Last Friday, The Internet Corporation for Assigned Names and Numbers (ICANN) put a process in motion that would transition the role of the United States Government in the Internet’s unique identifier system. The plan marks an important moment, meaning the US Government would relinquish their remaining control of the Internet, and transfer important technical functions of the Internet to the global Internet community.
Presently, the government’s current responsibilities include the role of administering changes to the Domain Name System’s (DNS) root zone file, which is the database of top-level domains (.edu, .gov, .mil). Additionally, the US Government also oversees the historic data regarding unique identifier registries for Domain names, IP addresses and protocol parameters. A recent ICANN article stated, “the US recognized ICANN’s maturation in becoming an effective multi-stakeholder organization and requested that ICANN convene the global community to develop the transition process toward a global community consensus-driven mechanism.”Apart from the US transition, ICANN’s role as administrator of the Internet’s unique identifier system remains unchanged. These are just the first steps in a long process and will likely take until the contract between the Commerce Department and ICANN is up next year.Pressure to relinquish US control has been building for nearly a decade and was strongly driven by last year’s backlash about the National Security Agency’s role in surveillance, mainly uncovered by Snowden. However, the US stated that the decision had nothing to do with the firestorm caused by NSA spying revelations and the controversy that followed. Whether you believe that or not, the move has sparked discussions of cryptocurrency, more specifically the algorithms behind Bitcoin and Namecoin.In a draft ICANN Report released late last month, the organization spoke of Byzantine algorithms like Bitcoin and Namecoin, and the future of an Internet not controlled by the US Government. This could mean that the organization is exploring the possibility of a global multi-stakeholder accountability process.An excerpt from the ICANN report:
4.3. Shared Zone Control
In the previous section, we discussed the political feelings that make countries want to own a root server organization. These concerns may or may not be well founded, but there is no question that the current root operation is based in the US and subject to US jurisdiction.
In simple outline, the root is updated in a sequence:ICANN receives update requests from TLDs, and vets them for errors
ICANN submits the changes to the Department of Commerce
ICANN sends approved changes to Verisign
Verisign generates a signed root and distributes it
Is there a technical way to think about sharing control over the root? Some theories have been advanced. One school of thought is that data should have N multiple signatures. And then M/N, signatures are required to authenticate the data. Of course there are arguments about M and N, and whether different crypto is needed/desirable.It’s not our intention to argue for a specific system here, but we do feel that a good design could allow the political process of deciding how control should be shared to start. Our vision is the creation of a toolbox for shared zone control, not only for the root, but also for other zone coordination problems.
We note that the DNS Operations (DNSOPS) working group in the IETF has two proposals for coordinating DNSSEC signing information, but wonder if it might be better to create a general facility rather than a solution to this point problem. Coordination of forward and reverse addresses might be another application.
The participants could then each do a standard algorithm to generate consistent state. This might seem like a fantasy, but Byzantine algorithms like Bitcoin [Andreesen 2014] and Namecoin show that such systems are possible today.(Note that we aren’t proposing the rules, just a distributed system for implementing whatever rules the community wants.)
However, some have raised concerns of ICANN’s stewardship based on their expansion that added new domains to the Internet’s infrastructure. Those opposed to the changeover have made statements regarding the abundance of domain names, which may increase dishonesty and allow phony website creation that appear to be trusted brands.It is obvious that the changeover, when it happens, will need to be done carefully. If a global multi-stakeholder accountability process is adopted that includes technology currently used by cryptocurrencies like Bitcoin and Namecoin, the security and trust of the internet should grow, but we will have to wait and see. There will always be risks. Users need to begin taking extra precautions toward Internet security and the sharing of personal information, instead of trusting that their information is safe.How do you think ICANN will change the Internet?
Draft ICANN Report: https://www.icann.org/en/about/planning/strategic-engagement/identifier-technology/report-21feb14-en.pdfICANN Announcement: http://www.icann.org/en/news/announcements/announcement-14mar14-en.htm