   the conflict? Automatic referral to dispute settlement?

Anything except the sudden "On Hold" will be fine, thanks.

   23. Aside from a preliminary review process, how should trademark
   rights be protected on the Internet vis-a-vis domain names? What
   entity(ies), if any, should resolve disputes? Are national courts the
   only appropriate forum for such disputes? Specifically, is there a
   role for national/international governmental/nongovernmental

Alas, (I say alas because countries have a disturbingly long history of
not being able to agree on these topics), I don't think anything except
an international body of some kind will have jurisdiction.

   24. How can conflicts over trademarks best be prevented? What
   information resources (e.g. databases of registered domain names,
   registered trademarks, trade names) could help reduce potential
   conflicts? If there should be a database(s), who should create the
   database(s)? How should such a database(s) be used?

This is actually a question of intellectual property rights management,
not one of technology per se, nor the Internet, per se.

Check with Carl Oppedahl; he makes a living on this stuff.  :-)

   25. Should domain name applicants be required to demonstrate that they
   have a basis for requesting a particular domain name? If so, what
   information should be supplied? Who should evaluate the information?
   On the basis of what criteria?

This is a difficult question to answer.  It might help, but I feel that
the net is a hotbed of opportunity for entrepreneurialism, and
entrepreneurs often do the legal paperwork last.

Besides, this would impose one more load on potential registrars.

No, it's probably a good idea, but I'm not sure it's feasible.

   26. How would the number of different gTLDs and the number of
   registrars affect the number and cost of resolving trademark disputes?

I think the root-ops would have to make the appropriate arbitration
policies and require TLD registries to adopt them as part of their

   27. Where there are valid, but conflicting trademark rights for a
   single domain name, are there any technological solutions?

Nope.  Modify the name in some fashion.  A client is an Allied Van
Lines moving agent.  When Allied went to request a domain name, 
{allied,avl}.{com,net} were all taken.  On bad advice, they registered
alliedvan.net, which they've since modified to the more expected
alliedvan.com.  It isn't great, but the other registrants had good
trademark claims to the other names, as well, so Allied Did The Right
Thing, and solved it's problems by clever _use_ of the technology,
rather than in court.

Note that that's not a "technological fix"...  it's simply an
intelligent _use_ of technology that already exists.

Another example: that client is on the net as well.  When they went to
apply, they discovered that "blocker.com", the appropriate domain name
for this 99 year old company, was already taken...  by some "name
registry company" in Canada for an unknown, and possibly non-existent
client.  So, taking advantage--again--of a little common sense, they
registered "blocker100.com", "in recognition of their upcoming century

   28. Are there any other issues that should be addressed in this area?

Dozens, but they haven't all come up yet.

Copies of the Denninger draft are available from www.alternic.net, the
Postel inet-draft is in the usual places.

And in closing, allow me to compliment NTIA for soliciting, and indeed
_allowing_ the submission of comments electronically; this much
improves the chances you'll get what you're looking for.  Hopefully, my
comments will prove useful, informative... and not too derogatory to
NSI.  :-)

-- jra
Jay R. Ashworth       High Technology Systems Consulting              Ashworth
Designer            Linux: Where Do You Want To Fly Today?        & Associates
ka1fjx/4    "...short of hiring the Unabomber, how can I       +1 813 790 7592
jra () baylink com              get back at them?" --Andy Cramer        NIC: jra3
Jay R. Ashworth                                                jra () baylink com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "People propose, science studies, technology
Tampa Bay, Florida          conforms."  -- Dr. Don Norman      +1 813 790 7592
Jay R. Ashworth                                                jra () baylink com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "People propose, science studies, technology
Tampa Bay, Florida          conforms."  -- Dr. Don Norman      +1 813 790 7592

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]