NTIA's Role in Root Zone Management
The NTIA has just posted a document on its role in Root Zone Management: http://www.ntia.doc.gov/files/ntia/publications/ntias_role_root_zone_managem...
Thanks for the share... NTIA's role in this may not necessarily be replaced. One could then envision an arrangement between the operator and verisign (assuming verisign is still willing). It's good to note that some of the processes are already automated. Cheers! sent from Google nexus 4 kindly excuse brevity and typos. On 16 Dec 2014 23:31, "Allan MacGillivray" <allan.macgillivray@cira.ca> wrote:
The NTIA has just posted a document on its role in Root Zone Management: http://www.ntia.doc.gov/files/ntia/publications/ntias_role_root_zone_managem...
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
Giving both the right to operate the IANA functions, and the responsibility for operating the Root Zone, to the same entity would be far worse in respect of accountability and creating a new massively centralised power structure in Internet Governance than even the current idea of simply transferring IANA to ICANN in perpetuity. I cannot fathom how anyone who believes in distributed Internet governance can even contemplate such an idea. But I am a relative newcomer. Can someone who supports such a notion explain it? best Jordan On 17 December 2014 at 19:05, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
Thanks for the share... NTIA's role in this may not necessarily be replaced. One could then envision an arrangement between the operator and verisign (assuming verisign is still willing). It's good to note that some of the processes are already automated.
Cheers!
sent from Google nexus 4 kindly excuse brevity and typos. On 16 Dec 2014 23:31, "Allan MacGillivray" <allan.macgillivray@cira.ca> wrote:
The NTIA has just posted a document on its role in Root Zone Management: http://www.ntia.doc.gov/files/ntia/publications/ntias_role_root_zone_managem...
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Jordan Carter Chief Executive *InternetNZ* 04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter *To promote the Internet's benefits and uses, and protect its potential.*
On Wed, Dec 17, 2014 at 4:55 PM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Giving both the right to operate the IANA functions, and the responsibility for operating the Root Zone, to the same entity would be far worse in respect of accountability and creating a new massively centralised power structure in Internet Governance than even the current idea of simply transferring IANA to ICANN in perpetuity.
The implementation of the names related IANA functions is largely the operation of the Root Zone, so i am not sure i understand why/how you have counted this as double rights?
I cannot fathom how anyone who believes in distributed Internet governance can even contemplate such an idea.
Is your statement above clarified based on my comment above?
But I am a relative newcomer. Can someone who supports such a notion explain it?
I am too and still learning...so will be good to know what i may have missed Thanks
best Jordan
On 17 December 2014 at 19:05, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
Thanks for the share... NTIA's role in this may not necessarily be replaced. One could then envision an arrangement between the operator and verisign (assuming verisign is still willing). It's good to note that some of the processes are already automated.
Cheers!
sent from Google nexus 4 kindly excuse brevity and typos. On 16 Dec 2014 23:31, "Allan MacGillivray" <allan.macgillivray@cira.ca> wrote:
The NTIA has just posted a document on its role in Root Zone Management: http://www.ntia.doc.gov/files/ntia/publications/ntias_role_root_zone_managem...
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Jordan Carter
Chief Executive *InternetNZ*
04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter
*To promote the Internet's benefits and uses, and protect its potential.*
-- ------------------------------------------------------------------------ *Seun Ojedeji,Federal University Oye-Ekitiweb: http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535**alt email: <http://goog_1872880453>seun.ojedeji@fuoye.edu.ng <seun.ojedeji@fuoye.edu.ng>* The key to understanding is humility - my view !
Hi all, Seun: On 18 December 2014 at 05:07, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
On Wed, Dec 17, 2014 at 4:55 PM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Giving both the right to operate the IANA functions, and the responsibility for operating the Root Zone, to the same entity would be far worse in respect of accountability and creating a new massively centralised power structure in Internet Governance than even the current idea of simply transferring IANA to ICANN in perpetuity.
The implementation of the names related IANA functions is largely the operation of the Root Zone, so i am not sure i understand why/how you have counted this as double rights?
Because today, there are two agreements and three parties: NTIA which essentially "owns" the DNS, and offers two contracts/agreements: - to ICANN to be the IANA functions administrator - to Verisign to be the Root Zone Maintainer If I read your suggestion right, you seem to think folding all that into one organisation would be OK. I can't imagine how that would be OK. It would be a giant concentration of power in one place and would create an all-powerful central institution for names management (absent massive cultural and structural changes at ICANN). Even if ICANN transitions to a more accountable organisation in terms of what it does, that doesn't balance out the very far-reaching change you seem to have suggested of putting all the pieces in one basket.
I cannot fathom how anyone who believes in distributed Internet governance can even contemplate such an idea.
Is your statement above clarified based on my comment above?
I think so. Jordan
But I am a relative newcomer. Can someone who supports such a notion
explain it?
I am too and still learning...so will be good to know what i may have missed
Thanks
best Jordan
On 17 December 2014 at 19:05, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
Thanks for the share... NTIA's role in this may not necessarily be replaced. One could then envision an arrangement between the operator and verisign (assuming verisign is still willing). It's good to note that some of the processes are already automated.
Cheers!
sent from Google nexus 4 kindly excuse brevity and typos. On 16 Dec 2014 23:31, "Allan MacGillivray" <allan.macgillivray@cira.ca> wrote:
The NTIA has just posted a document on its role in Root Zone Management: http://www.ntia.doc.gov/files/ntia/publications/ntias_role_root_zone_managem...
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Jordan Carter
Chief Executive *InternetNZ*
04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter
*To promote the Internet's benefits and uses, and protect its potential.*
-- ------------------------------------------------------------------------
*Seun Ojedeji,Federal University Oye-Ekitiweb: http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535**alt email: <http://goog_1872880453>seun.ojedeji@fuoye.edu.ng <seun.ojedeji@fuoye.edu.ng>*
The key to understanding is humility - my view !
-- Jordan Carter Chief Executive *InternetNZ* 04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter *To promote the Internet's benefits and uses, and protect its potential.*
Jordan, I neither support nor oppose the idea, however
Giving both the right to operate the IANA functions, and the responsibility for operating the Root Zone, to the same entity would be far worse in respect of accountability and creating a new massively centralised power structure in Internet Governance than even the current idea of simply transferring IANA to ICANN in perpetuity.
The implementation of the names related IANA functions is largely the operation of the Root Zone, so i am not sure i understand why/how you have counted this as double rights?
Because today, there are two agreements and three parties:
NTIA which essentially "owns" the DNS, and offers two contracts/agreements: - to ICANN to be the IANA functions administrator
Nit: IANA Functions Operator.
- to Verisign to be the Root Zone Maintainer
Yes.
If I read your suggestion right, you seem to think folding all that into one organisation would be OK.
What change do you believe would be implied by the merging of these two functions? Specifically, given the Root Zone Maintainer is the sole entity that is able to _unilaterally_ change (or refuse to change) the root zone and have those changes published (subject of course to legal repercussions) how would merging the "user interface" (that is, the IANA Function Operator) into the Root Zone Maintainer pragmatically change the accountability model? Thanks, -drc (ICANN CTO, but speaking only for myself)
David I am not sure I understand this question: Specifically, given the Root Zone Maintainer is the sole entity that is able to _unilaterally_ change (or refuse to change) the root zone and have those changes published (subject of course to legal repercussions) how would merging the "user interface" (that is, the IANA Function Operator) into the Root Zone Maintainer pragmatically change the accountability model? You are asserting that the RZM (currently, Verisign) can unilaterally change the root zone? But of course this is not true because of its cooperative agreement with NTIA. Perhaps that is what you mean by "legal repercussions." In terms of how the accountability model changes, I think many of us are viewing the Verisign Cooperative Agreement as a legacy arrangement that should disappear after the transition. Which means that the IANA functions operator would either be the contracter for the RZM function, or the Contract Co would contract for it directly. Between those two options it's clear that there are significant differences in the accountability model, and either of those is significantly different from the status quo, which relies on the NTIA. So again I don't quite grasp what you are asking about. Milton L Mueller Laura J. and L. Douglas Meredith Professor Syracuse University School of Information Studies http://faculty.ischool.syr.edu/mueller/ Internet Governance Project http://internetgovernance.org<http://internetgovernance.org/>
[Sorry for the slow response a bit busy] Milton,
You are asserting that the RZM (currently, Verisign) can unilaterally change the root zone? But of course this is not true because of its cooperative agreement with NTIA.
Actually, it is true. Technically, the only entity on the planet today who can change the root zone is Verisign. They 1. Maintain the root zone database ("the root zone file"); 2. Hold the Zone Signing Key 3. Run the hidden master from which the root server operators pull the root zone This gives the Root Zone Maintainer the unilateral ability to both modify the root zone and have that zone published. Currently, there are NO technical limitations on what they can do with the root zone, only administrative limitations if Verisign went stark raving mad and (say) decided to remove all competing TLDs from the root zone, they could do so (for those resolvers that query the root servers while the edited zone remained up). Of course, it is likely that in very short order, they would (a) no longer be the Root Zone Maintainer and (b) no longer be a viable going concern due to the myriad of lawsuits that would instantly appear. However, pragmatically speaking, the fact that the Root Zone Maintainer would turn into a smoldering crater is a bit like closing the barn door after the horse has bolted.
