[NA-Discuss] A contribution to a NARALO comment on the ICANN Draft 2011-2014 Strategic Plan

Evan Leibovitch evan at telly.org
Mon Jan 10 15:09:17 UTC 2011


Hi, Eric,

Your comments are being added to the general ALAC comments on the Strategic
Plan, but we could use a little help with how they get in.

The level of detail in your comments is laudable, but can probably serve
more as an appendix than as part of the body of the main comment.

If you're arguing that there is a lack of clarity regarding strategic
objectives, let's say specifically what needs to be changed and how. You've
offered plenty of background, but no actual conclusion in the form of actual
change proposals for the Plan. At the beginning of the comment you suggest
that the Afterward contains specific recommended changes but I'm too dense
to see them. Are issues of "increased Internet access" even within ICANN's
scope?

Your assistance in percolating your comments into concrete change in the
Strategic Plan would be helpful, and most importantly it prevents the
forcing of others to pare down your words in a manner you might not find
agreeable.

- Evan





On 8 January 2011 12:36, Eric Brunner-Williams <ebw at abenaki.wabanaki.net>wrote:

> A contribution to the NARALO comment on the ICANN Draft 2011-2014
> Strategic Plan, organized as four sections, addressing the Plan Areas of:
>        I. DNS stability and security,
>        II Core operations including IANA,
>        III. Consumer choice, competition and innovation, and
>        IV. A health internet eco-system.
>
> As ICANN is known to lack strategic purpose this comment attempts to
> remove what can't usefully be strategic. An afterward states the
> author's recommendations for the organization's current strategic plan
> elements.
>
> I. DNS stability and security
>
> This section contains four strategic objectives: (i) Maintain and
> drive DNS uptime, (ii) Increase security of the overall systems of
> unique identifiers, (iii) Increase international participation, and
> (iv) Coordinate DNS global risk management.
>
> (i) The first strategic objective is unclear whether the 100% DNS
> uptime refers to the A-M rootservers, or to the
> {.arpa,.mil,.edu,.gov,.int, .com,.net,.org} authoritative gTLD servers
> which pre-exist ICANN, or to the authoritative gTLD servers created by
> ICANN, or to authoritative ccTLD servers, or to AS112, or to the
> recursive servers operated by content and access network operators, or
> ... nor where any measurement of "uptime" might be conducted.
>
> A strategic objective which is incomprehensible is usually the sign
> that the entity lacks internal clarity on the subject matter and is
> unable to prioritize and select achievable objectives.
>
> The A-M rootservers are fine, there is no urgent issue there.
> The {.arpa,.mil,.edu,.gov,.int, and .com,.net,.org} authoritative gTLD
> servers are fine too, though the .mil operations could be improved,
> and the .gov operator is scheduled to transition.
> The {.biz,.info,.name,.pro and .aero,.coop,.museum} authoritative gTLD
> servers are acceptable, problems exist but not at the level of some
> strategic effort that has to put "change" before "stability".
> The {.asia,.cat,.jobs,.mobi,.travel} authoritative gTLD servers are
> also acceptable, problems exist but not at the level of some strategic
> effort that has to put "change" before "stability".
>
> That leaves the ccTLDs, for which no "strategic goal" is possible now
> that the botched attempt to force ccTLD operators to enter into
> contracts or be unable to update their entries in the IANA root zone
> is an unpleasant memory, AS112, and recursive resolvers widely known
> to be providing synthetic (monitized) returns for most broadband users
> in North America -- a situation that does call for a strategic object,
> following through on the Board's Sydney Resolution on NXDOMAIN
> Substitution (DNS Wildcard and Similar Technologies).
>
> A strategic goal of reducing incorrect synthesized DNS responses by
> some measurable amount would be credible, and useful. Absent that,
> this is just a bag holding secondary objectives -- continuity and v6.
>
> (ii) The second strategic objective errs significantly.
>
> First, if 30 ccTLD operators in developing countries sign their zone,
> that is a poor predictor of whether when the key's for those signed
> zones expire that the 30 ccTLD operators in developing countries, who
> are generally technical assistance recipients through the Network
> Resource Startup Center, that key rollover will be conducted successfully.
>
> Second, developing countries have autonomous agendas, and if ICANN is
> flirting with returning to the unhappy model of "enter into contracts
> or else" by placing the Marina del Rey agenda for zone signing ahead
