Radial Basis.

Foundations of Internet Governance

Foundations of Internet Governance

The complexity of global interdependencies arising from the proliferation of the Internet over the past thirty years has drastically reduced its utility as a strategic information asset to a single nation. To the contrary, the uneven distribution of power that it lends to a handful of corporations may even result in direct conflicts with its own national interests. It should be of no surprise that a responsible democracy, carrying the torch of liberty on the world stage, would finally elect to divest its interest in governance of the Internet to the greater global community in good faith. The burden now shouldered by international leadership is to effectuate the public translation of this responsibility into a transparent process-driven system of organizations that preserve and protect the interests of its direct and indirect constituents.

The scope of the transition, according to the NTIA announcement, is the fulfillment of the IANA functions Contract with ICANN and the performance of the authoritative Root Zone Maintainer functions with respect to its Cooperative Agreement with VeriSign. In its FAQ on the transition, the NTIA makes two very important statements. The first is that the NTIA's role is largely symbolic. The NTIA has no operational role and does not initiate changes to the authoritative root zone file, assignment of protocol numbers, or allocation of Internet numbering resources. The second is that the IANA functions contract are inextricably intertwined with the VeriSign cooperative agreement (i.e., authoritative root zone file management), which would require that NTIA coordinate a related and parallel transition in these responsibilities.

The United States Government intentionally segregated IANA operations, such that functions related to receiving and reporting on requests to modify the root zone file are performed by one entity, and the functions related to the modification and publication of the root zone are performed by another entity. Any good faith model for future Internet governance should aspire to preserve this operational separation, and be predicated by assurances from all parties that they will honor the authoritative root.

A unique opportunity exists to leverage the parallel transition of authoritative root zone file management onto a platform by which to build a new structure for Internet governance, complementary to ICANN, and operated by the global community through consensus. The outcome of multi-stakeholder meetings on the future of Internet governance should be a well-documented set of policies and procedures that, in conjunction with an implementation plan, effectively define an IGF sponsored organization (IGFO) acceptable as a vehicle for transition to a specified alternate entity in accordance with Amendment 11 to the Cooperative Agreement between the NTIA and VeriSign/NSI.

VeriSign remains uniquely positioned to facilitate critical security infrastructure and support the root zone management software (RZMS), within the framework of the new dual-organizational governance model. Strategic planning and source code management of the RZMS must be governed trilaterally and transparently between VeriSign, ICANN, and the IGFO. Each stakeholder should strongly promote widespread registrar support of DNSSEC and registry adoption of EPP to streamline security and provisioning automation. To enhance transparency and facilitate accountability, the RZMS should be extended to provide both the IGFO and Root Server Operators, with a secure interface to monitor comprehensive status information through the full lifecycle of delegation and redelegation processes within the IANA functions.

Although governments have a legitimate interest in the management of their ccTLDs, many stakeholders contest an obligation for preferential treatment under the auspices that these domains are often commercialized. In order to enable equitable commercialization of ccTLDs while providing for the preservation of sovereign interests, governments may publicly issue notification designating their ccTLDs as "for government use only", and cease all commercial operation through those domains. A process internal to the IGFO, and equivalent to the IANA process workflow for country-code top-level domain delegation and redelegation requests, may serve as a mechanism to effectuate a secondary appeal of government-use-only ccTLD root management zone decisions previously denied by the IANA functions contractor.

Historically, the protection of rights in the domain name space has been facilitated by mechanisms such as the UDRP. In an effort to expedite rights protection, ICANN has established the global Trademark Clearinghouse as a mechanism to aggregate and manage the distribution of Deloitte vetted trademark data to registries and registrars for use in the domain name registration process.

The Trademark Clearinghouse is powered by the TMCH database platform developed by IBM. In order to offset the potential for a single point of failure in system accountability, the IGFO must share the responsibilities for management of the database. This should be accomplished by moving the existing UDRP to the IGFO, with ultimate appellate jurisdiction for all rights protection mechanisms vested in the WIPO Arbitration and Mediation Center, and the issuance of judgment directing IGFO modification of the TMCH database.

Enabling DNSSEC at the root zone is both a significant victory for preserving the integrity of the Internet and a complex administrative challenge spanning the domains of security, infrastructure, and coordination. Globalization of Internet governance should strive to minimize the impact to preexisting structures for collaborative generation, protected storage, and authorized use of the Root Zone Key Signing Key as well as publication of trust anchors for the root zone. Beyond transferring the operation of the Root Zone Zone Signing Key to the IGFO, the practices and procedures implemented by the IGFO with respect to the ZSK must be equivalent to those implemented by its predecessor.

The performance of the Root Zone Maintainer to the standard of operational excellence exemplified by its predecessor should be realized through a comprehensive transition plan supported by a contract with VeriSign to help pilot IGFO RZM operations. The publication of the root zone must continue uninterrupted during transition testing and implementation, and thereafter its frequency and geographical diversity must at least remain unchanged. The distribution of root zone revisions should occur through a process wherein a notification of revision availability is broadcast to stealth master servers associated with each Root Server Operator, each master server may authenticate with the Root Zone Maintainer to transfer the latest revision, and each master server may randomly authenticate with one another for comparative validation of the root zone.

Root Server Operators may offer aspiring regional organizations the opportunity to host local root server instances, provisioned by the IGFO with read access to the RZMS and authentication credentials for participation in master server root zone validation. Already, operators such as the RIPE NCC are piloting member instances that enable customers to serve queries from their networks, in the case of the RIPE offering- responsive at the K-root, using equipment supplied, owned and hosted by the customer, for the benefit of their local communities.

One of the biggest challenges to the success of the IGFO's operation will be fostering local community participation. However, government stakeholders are well positioned to build sustainable, technology-oriented micro-organizations to seed participation. The requisite for community engagement may be driven by the diligent support of local academic institutions through a myriad of programs, incentivizing young adults with academic credit, awards and financial assistance, as well as encouraging them with mentors, collaboration tools and other resources. The confluence of grassroots micro-organizations with senior members of academia and industry should yield an effective stream of active participants to successful IGFO stakeholders.

ICANN's consultation based method for steering decision-making is an outstanding model to map to a conjugate entity in a dual-organizational structure for Internet governance. The definition of an IGFO must document similarly viable, regular, transparent, accessible and sustainable methods to conduct future workshops, coalitions and forums and to guide decision-making. Dual organizations mirroring effective and structured policy development processes will advantage Internet governance with the ability to interleave collaboration in such a way as to feed forward cross-organizational issues that reflect bottom up input from both sides. Although a strict policy ensuring structural, personal, and political separation of Boards is highly advisable, an organic conflict resolution procedure may intelligently leverage cross-organizational working groups while iteratively feeding back issues into each organization's process.