Perhaps that is what you mean by ³legal repercussions.²
Yes. While it is true that the Root Zone Maintainer is under contractual terms to get explicit authorization from the Root Zone Administrator prior to making changes, there is no technical mechanism by which that is enforced.
In terms of how the accountability model changes, I think many of us are viewing the Verisign Cooperative Agreement as a legacy arrangement that should disappear after the transition.
An interesting assumption.
Which means that the IANA functions operator would either be the contracter for the RZM function, or the Contract Co would contract for it directly. Between those two options it¹s clear that there are significant differences in the accountability model, and either of those is significantly different from the status quo, which relies on the NTIA. So again I don¹t quite grasp what you are asking about.
I was asking about Jordan's response to the scenario in which the IANA Function Operator and the Root Zone Maintainer are merged (which again, I neither support nor oppose), thus creating a single entity that receives, validates, and implements change requests. I gather he feels the accountability mechanism would be vastly different than if the IFO and RZM are separate. Since there is a single entity in both scenarios that, pragmatically speaking, holds all the cards and that entity is restrained only by contractual terms which would presumably be essentially the same in both cases, I'm not seeing a whole lot of difference. Regards, -drc
Please excuse the much delayed response to this string of messages. Like David, I have been super busy and I wanted to have a little more time to respond, especially since Verisign was mentioned. Thanks for raising this issue David. It presents an opportunity for the community to study what kinds of accountability mechanisms work - such as those that public companies in the US must comply with. I think you'll see from what follows that Verisign (and any public company) is highly motivated to put in place and enforce mechanisms to protect against anyone going "stark raving mad" and doing harm. As a US public company, Verisign has shareholders who ultimately control the company and can hold the company accountable. Those shareholders elect a Board of Directors, who, under US law owe fiduciary duties to the shareholders to manage the company effectively. Any breach of those duties could result in lawsuits against the Board of Directors by the shareholders or removal and replacement of the Board by those same shareholders. For example, if the Board has not provided oversight of important network functions then the Board might be liable in court or might be replaced by the shareholders. In addition, the Board appoints the executive officers of the company, who also have fiduciary duties and under various regulatory regimes such Sarbanes Oxley and Dodd Frank, have additional obligations and in some cases personal liability should they fail to uphold their duties. So, if executive officers were negligent in hiring an employee, or failed to establish proper network access controls, those officers could be sued in court, or replaced by the Board, or both. Furthermore, external and internal auditors review and investigate on a regular basis compliance with key controls designed to ensure effective management of the company. Verisign is also subject to disclosure requirements under the Securities and Exchange Act and other regulations that require transparency of the company's financial condition, compensation, risks, legal proceedings, and more. If for example Verisign failed to disclose a particular risk to its network that should have been disclosed under the securities laws, then the shareholders or the SEC could bring legal actions against the company, its Board, or individual employees for damages and to obtain management reforms. Of course, ICANN has little or no such mechanisms in place, only the AoC (which can be ended by ICANN) and the IANA non-renewal threat, which is why we're all here. While no one expects ICANN to become a public US company, the accountability imposed on public companies like Verisign should inform the community as to what 'good' can look like. For Verisign, that accountability has led to an excellent operational record of 17 years of uninterrupted uptime for .COM. I want to again thank David for bringing this important issue to our attention. What can the CWG learn from this? ICANN has stated clearly that it sees its obligations being to the corporation, which has no members or shareholders, so the accountability mechanisms for public companies, or those with shareholders or members, are not available to us, and so we cannot expect ICANN to behave as if they were. What stops an ICANN employee from going 'stark raving mad' or a post-transition ICANN from going 'stark-raving-greedy'? It's obvious that the accountability that drives Verisign and other US public companies would be welcome here. How can the CWG learn from this and apply similarly effective accountability to ICANN? Chuck From: cwg-stewardship-bounces@icann.org [mailto:cwg-stewardship-bounces@icann.org] On Behalf Of David Conrad Sent: Friday, December 19, 2014 12:53 PM To: Milton L Mueller Cc: cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management [Sorry for the slow response - a bit busy] Milton, You are asserting that the RZM (currently, Verisign) can unilaterally change the root zone? But of course this is not true because of its cooperative agreement with NTIA. Actually, it is true. Technically, the only entity on the planet today who can change the root zone is Verisign. They 1. Maintain the root zone database ("the root zone file"); 2. Hold the Zone Signing Key 3. Run the hidden master from which the root server operators pull the root zone This gives the Root Zone Maintainer the unilateral ability to both modify the root zone and have that zone published. Currently, there are NO technical limitations on what they can do with the root zone, only administrative limitations - if Verisign went stark raving mad and (say) decided to remove all competing TLDs from the root zone, they could do so (for those resolvers that query the root servers while the edited zone remained up). Of course, it is likely that in very short order, they would (a) no longer be the Root Zone Maintainer and (b) no longer be a viable going concern due to the myriad of lawsuits that would instantly appear. However, pragmatically speaking, the fact that the Root Zone Maintainer would turn into a smoldering crater is a bit like closing the barn door after the horse has bolted. Perhaps that is what you mean by "legal repercussions." Yes. While it is true that the Root Zone Maintainer is under contractual terms to get explicit authorization from the Root Zone Administrator prior to making changes, there is no technical mechanism by which that is enforced. In terms of how the accountability model changes, I think many of us are viewing the Verisign Cooperative Agreement as a legacy arrangement that should disappear after the transition. An interesting assumption. Which means that the IANA functions operator would either be the contracter for the RZM function, or the Contract Co would contract for it directly. Between those two options it's clear that there are significant differences in the accountability model, and either of those is significantly different from the status quo, which relies on the NTIA. So again I don't quite grasp what you are asking about. I was asking about Jordan's response to the scenario in which the IANA Function Operator and the Root Zone Maintainer are merged (which again, I neither support nor oppose), thus creating a single entity that receives, validates, and implements change requests. I gather he feels the accountability mechanism would be vastly different than if the IFO and RZM are separate. Since there is a single entity in both scenarios that, pragmatically speaking, holds all the cards and that entity is restrained only by contractual terms which would presumably be essentially the same in both cases, I'm not seeing a whole lot of difference. Regards, -drc
Publicly owned business? What do businesses do? Businesses make profits through business and profitable activities in the market? Verisign is a business, it has a board, indeed, that also looks primarily at how the company is performing and if its making money for its shareholders and further on its stakeholders or further on its customers that are buying its products or services? I wonder how the analogy about a publicly owned company that sells and generates profits for its shareholders, board members and customers can be applied to ICANN? This worries me, thats what contractor co. might think of the overall IANA system in the first place. Organisational behaviour of private/public companies is very different from private/public organisations? This discussion has actually made me very uncomfortable. This is a very micro-view approach. On Mon, Jan 19, 2015 at 5:04 AM, Gomes, Chuck <cgomes@verisign.com> wrote:
Please excuse the much delayed response to this string of messages. Like David, I have been super busy and I wanted to have a little more time to respond, especially since Verisign was mentioned.
Thanks for raising this issue David. It presents an opportunity for the community to study what kinds of accountability mechanisms work - such as those that public companies in the US must comply with. I think you’ll see from what follows that Verisign (and any public company) is highly motivated to put in place and enforce mechanisms to protect against anyone going “stark raving mad” and doing harm.
As a US public company, Verisign has shareholders who ultimately control the company and can hold the company accountable. Those shareholders elect a Board of Directors, who, under US law owe fiduciary duties to the shareholders to manage the company effectively. Any breach of those duties could result in lawsuits against the Board of Directors by the shareholders or removal and replacement of the Board by those same shareholders. For example, if the Board has not provided oversight of important network functions then the Board might be liable in court or might be replaced by the shareholders. In addition, the Board appoints the executive officers of the company, who also have fiduciary duties and under various regulatory regimes such Sarbanes Oxley and Dodd Frank, have additional obligations and in some cases personal liability should they fail to uphold their duties. So, if executive officers were negligent in hiring an employee, or failed to establish proper network access controls, those officers could be sued in court, or replaced by the Board, or both. Furthermore, external and internal auditors review and investigate on a regular basis compliance with key controls designed to ensure effective management of the company. Verisign is also subject to disclosure requirements under the Securities and Exchange Act and other regulations that require transparency of the company’s financial condition, compensation, risks, legal proceedings, and more. If for example Verisign failed to disclose a particular risk to its network that should have been disclosed under the securities laws, then the shareholders or the SEC could bring legal actions against the company, its Board, or individual employees for damages and to obtain management reforms.