> of the autonomous agendas of developing countries, there will be
> issues. ICANN pushed cost on ccTLD operators in developing countries
> by declining to pick up the rather small costs of their participation
> in the Conficker .C response. There was some real bitterness about
> John Crain's communicating, and the color of an ICANN endorsed urgent
> communication to burn local time and money preventing bad things from
> happening to North American and European end users through spam and/or
> maleware targeting by the .C enabled users of the Conficker platform.
>
> Third, fixing .com comes a bazillion years ahead of fixing .name,
> which is larger than all 22 ccTLD operations where Arabic is the
> primary spoken language, or all of Africa, less South Africa, or ...
>
> If this were a proposal to improve the performance of some system by
> working on code paths visited less than 1% of the time, the eager to
> optimize coders without a clue would be given other responsibilities.
>
> The real item to work on here is the routing (not "resource") public
> key infrastructure, securing BGP and detecting AS Prepending attacks,
> which mercifully appear at present to be fatfinger events, not
> information operations by motivated and competent parties pursuing
> rational economic or other policy goals.
>
> The buried lede is the most important and overlooked task, and this,
> not uptime, is what is important.
>
> Fortunately, the RPKI infrastructure is being rolled-out in the ARIN
> region, and has been rolled-out in other regions.
>
> (iii) The third strategic objective makes reference to the "DNS-CERT".
>
> Please see my public comments archived in the stratplan-2010 at icann.org
> mailbox at:
> http://forum.icann.org/lists/stratplan-2010/msg00027.html
>
> The addition of the IDN version of the perenial WHOIS foodfight is a
> mistake. Whatever the value of adding UTF-8 or local encoded data into
> WHOIS output may be, it isn't DNS stability and security. This kind of
> junk detracts from the real issues.
>
> (iv) The fourth strategic objective fails to mention the Conficker .C
> facts, so the most recent "global risk management" event of import is
> overlooked. This is unfortunate as there really is a lot to be learned
> from the response, even to a non-event, about cost, timeliness, and
> accounting.
>
> Over all, there really is no reason why most of the ccTLD operators
> outside of North America and Europe should pay any attention to
> ICANN's DNS stability and security StratPlan component, and that is
> not in the public interest of North American internet users, who do
> not need ICANN to be ignoring development goals for false objectives
> and bandaids.
>
> II. Core operations including IANA
>
> This section contains four strategic objectives: (i) Continued
> flawless IANA operations, (ii) L-Root operational excellence, (iii)
> Efficiency and effectiveness of operations and (iv) Strengthen
> international operations and presences.
>
> (i) The first object posits the utility of the EFQM model to IANA
> operations, and this simply doesn't jib with my experience consulting
> on the IANA function reporting project in 2007. Further, the SLAs to
> which the EFQM might, or might not be relevant to originate from the
> IETF for protocol assignments. While the epoch in which the IANA
> function was administratively restrained from timely responses to
> requests for zone file updates from ccTLD operators until those ccTLD
> operators entered into a contract is now an unhappy memory, this too
> is an unlikely source of SLA commitments which could benefit
> significantly by the application of the EFQM model.
>
> If ICANN is to secure a renewal of the IANA contract, it is at least
> as likely that the merits of ICANN's renewal bid are the qualitative
> services necessary to manage a mixed signed-and-unsigned zones, and
> the qualitative services necessary to introduce RPKI, as the
> quantitative execution of a formal quality model indifferent to the
> current, and future services performed by the IANA function.
>
> (ii) The second objective pursues a mission outside of ICANN's core
> purpose. Running the L-Root is about as peripheral to ICANN's purpose
> as being an ICANN Accredited Registrar is to AOL or France Telecom or
> British Telecom. It simply isn't important.
>
> Next, the other root servers are run by Verisign-A, USC-ISI, Cogent,
> UMaryland, NASA, ISC, DISA, BRL, Autonomica, Verisign-J, RIPE NCC, and
> WIDE. How on earth is ICANN going to "lead by example" or "be
> recognized as a top-tier root zone manager"? What motivates ICANN to
> embark on a (probably futile) pecking order mission to provide clue to
> any of, let alone all of, the other root server operators?
>
> A reasonable strategic objective would be to find a qualified operator
> for the L-Root that would meet some unmet policy goal such as