Of course, ICANN has little or no such mechanisms in place, only the AoC (which can be ended by ICANN) and the IANA non-renewal threat, which is why we’re all here. While no one expects ICANN to become a public US company, the accountability imposed on public companies like Verisign should inform the community as to what ‘good’ can look like. For Verisign, that accountability has led to an excellent operational record of 17 years of uninterrupted uptime for .COM.
I want to again thank David for bringing this important issue to our attention. What can the CWG learn from this? ICANN has stated clearly that it sees its obligations being to the corporation, which has no members or shareholders, so the accountability mechanisms for public companies, or those with shareholders or members, are not available to us, and so we cannot expect ICANN to behave as if they were. What stops an ICANN employee from going 'stark raving mad’ or a post-transition ICANN from going ‘stark-raving-greedy’? It's obvious that the accountability that drives Verisign and other US public companies would be welcome here. How can the CWG learn from this and apply similarly effective accountability to ICANN?
Chuck
From: cwg-stewardship-bounces@icann.org [mailto:cwg-stewardship-bounces@icann.org] On Behalf Of David Conrad Sent: Friday, December 19, 2014 12:53 PM To: Milton L Mueller Cc: cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management
[Sorry for the slow response — a bit busy]
Milton,
You are asserting that the RZM (currently, Verisign) can unilaterally change the root zone? But of course this is not true because of its cooperative agreement with NTIA.
Actually, it is true. Technically, the only entity on the planet today who can change the root zone is Verisign. They
1. Maintain the root zone database ("the root zone file");
2. Hold the Zone Signing Key
3. Run the hidden master from which the root server operators pull the root zone
This gives the Root Zone Maintainer the unilateral ability to both modify the root zone and have that zone published. Currently, there are NO technical limitations on what they can do with the root zone, only administrative limitations — if Verisign went stark raving mad and (say) decided to remove all competing TLDs from the root zone, they could do so (for those resolvers that query the root servers while the edited zone remained up). Of course, it is likely that in very short order, they would (a) no longer be the Root Zone Maintainer and (b) no longer be a viable going concern due to the myriad of lawsuits that would instantly appear. However, pragmatically speaking, the fact that the Root Zone Maintainer would turn into a smoldering crater is a bit like closing the barn door after the horse has bolted.
Perhaps that is what you mean by “legal repercussions.”
Yes. While it is true that the Root Zone Maintainer is under contractual terms to get explicit authorization from the Root Zone Administrator prior to making changes, there is no technical mechanism by which that is enforced.
In terms of how the accountability model changes, I think many of us are viewing the Verisign Cooperative Agreement as a legacy arrangement that should disappear after the transition.
An interesting assumption.
Which means that the IANA functions operator would either be the contracter for the RZM function, or the Contract Co would contract for it directly. Between those two options it’s clear that there are significant differences in the accountability model, and either of those is significantly different from the status quo, which relies on the NTIA. So again I don’t quite grasp what you are asking about.
I was asking about Jordan's response to the scenario in which the IANA Function Operator and the Root Zone Maintainer are merged (which again, I neither support nor oppose), thus creating a single entity that receives, validates, and implements change requests. I gather he feels the accountability mechanism would be vastly different than if the IFO and RZM are separate. Since there is a single entity in both scenarios that, pragmatically speaking, holds all the cards and that entity is restrained only by contractual terms which would presumably be essentially the same in both cases, I'm not seeing a whole lot of difference.
Regards,
-drc
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Regards. -------------------------- Fouad Bajwa ICT4D and Internet Governance Advisor My Blog: Internet's Governance: http://internetsgovernance.blogspot.com/ Follow my Tweets: http://twitter.com/fouadbajwa
Fouad, I was not at all suggesting that the accountability mechanisms for public for-profit companies would apply directly to ICANN. I said, "ICANN has stated clearly that it sees its obligations being to the corporation, which has no members or shareholders, so the accountability mechanisms for public companies, or those with shareholders or members, are not available to us, and so we cannot expect ICANN to behave as if they were." The message from David Conrad asked what would happen if Verisign went "stark raving mad"; I tried to point out the accountability mechanisms that we face mitigate against that because we have to implement processes that strongly mitigate against things like that from happening. And my main question is in my last sentence: "How can the CWG learn from this and apply similarly effective accountability to ICANN?" Notice I said "similarly effective". Chuck -----Original Message----- From: Fouad Bajwa [mailto:fouadbajwa@gmail.com] Sent: Sunday, January 18, 2015 7:42 PM To: Gomes, Chuck Cc: David Conrad; Milton L Mueller; cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management Publicly owned business? What do businesses do? Businesses make profits through business and profitable activities in the market? Verisign is a business, it has a board, indeed, that also looks primarily at how the company is performing and if its making money for its shareholders and further on its stakeholders or further on its customers that are buying its products or services? I wonder how the analogy about a publicly owned company that sells and generates profits for its shareholders, board members and customers can be applied to ICANN? This worries me, thats what contractor co. might think of the overall IANA system in the first place. Organisational behaviour of private/public companies is very different from private/public organisations? This discussion has actually made me very uncomfortable. This is a very micro-view approach. On Mon, Jan 19, 2015 at 5:04 AM, Gomes, Chuck <cgomes@verisign.com> wrote:
Please excuse the much delayed response to this string of messages. Like David, I have been super busy and I wanted to have a little more time to respond, especially since Verisign was mentioned.
Thanks for raising this issue David. It presents an opportunity for the community to study what kinds of accountability mechanisms work - such as those that public companies in the US must comply with. I think you’ll see from what follows that Verisign (and any public company) is highly motivated to put in place and enforce mechanisms to protect against anyone going “stark raving mad” and doing harm.
As a US public company, Verisign has shareholders who ultimately control the company and can hold the company accountable. Those shareholders elect a Board of Directors, who, under US law owe fiduciary duties to the shareholders to manage the company effectively. Any breach of those duties could result in lawsuits against the Board of Directors by the shareholders or removal and replacement of the Board by those same shareholders. For example, if the Board has not provided oversight of important network functions then the Board might be liable in court or might be replaced by the shareholders. In addition, the Board appoints the executive officers of the company, who also have fiduciary duties and under various regulatory regimes such Sarbanes Oxley and Dodd Frank, have additional obligations and in some cases personal liability should they fail to uphold their duties. So, if executive officers were negligent in hiring an employee, or failed to establish proper network access controls, those officers could be sued in court, or replaced by the Board, or both. Furthermore, external and internal auditors review and investigate on a regular basis compliance with key controls designed to ensure effective management of the company. Verisign is also subject to disclosure requirements under the Securities and Exchange Act and other regulations that require transparency of the company’s financial condition, compensation, risks, legal proceedings, and more. If for example Verisign failed to disclose a particular risk to its network that should have been disclosed under the securities laws, then the shareholders or the SEC could bring legal actions against the company, its Board, or individual employees for damages and to obtain management reforms.
Of course, ICANN has little or no such mechanisms in place, only the AoC (which can be ended by ICANN) and the IANA non-renewal threat, which is why we’re all here. While no one expects ICANN to become a public US company, the accountability imposed on public companies like Verisign should inform the community as to what ‘good’ can look like. For Verisign, that accountability has led to an excellent operational record of 17 years of uninterrupted uptime for .COM.
I want to again thank David for bringing this important issue to our attention. What can the CWG learn from this? ICANN has stated clearly that it sees its obligations being to the corporation, which has no members or shareholders, so the accountability mechanisms for public companies, or those with shareholders or members, are not available to us, and so we cannot expect ICANN to behave as if they were. What stops an ICANN employee from going 'stark raving mad’ or a post-transition ICANN from going ‘stark-raving-greedy’? It's obvious that the accountability that drives Verisign and other US public companies would be welcome here. How can the CWG learn from this and apply similarly effective accountability to ICANN?
Chuck
From: cwg-stewardship-bounces@icann.org [mailto:cwg-stewardship-bounces@icann.org] On Behalf Of David Conrad Sent: Friday, December 19, 2014 12:53 PM To: Milton L Mueller Cc: cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management
[Sorry for the slow response — a bit busy]
Milton,
You are asserting that the RZM (currently, Verisign) can unilaterally change the root zone? But of course this is not true because of its cooperative agreement with NTIA.
Actually, it is true. Technically, the only entity on the planet today who can change the root zone is Verisign. They
1. Maintain the root zone database ("the root zone file");
2. Hold the Zone Signing Key
3. Run the hidden master from which the root server operators pull the root zone
This gives the Root Zone Maintainer the unilateral ability to both modify the root zone and have that zone published. Currently, there are NO technical limitations on what they can do with the root zone, only administrative limitations — if Verisign went stark raving mad and (say) decided to remove all competing TLDs from the root zone, they could do so (for those resolvers that query the root servers while the edited zone remained up). Of course, it is likely that in very short order, they would (a) no longer be the Root Zone Maintainer and (b) no longer be a viable going concern due to the myriad of lawsuits that would instantly appear. However, pragmatically speaking, the fact that the Root Zone Maintainer would turn into a smoldering crater is a bit like closing the barn door after the horse has bolted.