> geographic diversity and schedule the transition so that ICANN could
> get out of registry operations and focus on its core mission.
>
> (iii) The third objective I still don't believe. What on earth does
> the IANA function have to do with the Policy Development Process the
> Names Council has adopted? The suggestion that the execution of the
> IANA functions services deliverables to the GNSO's PDP, pre- or
> post-reform, requires strategic attention indicates that either due to
> errors in wordsmithing, or leadership (of ICANN and the IANA) changes,
> that the relationship, never very significant, between the original
> DNSO, now GNSO, and the IANA, is not understood.
>
> (iv) The fourth objective mentions, inter alia, engagement with the
> IETF and the root server operators. Please add the RPKI communities of
> each of the RIRs.
>
> (v) The fifth objective is without quantifiers. What are the strategic
> goals for financial controls, capacity, etc.?
>
> III. Consumer choice, competition and innovation
>
> This section contains five strategic objectives: (i) More IDN TLDs,
> (ii) Increase Regional participation in the industry, (iii) Mitigate
> malicious conduct, (iv) Foster industry innovation, and (v) Promote
> fair opportunities.
>
> (i) When CNNIC turned on its name server constellation the ground work
> for the .中国, .公司, .网络 and .政务 and .公益 IDNs was laid. That
> the ground work lagged behind elsewhere is water under the bridge. If
> the principle of "consumer choice" is to be meaningful, it is
> consumers who's choices inform policy makers, not producer choices. At
> present more than a million users use these IDNs. The strategic plan
> should place their interests ahead of the legacy operator interest in
> capturing lucrative markets.
>
> It is impossible not to observe in passing that the strategic goal of
> "more languages and cultures" is subordinate to the strategic goal of
> a single application process, which as has been observed elsewhere,
> benefits “a group of participants that engage in ICANN's processes to
> a greater extent than Internet users generally”.
>
> (ii) Continued financial support for the NSRC's IROC, AROC, SROC
> offerings is a reasonable goal.
>
> (iii) The "malicious conduct" construct has, thus far, avoided mention
> of the causes for operational capability of actors that engage in
> conduct characterized as "malicious". It is primarily an individual
> morality construct, carefully omitting the business models which
> create the financial incentives as well as the technical means for
> "malicious conduct" on a global scale.
>
> Signing zones as a consequence of the discovery that cache poisoning
> could be accomplished in seconds is a reasonable response to the
> discovery of a economic development in attack cost.
>
> Ignoring the non-adoption of BCP-38 and other forms of industrial
> externalization of costs, to ccTLD operators in the Conficker .C case,
> is not a reasonable response to a long-standing problem.
>
> Morality as policy is fine on TeeVee. It is a profoundly dull tool for
> network policy making.
>
> (iv) No comment.
>
> (v) Reference to the area of work undertaken by the Joint Applicant
> Support Working Group is gratifying.
>
>
> IV. A health internet eco-system
>
> This section contains four strategic objectives: (i) One unified,
> global internet, (ii) Building stakeholder diversity, (iii) Improve
> communications and (iv) Ongoing accountability and transparency.
>
>
> (i) The first section contains the alarming possibility that the
> overwhelming contributions of volunteer time, paid staff, and expended
> resources committed to the new gTLD program since 2006 have only a
> "potential" to realize a single new community-based or public interest
> registry.
>
> Leaving the merits of forming corporate vision and mission from a
> sample of semi-random responses to a social networking technology that
> amounts to little more than an IRC client (who's operator collects and
> monitizes personally identifiable information about its users), there
> are the implicit limitations of this "vision".
>
> Nearly all of ICANN's contractual counter-parties to registry
> agreements are legally domiciled in the North American Region, and
> with the exception of name server constellations, are operationally
> contained in the North American Region.
>
> The same is true of the approximately six hundred of its (wildly
> shell-registrar inflated) nine hundred counter-parties to registrar
> agreements, four of which alone account for 50% of all gTLD registration.
>
> It is in the public interest that public policy is informed by data
> and both the failures, and the successes, of policy choices, can be
> discerned and outcomes understood in terms of causes and effects.
>