Perhaps that is what you mean by “legal repercussions.”
Yes. While it is true that the Root Zone Maintainer is under contractual terms to get explicit authorization from the Root Zone Administrator prior to making changes, there is no technical mechanism by which that is enforced.
In terms of how the accountability model changes, I think many of us are viewing the Verisign Cooperative Agreement as a legacy arrangement that should disappear after the transition.
An interesting assumption.
Which means that the IANA functions operator would either be the contracter for the RZM function, or the Contract Co would contract for it directly. Between those two options it’s clear that there are significant differences in the accountability model, and either of those is significantly different from the status quo, which relies on the NTIA. So again I don’t quite grasp what you are asking about.
I was asking about Jordan's response to the scenario in which the IANA Function Operator and the Root Zone Maintainer are merged (which again, I neither support nor oppose), thus creating a single entity that receives, validates, and implements change requests. I gather he feels the accountability mechanism would be vastly different than if the IFO and RZM are separate. Since there is a single entity in both scenarios that, pragmatically speaking, holds all the cards and that entity is restrained only by contractual terms which would presumably be essentially the same in both cases, I'm not seeing a whole lot of difference.
Regards,
-drc
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Regards. -------------------------- Fouad Bajwa ICT4D and Internet Governance Advisor My Blog: Internet's Governance: http://internetsgovernance.blogspot.com/ Follow my Tweets: http://twitter.com/fouadbajwa
Fouad As a representative of the Noncommercial SG I think you were missing Chuck's point completely. Of course ICANN is _not_ a commercial, profit-making entity, nor does anyone want it to be. The point is that private companies have much stronger, better accountability arrangements than ICANN. Verisign is subject to checks and balances in the following ways: - it is subject to market competition (ICANN is not) - it has shareholders who elect its board (ICANN has no members, which is the equivalent of shareholders in nonprofits) - its modification of the root zone is subject to USG approval (ICANN still is, but some folks don't want it to be any more). So if we are to make ICANN accountable, we need to develop similar mechanisms, such as: - recurring, regular competitive bidding for the IANA contract (which sort of functions like competition, though more weakly) - empowering ICANN's participants with real membership/voting status You expressed concerns that Contract Co approach might make ICANN commercial. This is FUD. It won't. The contracting entity would have a very limited function - to award the IANA contract. ICANN's nature as the nonprofit California corporation wouldn't change, whether it got the IANA contract or not.
-----Original Message----- From: Fouad Bajwa [mailto:fouadbajwa@gmail.com] Sent: Sunday, January 18, 2015 7:42 PM To: Gomes, Chuck Cc: David Conrad; Milton L Mueller; cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management
Publicly owned business? What do businesses do? Businesses make profits through business and profitable activities in the market? Verisign is a business, it has a board, indeed, that also looks primarily at how the company is performing and if its making money for its shareholders and further on its stakeholders or further on its customers that are buying its products or services?
I wonder how the analogy about a publicly owned company that sells and generates profits for its shareholders, board members and customers can be applied to ICANN?
This worries me, thats what contractor co. might think of the overall IANA system in the first place.
Organisational behaviour of private/public companies is very different from private/public organisations?
This discussion has actually made me very uncomfortable. This is a very micro-view approach.
On Mon, Jan 19, 2015 at 5:04 AM, Gomes, Chuck <cgomes@verisign.com> wrote:
Please excuse the much delayed response to this string of messages. Like David, I have been super busy and I wanted to have a little more time to respond, especially since Verisign was mentioned.
Thanks for raising this issue David. It presents an opportunity for the community to study what kinds of accountability mechanisms work - such as those that public companies in the US must comply with. I think you’ll see from what follows that Verisign (and any public company) is highly motivated to put in place and enforce mechanisms to protect against anyone going “stark raving mad” and doing harm.
As a US public company, Verisign has shareholders who ultimately control the company and can hold the company accountable. Those shareholders elect a Board of Directors, who, under US law owe fiduciary duties to the shareholders to manage the company effectively. Any breach of those duties could result in lawsuits against the Board of Directors by the shareholders or removal and replacement of the Board by those same shareholders. For example, if the Board has not provided oversight of important network functions then the Board might be liable in court or might be replaced by the shareholders. In addition, the Board appoints the executive officers of the company, who also have fiduciary duties and under various regulatory regimes such Sarbanes Oxley and Dodd Frank, have additional obligations and in some cases personal liability should they fail to uphold their duties. So, if executive officers were negligent in hiring an employee, or failed to establish proper network access controls, those officers could be sued in court, or replaced by the Board, or both. Furthermore, external and internal auditors review and investigate on a regular basis compliance with key controls designed to ensure effective management of the company. Verisign is also subject to disclosure requirements under the Securities and Exchange Act and other regulations that require transparency of the company’s financial condition, compensation, risks, legal proceedings, and more. If for example Verisign failed to disclose a particular risk to its network that should have been disclosed under the securities laws, then the shareholders or the SEC could bring legal actions against the company, its Board, or individual employees for damages and to obtain management reforms.
Of course, ICANN has little or no such mechanisms in place, only the AoC (which can be ended by ICANN) and the IANA non-renewal threat, which is why we’re all here. While no one expects ICANN to become a public US company, the accountability imposed on public companies like Verisign should inform the community as to what ‘good’ can look like. For Verisign, that accountability has led to an excellent operational record of 17 years of uninterrupted uptime for .COM.
I want to again thank David for bringing this important issue to our attention. What can the CWG learn from this? ICANN has stated clearly that it sees its obligations being to the corporation, which has no members or shareholders, so the accountability mechanisms for public companies, or those with shareholders or members, are not available to us, and so we cannot expect ICANN to behave as if they were. What stops an ICANN employee from going 'stark raving mad’ or a post-transition ICANN from going ‘stark-raving-greedy’? It's obvious that the accountability that drives Verisign and other US public companies would be welcome here. How can the CWG learn from this and apply similarly effective accountability to ICANN?
Chuck
From: cwg-stewardship-bounces@icann.org [mailto:cwg-stewardship-bounces@icann.org] On Behalf Of David Conrad Sent: Friday, December 19, 2014 12:53 PM To: Milton L Mueller Cc: cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management
[Sorry for the slow response — a bit busy]
Milton,
You are asserting that the RZM (currently, Verisign) can unilaterally change the root zone? But of course this is not true because of its cooperative agreement with NTIA.
Actually, it is true. Technically, the only entity on the planet today who can change the root zone is Verisign. They
1. Maintain the root zone database ("the root zone file");
2. Hold the Zone Signing Key
3. Run the hidden master from which the root server operators pull the root zone
This gives the Root Zone Maintainer the unilateral ability to both modify the root zone and have that zone published. Currently, there are NO technical limitations on what they can do with the root zone, only administrative limitations — if Verisign went stark raving mad and (say) decided to remove all competing TLDs from the root zone, they could do so (for those resolvers that query the root servers while the edited zone remained up). Of course, it is likely that in very short order, they would (a) no longer be the Root Zone Maintainer and (b) no longer be a viable going concern due to the myriad of lawsuits that would instantly appear. However, pragmatically speaking, the fact that the Root Zone Maintainer would turn into a smoldering crater is a bit like closing the barn door after the horse has bolted.
Perhaps that is what you mean by “legal repercussions.”
Yes. While it is true that the Root Zone Maintainer is under contractual terms to get explicit authorization from the Root Zone Administrator prior to making changes, there is no technical mechanism by which that is enforced.
In terms of how the accountability model changes, I think many of us are viewing the Verisign Cooperative Agreement as a legacy arrangement that should disappear after the transition.
An interesting assumption.
Which means that the IANA functions operator would either be the contracter for the RZM function, or the Contract Co would contract for it directly. Between those two options it’s clear that there are significant differences in the accountability model, and either of those is significantly different from the status quo, which relies on the NTIA. So again I don’t quite grasp what you are asking about.
I was asking about Jordan's response to the scenario in which the IANA Function Operator and the Root Zone Maintainer are merged (which again, I neither support nor oppose), thus creating a single entity that receives, validates, and implements change requests. I gather he feels the accountability mechanism would be vastly different than if the IFO and RZM are separate. Since there is a single entity in both scenarios that, pragmatically speaking, holds all the cards and that entity is restrained only by contractual terms which would presumably be essentially the same in both cases, I'm not seeing a whole lot of difference.
Regards,
-drc
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Regards. -------------------------- Fouad Bajwa ICT4D and Internet Governance Advisor My Blog: Internet's Governance: http://internetsgovernance.blogspot.com/ Follow my Tweets: http://twitter.com/fouadbajwa
Dear Milton: I do not experience any FUD ('fear, uncertainty and doubt') in this context. It has become quite clear is that the current 'separability' lobby in CWG is a mirror image of the NSI lobby that we had to endure in the IFWP context in the 1990's. Today, the issue is not whether ICANN might become commercial. The issue is that after separation, how would the community prevent IANA from becoming commercial. Regards Christopher PS: Since 'separability' is à la mode in this corner of Internet governance, perhaps we could have a CWG proposal for separability of Registry and RZM functions. On 19 Jan 2015, at 05:38, Milton L Mueller <mueller@syr.edu> wrote:
Fouad As a representative of the Noncommercial SG I think you were missing Chuck's point completely. Of course ICANN is _not_ a commercial, profit-making entity, nor does anyone want it to be.
The point is that private companies have much stronger, better accountability arrangements than ICANN. Verisign is subject to checks and balances in the following ways: - it is subject to market competition (ICANN is not) - it has shareholders who elect its board (ICANN has no members, which is the equivalent of shareholders in nonprofits) - its modification of the root zone is subject to USG approval (ICANN still is, but some folks don't want it to be any more).
So if we are to make ICANN accountable, we need to develop similar mechanisms, such as: - recurring, regular competitive bidding for the IANA contract (which sort of functions like competition, though more weakly) - empowering ICANN's participants with real membership/voting status
You expressed concerns that Contract Co approach might make ICANN commercial. This is FUD. It won't. The contracting entity would have a very limited function - to award the IANA contract. ICANN's nature as the nonprofit California corporation wouldn't change, whether it got the IANA contract or not.
-----Original Message----- From: Fouad Bajwa [mailto:fouadbajwa@gmail.com] Sent: Sunday, January 18, 2015 7:42 PM To: Gomes, Chuck Cc: David Conrad; Milton L Mueller; cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management
Publicly owned business? What do businesses do? Businesses make profits through business and profitable activities in the market? Verisign is a business, it has a board, indeed, that also looks primarily at how the company is performing and if its making money for its shareholders and further on its stakeholders or further on its customers that are buying its products or services?
I wonder how the analogy about a publicly owned company that sells and generates profits for its shareholders, board members and customers can be applied to ICANN?
This worries me, thats what contractor co. might think of the overall IANA system in the first place.
Organisational behaviour of private/public companies is very different from private/public organisations?
This discussion has actually made me very uncomfortable. This is a very micro-view approach.
On Mon, Jan 19, 2015 at 5:04 AM, Gomes, Chuck <cgomes@verisign.com> wrote:
Please excuse the much delayed response to this string of messages. Like David, I have been super busy and I wanted to have a little more time to respond, especially since Verisign was mentioned.
Thanks for raising this issue David. It presents an opportunity for the community to study what kinds of accountability mechanisms work - such as those that public companies in the US must comply with. I think you’ll see from what follows that Verisign (and any public company) is highly motivated to put in place and enforce mechanisms to protect against anyone going “stark raving mad” and doing harm.
As a US public company, Verisign has shareholders who ultimately control the company and can hold the company accountable. Those shareholders elect a Board of Directors, who, under US law owe fiduciary duties to the shareholders to manage the company effectively. Any breach of those duties could result in lawsuits against the Board of Directors by the shareholders or removal and replacement of the Board by those same shareholders. For example, if the Board has not provided oversight of important network functions then the Board might be liable in court or might be replaced by the shareholders. In addition, the Board appoints the executive officers of the company, who also have fiduciary duties and under various regulatory regimes such Sarbanes Oxley and Dodd Frank, have additional obligations and in some cases personal liability should they fail to uphold their duties. So, if executive officers were negligent in hiring an employee, or failed to establish proper network access controls, those officers could be sued in court, or replaced by the Board, or both. Furthermore, external and internal auditors review and investigate on a regular basis compliance with key controls designed to ensure effective management of the company. Verisign is also subject to disclosure requirements under the Securities and Exchange Act and other regulations that require transparency of the company’s financial condition, compensation, risks, legal proceedings, and more. If for example Verisign failed to disclose a particular risk to its network that should have been disclosed under the securities laws, then the shareholders or the SEC could bring legal actions against the company, its Board, or individual employees for damages and to obtain management reforms.
Of course, ICANN has little or no such mechanisms in place, only the AoC (which can be ended by ICANN) and the IANA non-renewal threat, which is why we’re all here. While no one expects ICANN to become a public US company, the accountability imposed on public companies like Verisign should inform the community as to what ‘good’ can look like. For Verisign, that accountability has led to an excellent operational record of 17 years of uninterrupted uptime for .COM.
I want to again thank David for bringing this important issue to our attention. What can the CWG learn from this? ICANN has stated clearly that it sees its obligations being to the corporation, which has no members or shareholders, so the accountability mechanisms for public companies, or those with shareholders or members, are not available to us, and so we cannot expect ICANN to behave as if they were. What stops an ICANN employee from going 'stark raving mad’ or a post-transition ICANN from going ‘stark-raving-greedy’? It's obvious that the accountability that drives Verisign and other US public companies would be welcome here. How can the CWG learn from this and apply similarly effective accountability to ICANN?
Chuck
From: cwg-stewardship-bounces@icann.org [mailto:cwg-stewardship-bounces@icann.org] On Behalf Of David Conrad Sent: Friday, December 19, 2014 12:53 PM To: Milton L Mueller Cc: cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management
[Sorry for the slow response — a bit busy]
Milton,
You are asserting that the RZM (currently, Verisign) can unilaterally change the root zone? But of course this is not true because of its cooperative agreement with NTIA.
Actually, it is true. Technically, the only entity on the planet today who can change the root zone is Verisign. They
1. Maintain the root zone database ("the root zone file");
2. Hold the Zone Signing Key
3. Run the hidden master from which the root server operators pull the root zone
This gives the Root Zone Maintainer the unilateral ability to both modify the root zone and have that zone published. Currently, there are NO technical limitations on what they can do with the root zone, only administrative limitations — if Verisign went stark raving mad and (say) decided to remove all competing TLDs from the root zone, they could do so (for those resolvers that query the root servers while the edited zone remained up). Of course, it is likely that in very short order, they would (a) no longer be the Root Zone Maintainer and (b) no longer be a viable going concern due to the myriad of lawsuits that would instantly appear. However, pragmatically speaking, the fact that the Root Zone Maintainer would turn into a smoldering crater is a bit like closing the barn door after the horse has bolted.
Perhaps that is what you mean by “legal repercussions.”
Yes. While it is true that the Root Zone Maintainer is under contractual terms to get explicit authorization from the Root Zone Administrator prior to making changes, there is no technical mechanism by which that is enforced.
In terms of how the accountability model changes, I think many of us are viewing the Verisign Cooperative Agreement as a legacy arrangement that should disappear after the transition.
An interesting assumption.
Which means that the IANA functions operator would either be the contracter for the RZM function, or the Contract Co would contract for it directly. Between those two options it’s clear that there are significant differences in the accountability model, and either of those is significantly different from the status quo, which relies on the NTIA. So again I don’t quite grasp what you are asking about.
I was asking about Jordan's response to the scenario in which the IANA Function Operator and the Root Zone Maintainer are merged (which again, I neither support nor oppose), thus creating a single entity that receives, validates, and implements change requests. I gather he feels the accountability mechanism would be vastly different than if the IFO and RZM are separate. Since there is a single entity in both scenarios that, pragmatically speaking, holds all the cards and that entity is restrained only by contractual terms which would presumably be essentially the same in both cases, I'm not seeing a whole lot of difference.
Regards,
-drc
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Regards. -------------------------- Fouad Bajwa ICT4D and Internet Governance Advisor My Blog: Internet's Governance: http://internetsgovernance.blogspot.com/ Follow my Tweets: http://twitter.com/fouadbajwa
CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
Milton, Outside of my area of expertise, but I'm a bit surprised:
The point is that private companies have much stronger, better accountability arrangements than ICANN.
So you honestly believe the accountability arrangements for Enron, Waste Management, Stanford Financial, Country Wide, Worldcom, Tyco, HealthSouth, FreddieMac, AIG, Lehman Brothers, Bernie Madoff LLC., Saytam, Parmalat, Baninter, Olympus, Recruit, Adelphia, etc., etc., ad nauseum, are better than ICANN's? Regards, -drc
-----Original Message----- From: David Conrad [mailto:david.conrad@icann.org] So you honestly believe the accountability arrangements for Enron, Waste Management, Stanford Financial, Country Wide, Worldcom, Tyco, HealthSouth, FreddieMac, AIG, Lehman Brothers, Bernie Madoff LLC., Saytam, Parmalat, Baninter, Olympus, Recruit, Adelphia, etc., etc., ad nauseum, are better than ICANN's?
This is teetering on the brink of being a stupid conversation. But let me point out that all of the companies you mention have either been prosecuted, gone out of business or their CEOs are in jail. So, yeah, I think there is some accountability there. My point was not that "private, for-profit" is "better" than "nonprofit." My point was that we do not have the foggiest idea who ICANN's board is accountable to other than NTIA. It has not members. It has no shareholders. It has no competition.