> Legal barriers particular to the North American Region's legal culture
> prevent research access to operational network infrastructures for
> reasons of economics, ownership, and trust (EOT).
>
> These must be reduced if policy making is to be informed by knowledge
> rather than by belief.
>
> For reasons of operational necessity a constellation of name servers
> was activated by CNNIC in November, 2001. Since early 2008 this
> constellation of name servers has provided service to more users in
> Asia than the original constellation of name servers provides users in
> North America.
>
> The Vision Statement should be amended to correct the impression that
> some more fundamental management problem exists than managing the
> sources of policy errors which have necessitated the existence of the
> CNNIC root server constellation, and the continued necessity for
> divergence between these two root systems.
>
> It is not in the public interest for North American internet users to
> be unaware that errors of judgment have, and may further partition
> "the internet".
>
> These two changes to the Vision Statement may be expressed as:
>
> "Informed by data, divided only by necessity."
>
> (ii) The second strategic objective contains a gratifying reference to
> ALAC, though the language reads "representing" rather than "elected
> by" when referring to a seat on the ICANN Board.
>
> (iii) The third strategic objective seems under developed relative to
> the other three, and adding a technical and policy journal, similar to
> the work Ole Jacobson has been doing, initially for Dan Lynch's
> InterOp, and subsequently for cisco, in his Internet Protocol Journal,
> would be more useful than more web ephemera.
>
> (iv) The fourth strategic objective references fact-based policy
> development and decision making.
>
> Data as a necessary predicate condition to "ensure the stable and
> secure operation of the Internet's unique identifier systems", is
> absent. This is very unfortunate as in practical terms, for each year
> of the past decade, persons with nothing more than beliefs, which may
> as well be religious beliefs, have dominated ICANN's policy making.
>
> The available data is not good. We are running out of addresses, and
> therefore must make a partially planned transition without widespread
> testbed experience of the new infrastructure. The routing system too
> is at the limits of its scalability. There are pervasive peer-to-peer
> overlay networks which are incongruent with economic models, and
> therefore the source of fundamental legal struggles over ownership and
> control. The security and stability of the naming, addressing and
> routing infrastructure is problematic, independent of anything ICANN
> is on record contemplating as its plan of record.
>
> Absent operational data concerning unique endpoint identifiers, unique
> routing identifiers, and protocols, stable and secure operations are
> indistinguishable from instable and insecure operations.
>
> The DNS remains a private resource, where access to profoundly
> important operational data necessary for basic research on the range
> of meaningful policy alternatives is at the whim of commercial
> entities acting under private law.
>
> Afterward:
>
> Having spent 2004-2009 primarily "off-the-grid", that is, responsible
> for power, connectivity and bandwidth while residing in rural venues
> in North America, improving access to the net, for the residents of
> California rural farmworker housing cooperatives, Prairie Provinces
> and High Plains States native reservations and reserves, and isolated
> populations such as Appalachicola as exemplars of an broad area of
> unmet need seems like a reasonable "increase residences served"
> strategic goal.
>
> Having been in and out of the network and registry operator
> communities since the NIC was at SRI the mid-80s, getting behind and
> assisting the adoption of RPKI in the ARIN region also seems like a
> reasonable "improve resiliency" strategic goal.
>
> Having recently reviewed the Final Report of the ACM K-12 Task Force
> Curriculum Committee, commissioning a model "What is the Internet"
> unit of curriculum for primary, non-STEM secondary, and tertiary
> classroom adoption also seems like a reasonable "informational"
> strategic goal.
>
> Moving outside the self-similar comfort zone of corporate and suburban
> residential service and marketing profiles
>
> Thank you for taking the time to read this lengthy comment on the 11
> page 2011 - 2014 Strategic Plan.
>
> Eric Brunner-Williams
> Unaffiliated NARALO Member Representative
>
>
> ------
> NA-Discuss mailing list
> NA-Discuss at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
>
> Visit the NARALO online at http://www.naralo.org
> ------




-- 
- Evan



More information about the NA-Discuss mailing list