Milton, I am amazed about reading this. Are you telling us that the ICANN CEO and Board are above the law and cannot be prosecuted if they run amok? That is an excellent example of FUD. Let's please get back down to earth. Kind regards, Olivier On 20/01/2015 17:01, Milton L Mueller wrote:
-----Original Message----- From: David Conrad [mailto:david.conrad@icann.org] So you honestly believe the accountability arrangements for Enron, Waste Management, Stanford Financial, Country Wide, Worldcom, Tyco, HealthSouth, FreddieMac, AIG, Lehman Brothers, Bernie Madoff LLC., Saytam, Parmalat, Baninter, Olympus, Recruit, Adelphia, etc., etc., ad nauseum, are better than ICANN's? This is teetering on the brink of being a stupid conversation. But let me point out that all of the companies you mention have either been prosecuted, gone out of business or their CEOs are in jail. So, yeah, I think there is some accountability there.
My point was not that "private, for-profit" is "better" than "nonprofit." My point was that we do not have the foggiest idea who ICANN's board is accountable to other than NTIA. It has not members. It has no shareholders. It has no competition.
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
I am not sure that is the primary concern. Granted, the Internet has slowed down, almost to the point where it moves at the speed of the legal system, but there is the very real concern that choices made by ICANN are implemented/deployed on one time scale and the legal system moves on a very different time scale. The interstitial gap between the two is where opportunistic money will be made. /bill PO Box 12317 Marina del Rey, CA 90295 310.322.8102 On 20January2015Tuesday, at 10:56, Olivier MJ Crepin-Leblond <ocl@gih.com> wrote:
Milton,
I am amazed about reading this. Are you telling us that the ICANN CEO and Board are above the law and cannot be prosecuted if they run amok? That is an excellent example of FUD. Let's please get back down to earth. Kind regards,
Olivier
On 20/01/2015 17:01, Milton L Mueller wrote:
-----Original Message----- From: David Conrad [mailto:david.conrad@icann.org] So you honestly believe the accountability arrangements for Enron, Waste Management, Stanford Financial, Country Wide, Worldcom, Tyco, HealthSouth, FreddieMac, AIG, Lehman Brothers, Bernie Madoff LLC., Saytam, Parmalat, Baninter, Olympus, Recruit, Adelphia, etc., etc., ad nauseum, are better than ICANN's? This is teetering on the brink of being a stupid conversation. But let me point out that all of the companies you mention have either been prosecuted, gone out of business or their CEOs are in jail. So, yeah, I think there is some accountability there.
My point was not that "private, for-profit" is "better" than "nonprofit." My point was that we do not have the foggiest idea who ICANN's board is accountable to other than NTIA. It has not members. It has no shareholders. It has no competition.
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
Let's not confuse criminal accountability to the state (i.e., being prosecuted by the state for breaking the law), with other forms of accountability. Of course the ICANN CEO and Board [like any CEO and any Board] can be prosecuted if they break the law or appear to do so. That's not what's at issue here. I agree with Olivier, in that this is an excellent example of FUD; but who brought it up in the first place? The issue is not (and never has been) criminal accountability. ICANN and its Directors are subject to the laws of the US and multiple other jurisdictions in various ways. It is "civil accountability" -- accountability to internal and external non-governmental entities and classes of persons and organizations. As Milton points out, private companies (whether or not they are "public" (i.e., publicly-traded) are accountable under the law to their shareholders. Membership non-profits are accountable under the law to their members. ICANN has no class of persons or organizations it is accountable to in that sense. The question boils down to "Who is ICANN answerable to?" There are other forms of internal and external accountability, of course, by which companies (non-profit and otherwise) are held accountable to those "outside" the company: accountability to customers/clients/vendors -- but with limited forms of redress. Competition and market factors that provide a certain form of accountability. Regulators that provide accountability (often for limited purposes) with civil or criminal penalties as a form of remedy. ICANN is (for better or worse) virtually unique. Most companies do not have an organized "community" of "stakeholders" around them, like ICANN. Most companies are not acting as policy and governance "ecosystems," like ICANN. In many ways, this uniqueness is a good thing, but it gives us unique challenges. While we can borrow heavily from the "playbooks" of existing non-profits and private companies (whether publicly-traded or not), their solutions will need to be customized (more or less) to suit our situation. Let's try to find the constructive aspects of each contribution, avoid conscious or unconscious misinterpretations, and see what options are available to us. There are going to be real issues with every option; trying to resolve those is a big enough task. Let's not add to it with an excess of unfruitful byplay. Greg Shatan On Tue, Jan 20, 2015 at 1:56 PM, Olivier MJ Crepin-Leblond <ocl@gih.com> wrote:
Milton,
I am amazed about reading this. Are you telling us that the ICANN CEO and Board are above the law and cannot be prosecuted if they run amok? That is an excellent example of FUD. Let's please get back down to earth. Kind regards,
Olivier
On 20/01/2015 17:01, Milton L Mueller wrote:
-----Original Message----- From: David Conrad [mailto:david.conrad@icann.org] So you honestly believe the accountability arrangements for Enron, Waste Management, Stanford Financial, Country Wide, Worldcom, Tyco, HealthSouth, FreddieMac, AIG, Lehman Brothers, Bernie Madoff LLC.,
Saytam,
Parmalat, Baninter, Olympus, Recruit, Adelphia, etc., etc., ad nauseum, are better than ICANN's? This is teetering on the brink of being a stupid conversation. But let me point out that all of the companies you mention have either been prosecuted, gone out of business or their CEOs are in jail. So, yeah, I think there is some accountability there.
My point was not that "private, for-profit" is "better" than "nonprofit." My point was that we do not have the foggiest idea who ICANN's board is accountable to other than NTIA. It has not members. It has no shareholders. It has no competition.
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
Dear Greg, thanks for your kind message. A follow-up below: On 20/01/2015 20:30, Greg Shatan wrote:
ICANN is (for better or worse) virtually unique. Most companies do not have an organized "community" of "stakeholders" around them, like ICANN. Most companies are not acting as policy and governance "ecosystems," like ICANN. In many ways, this uniqueness is a good thing, but it gives us unique challenges. While we can borrow heavily from the "playbooks" of existing non-profits and private companies (whether publicly-traded or not), their solutions will need to be customized (more or less) to suit our situation.
You are absolutely right, ICANN is virtually unique. I therefore am very concerned that some suggestions are that it loses this uniqueness and ends up working on a for profit corporate model of shareholders. It's not that I am against share ownership - I am a shareholder of many US corporations - but the idea of accountability based on US corporation accountability is seriously dented outside the United States. Again it's a perception thing and I know it's not perceived in the US but most of the rest of the world doesn't see it that way. I have concerns that we are, once again, going to be accused of replacing US government accountability with US corporate interest accountability and that will do nothing for the legitimacy of our proposed solution. Kind regards, Olivier
Olivier: Two points. 1. I don't think anyone (myself included) is suggesting a shareholder model per se. Indeed, a US non-profit generally cannot have shareholders. The "membership" model comes squarely out of the non-profit world. The commonality between the two is that the Board in each instance can be made accountable to that body in a way that no other body can possess. The references to shareholders are merely an analogy, and reading any leaning toward a for profit model is entirely a mis-reading. 2. As to whether US corporate accountability is "seriously dented" outside the US, I don't know (though it seems rather overheated to me). However, I think you are again reading too much into things. The examples given would work just about as well with French corporations or Japanese corporations or Australian corporations. It would be ludicrous and extremely unhelpful to say that we have nothing to learn from US corporate governance or the governance of "for profit" corporations generally, or that we must ignore all the work in that area. We can't be so allergic on principle to these things, and I doubt that most of us are. (I would also note that that in David Conrad's "parade of horribles," there were companies from Japan, India, Italy and the Dominican Republic in addition to the US, so making this a US issue is both unfair and inaccurate.) Greg On Tue, Jan 20, 2015 at 3:44 PM, Olivier MJ Crepin-Leblond <ocl@gih.com> wrote:
Dear Greg,
thanks for your kind message. A follow-up below:
On 20/01/2015 20:30, Greg Shatan wrote:
ICANN is (for better or worse) virtually unique. Most companies do not have an organized "community" of "stakeholders" around them, like ICANN. Most companies are not acting as policy and governance "ecosystems," like ICANN. In many ways, this uniqueness is a good thing, but it gives us unique challenges. While we can borrow heavily from the "playbooks" of existing non-profits and private companies (whether publicly-traded or not), their solutions will need to be customized (more or less) to suit our situation.
You are absolutely right, ICANN is virtually unique. I therefore am very concerned that some suggestions are that it loses this uniqueness and ends up working on a for profit corporate model of shareholders. It's not that I am against share ownership - I am a shareholder of many US corporations - but the idea of accountability based on US corporation accountability is seriously dented outside the United States. Again it's a perception thing and I know it's not perceived in the US but most of the rest of the world doesn't see it that way. I have concerns that we are, once again, going to be accused of replacing US government accountability with US corporate interest accountability and that will do nothing for the legitimacy of our proposed solution.
Kind regards,
Olivier
Dear Greg, points taken and I am glad that in point 1 you clearly spell out that we are not edging towards a for-profit model. As for your second point, I'll be the first one to admit that whilst there have been bad examples of corporate corruption in the US, this has also been the same in other countries. I'll even go as far as admitting that in the US, culprits have ended up in jail whilst in, say France, they've just moved to another state company after being fined & had a slap on their fingers. Corruption in other countries is not unheard of either, of course. So let's concentrate more on using accountability principles for the special non-profit animal that ICANN is rather than using classic shareholder accountability principles that you and I know can be circumvented as has been shown time and time again. Why didn't we look for good principles and best practices in other global non-profit orgs? Why don't we think about enhancing accountability using ICANN's seed accountability processes? We are? Then I do not know why we are so intent on saying otherwise. Is the grass really greener on the other side of the fence? Kindest regards, Olivier On 20/01/2015 22:24, Greg Shatan wrote:
Olivier:
Two points.
1. I don't think anyone (myself included) is suggesting a shareholder model per se. Indeed, a US non-profit generally cannot have shareholders. The "membership" model comes squarely out of the non-profit world. The commonality between the two is that the Board in each instance can be made accountable to that body in a way that no other body can possess. The references to shareholders are merely an analogy, and reading any leaning toward a for profit model is entirely a mis-reading.
2. As to whether US corporate accountability is "seriously dented" outside the US, I don't know (though it seems rather overheated to me). However, I think you are again reading too much into things. The examples given would work just about as well with French corporations or Japanese corporations or Australian corporations. It would be ludicrous and extremely unhelpful to say that we have nothing to learn from US corporate governance or the governance of "for profit" corporations generally, or that we must ignore all the work in that area. We can't be so allergic on principle to these things, and I doubt that most of us are.
(I would also note that that in David Conrad's "parade of horribles," there were companies from Japan, India, Italy and the Dominican Republic in addition to the US, so making this a US issue is both unfair and inaccurate.)
Greg
On Tue, Jan 20, 2015 at 3:44 PM, Olivier MJ Crepin-Leblond <ocl@gih.com <mailto:ocl@gih.com>> wrote:
Dear Greg,
thanks for your kind message. A follow-up below:
On 20/01/2015 20:30, Greg Shatan wrote: > ICANN is (for better or worse) virtually unique. Most companies do > not have an organized "community" of "stakeholders" around them, like > ICANN. Most companies are not acting as policy and governance > "ecosystems," like ICANN. In many ways, this uniqueness is a good > thing, but it gives us unique challenges. While we can borrow heavily > from the "playbooks" of existing non-profits and private companies > (whether publicly-traded or not), their solutions will need to be > customized (more or less) to suit our situation.
You are absolutely right, ICANN is virtually unique. I therefore am very concerned that some suggestions are that it loses this uniqueness and ends up working on a for profit corporate model of shareholders. It's not that I am against share ownership - I am a shareholder of many US corporations - but the idea of accountability based on US corporation accountability is seriously dented outside the United States. Again it's a perception thing and I know it's not perceived in the US but most of the rest of the world doesn't see it that way. I have concerns that we are, once again, going to be accused of replacing US government accountability with US corporate interest accountability and that will do nothing for the legitimacy of our proposed solution.
Kind regards,
Olivier
David, Yes, for the companies you mentioned there was substantial and in some cases total destruction of these companies' brands and shareholder value as a result of accountability mechanisms not being followed. However, as a direct result of the recognition that there was insufficient oversight, control, and governance; additional accountability reforms such as Sarbanes Oxley and Dodd Frank were put in place to help prevent these mistakes from reoccurring. As Milton points out, while these happened, there were consequences because there were accountability mechanisms, laws, etc., in place because shareholders sued and most of the folks responsible are in jail. WorldCom's directors - ten of them - were ordered by a court to pay $18 million of *their own money* -no insurance- to settle a class-action shareholder suit. And Bernard Ebbers, WorldCom's CEO, is still serving his 25 year prison term. Is there stronger accountability than that? I am sure you know that such problems are not unique to for-profit companies. If not, I suggest that you add FIFA to your list: http://www.nytimes.com/2014/06/08/opinion/sunday/throw-fifa-out-of-the-game.... . But I also do not see the value in arguing back and forth with regard to specific organizational failures except to illustrate why the community wants to ensure that ICANN accountability minimizes the risks of those kinds of failures. You apparently think that ICANN's accountability measures are sufficient; many in the community disagree and are working to find ways to improve accountability. This includes ICANN's own board of directors and the NTIA. As to why I think improved accountability is needed I refer you to an article published a few years ago by Thomas Lenard and Lawrence White titled 'Improving ICANN's Governance and Accountability: A Policy Proposal' (http://techpolicyinstitute.org/files/improving%20icanns%20governance%20and%2... ). In particular, I call your attention to Table 2 in the article that compares ICANN accountability to accountability in corporations, governments and non-profits. Chuck -----Original Message----- From: cwg-stewardship-bounces@icann.org [mailto:cwg-stewardship-bounces@icann.org] On Behalf Of David Conrad Sent: Monday, January 19, 2015 10:59 PM To: Milton L Mueller Cc: cwg-stewardship@icann.org Subject: Re: [CWG-Stewardship] NTIA's Role in Root Zone Management Milton, Outside of my area of expertise, but I'm a bit surprised:
The point is that private companies have much stronger, better accountability arrangements than ICANN.
So you honestly believe the accountability arrangements for Enron, Waste Management, Stanford Financial, Country Wide, Worldcom, Tyco, HealthSouth, FreddieMac, AIG, Lehman Brothers, Bernie Madoff LLC., Saytam, Parmalat, Baninter, Olympus, Recruit, Adelphia, etc., etc., ad nauseum, are better than ICANN's? Regards, -drc
Chuck,
But I also do not see the value in arguing back and forth with regard to specific organizational failures except to illustrate why the community wants to ensure that ICANN accountability minimizes the risks of those kinds of failures.
To be honest, given ICANN's uniqueness as mentioned by Greg, I don't see a lot of value or relevance in asserting accountability associated with Verisign's for-profit company status -- it all seems like a big red herring to me.
You apparently think that ICANN's accountability measures are sufficient;
Actually, I have made no such assertion. As stated, I'm just a technical person and all this accountability stuff is beyond me. What I do object to, however, are the statements by yourself, Milton, and others that imply that ICANN is operating in an accountability vacuum. I have no doubt ICANN's accountability can be improved, but ICANN does have a number of accountability measures and besides, isn't that the task of a different group? Regards, -drc
David, unfortunately, I think you are misusing my claim of "uniqueness." I go on to say that we should "borrow heavily from the "playbooks" of existing non-profits and private companies (whether publicly-traded or not), [but]their solutions will need to be customized (more or less) to suit our situation." And as I've stated to Olivier, I think we have a great deal to learn from corporate governance methods for "for profit" companies as well as non-profits. I think Chuck is using Verisign because he is familiar with it -- not because it is a unique paragon of corporate accountability. We can substitute another company from another country with basically the same result. These type of non-substantive arguments really take us away from the actual pros and cons of ideas and proposals.-- that is the real "red herring" problem to me, and we seem to be accumulating enough red herrings to open a *Hollandse nieuwe haring* stand in Amsterdam.... On Tue, Jan 20, 2015 at 4:23 PM, David Conrad <david.conrad@icann.org> wrote:
Chuck,
But I also do not see the value in arguing back and forth with regard to specific organizational failures except to illustrate why the community wants to ensure that ICANN accountability minimizes the risks of those kinds of failures.
To be honest, given ICANN's uniqueness as mentioned by Greg, I don't see a lot of value or relevance in asserting accountability associated with Verisign's for-profit company status -- it all seems like a big red herring to me.
You apparently think that ICANN's accountability measures are sufficient;
Actually, I have made no such assertion. As stated, I'm just a technical person and all this accountability stuff is beyond me. What I do object to, however, are the statements by yourself, Milton, and others that imply that ICANN is operating in an accountability vacuum. I have no doubt ICANN's accountability can be improved, but ICANN does have a number of accountability measures and besides, isn't that the task of a different group?
Regards, -drc
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
Chuck,
For Verisign, that accountability has led to an excellent operational record of 17 years of uninterrupted uptime for .COM.
The effect does not appear to necessarily follow from the cause you claim. For example, I believe Verisign is on record as having concerns with the accountability of the root server system, yet the root has had significantly longer than 17 years of uninterrupted uptime. Similarly, .ARPA and its sub-zones, or even .INT which, as you are aware, are run by the body you claim to be unaccountable, all have uninterrupted uptimes I believe (but haven't verified) longer than 17 years. So perhaps the accountability associated with being a US-based for-profit corporation isn't necessarily the only factor in ensuring uptime of DNS zones (which, if you ask most DNS operations folk, given the design of the DNS and use of anycast, isn't all that hard assuming sufficient resources can be thrown at the problem).
What stops an ICANN employee from going 'stark raving mad��
Pretty much the same that would stop a Verisign employee from going stark raving mad: they'd (presumably) be fired. Or are you suggesting something about being a for-profit as opposed to a not-for-profit company disallows stark raving madness in its employees? However, even if an ICANN employee did go stark raving mad and was able to bypass the numerous internal controls that would block inappropriate action (the "insider threat" scenario), the result of that madness would (in this context) be the submission of a request to the Root Zone Maintainer (currently in parallel to the Root Zone Administrator) to make a modification to the root zone. Since ICANN does not have access to the root zone that is published to the root servers, that would be the sum total of the result of the madness. The separation of functionality between the IANA Function Operator and the Root Zone Maintainer, similar to the two-key systems in US missile silos, reduces the likelihood that catastrophic events would occur. Well, it would, except the Root Zone Maintainer, if they went stark raving mad, can _unilaterally_ make any change they choose because they edit AND distribute the signed root zone to the Root Server Operators with no mechanism in place for a third party to verify that the change made by the Root Zone Maintainer matches the change that was requested by the IANA Function Operator before publication. And, in fact, if I recall correctly, such an event did occur back around 2004, albeit not as a result of stark raving madness, but rather when a bug in Verisign's root zone management software caused an unanticipated change in glue records for zones operated by AFNIC (detected by at least one ccTLD manager after the root zone had been published IIRC). Of course Verisign assures us the bug has been fixed (AFAIK, the code Verisign uses, as opposed to code ICANN uses, is not open source so it is difficult to independently verify, but given lack of reoccurrence in the intervening decade+, I think it safe to assume the bug has been eradicated) and has indicated that internal processes (AFAIK, undocumented but I'll admit not having looked for documentation on Verisign's Root Zone Maintainer processes �� are those processes published anywhere?) are now in place to prevent a similar mistake from occurring, however that does not change the fundamental truth that the Root Zone Maintainer is the only entity that currently can unilaterally make a change to the root zone. There is nothing in the architecture of the DNS or the root system that requires the process to be this way. As a straw man, one potential alternative model would be: 1. The proposed root zone changes submitted by TLD managers get publicly posted by the IANA Function Operator after validation. 2. The Root Zone Maintainer fetches the proposed change, applies the change to the root zone, signs the zone (thereby disallowing further change), and publicly posts the new zone. 3. The IANA Function Operator fetches the new zone, verifies the change implemented matches the change requested and distributes the zone to the Root Server Operator. If the change implemented doesn't match the change requested, you go back to step 1. This model (one with myriad variations) provides true two-party controls, regardless of who the IANA Function Operator and Root Zone Maintainer are. If a model like this had been in place back in 2004, there would have been a chance that the AFNIC mistake would have been caught before the incorrect glue had be published to the global DNS by Verisign. This, of course, shouldn't be taken as criticism of Verisign �� bugs, like stark raving madness, happen. This is merely an observation that the current multi-party root zone management process may not be providing the level of accountability people assume it does, regardless of the for-profit or not-for-profit status of the implementers. (I'll note in passing that if there a delay is inserted between steps 1 and 2 or between step 2 and 3, an appeal/injunction mechanism could (potentially) be applied. I have no opinion on whether this would be a good idea or not.) In all the discussions I've seen on the transition of the stewardship of the IANA Functions contract related to the Root Zone Management function, there has been precious little discussion of the actual root zone management processes despite the fact that, given NTIA will no longer be involved, those processes MUST change and those changes will have DIRECT operational impact on the Internet. I'll admit to a bit of surprise about this.
or a post-transition ICANN from going �stark-raving-greedy��?
I'll admit to not following the ICANN Accountability stuff all that closely �� I'm just a technical person (or try to be) so much of that discussion is beyond me. However, my understanding (which is probably wrong) is that ultimately, Verisign, being a for-profit company incorporated in a state that is (perhaps unfairly) known to have the least stringent corporate responsibility requirements, has a fiduciary responsibility to its shareholders to make a profit. ICANN, being a California public benefit not-for-profit, has a fiduciary responsibility to serve the public interest as interpreted by the State of California. While a for-profit like Verisign being "stark-raving-greedy" is arguably appropriate (at least according to the laws of the state of Delaware), I have some skepticism that State of California would see an ICANN that was "stark-raving-greedy" as being in the public interest. And, of course, that is ignoring other accountability mechanisms already in place at ICANN and whatever additional accountability mechanisms are put in place as a result of the transition. But I'm confused: my understanding, which is apparently flawed, was that the CCWG (not the CWG) is focused on improving the accountability of ICANN to the communities it serves and I wasn't actually asking about corporate accountability, I was asking about the accountability of the root zone process. Regards, -drc (ICANN CTO, but speaking only for myself)
Very useful message, David. Will have additional comments later, but for the time being, let me re-emphasize your point: In all the discussions I've seen on the transition of the stewardship of the IANA Functions contract related to the Root Zone Management function, there has been precious little discussion of the actual root zone management processes despite the fact that, given NTIA will no longer be involved, those processes MUST change and those changes will have DIRECT operational impact on the Internet. I'll admit to a bit of surprise about this.
Hi Jordan, My response inset On Wed, Dec 17, 2014 at 5:24 PM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Hi all, Seun:
On 18 December 2014 at 05:07, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
On Wed, Dec 17, 2014 at 4:55 PM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Giving both the right to operate the IANA functions, and the responsibility for operating the Root Zone, to the same entity would be far worse in respect of accountability and creating a new massively centralised power structure in Internet Governance than even the current idea of simply transferring IANA to ICANN in perpetuity.
The implementation of the names related IANA functions is largely the operation of the Root Zone, so i am not sure i understand why/how you have counted this as double rights?
Because today, there are two agreements and three parties:
NTIA which essentially "owns" the DNS, and offers two contracts/agreements: - to ICANN to be the IANA functions administrator - to Verisign to be the Root Zone Maintainer
If I read your suggestion right, you seem to think folding all that into one organisation would be OK.
Please note that VeriSign role is simply executing rootzone instructions from ICANN (which currently gets channelled through NTIA to VeriSign), so VeriSign by process has no control to independently make any change without authorisation. If we both have that understanding then i hope we can then agree that there is no double rights in that.
I can't imagine how that would be OK. It would be a giant concentration of power in one place and would create an all-powerful central institution for names management (absent massive cultural and structural changes at ICANN).
From my explanation (how i understand it) above, i hope you agree that its not in anyway a new thing and like i said, if Verisign is willing to continue maintaining (which i expect has cost implication) then one would envision an agreement between ICANN and Verisign that ensures the authorisation source remains single as it currently is.
Even if ICANN transitions to a more accountable organisation in terms of what it does, that doesn't balance out the very far-reaching change you seem to have suggested of putting all the pieces in one basket.
The way i understand it, there has always been a basket, just that the basket gets sighted by another party i.e NTIA (without NTIA changing its content) before it arrives Verisign who then load the content of the basket in the store
I cannot fathom how anyone who believes in distributed Internet governance can even contemplate such an idea.
Is your statement above clarified based on my comment above?
I think so.
Thanks
Jordan
But I am a relative newcomer. Can someone who supports such a notion
explain it?
I am too and still learning...so will be good to know what i may have missed
Thanks
best Jordan
On 17 December 2014 at 19:05, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
Thanks for the share... NTIA's role in this may not necessarily be replaced. One could then envision an arrangement between the operator and verisign (assuming verisign is still willing). It's good to note that some of the processes are already automated.
Cheers!
sent from Google nexus 4 kindly excuse brevity and typos. On 16 Dec 2014 23:31, "Allan MacGillivray" <allan.macgillivray@cira.ca> wrote:
The NTIA has just posted a document on its role in Root Zone Management: http://www.ntia.doc.gov/files/ntia/publications/ntias_role_root_zone_managem...
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- Jordan Carter
Chief Executive *InternetNZ*
04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter
*To promote the Internet's benefits and uses, and protect its potential.*
-- ------------------------------------------------------------------------
*Seun Ojedeji,Federal University Oye-Ekitiweb: http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535**alt email: <http://goog_1872880453>seun.ojedeji@fuoye.edu.ng <seun.ojedeji@fuoye.edu.ng>*
The key to understanding is humility - my view !
-- Jordan Carter
Chief Executive *InternetNZ*
04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter
*To promote the Internet's benefits and uses, and protect its potential.*
-- ------------------------------------------------------------------------ *Seun Ojedeji,Federal University Oye-Ekitiweb: http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535**alt email: <http://goog_1872880453>seun.ojedeji@fuoye.edu.ng <seun.ojedeji@fuoye.edu.ng>* The key to understanding is humility - my view !
Hi Seun, On 17 December 2014 at 18:21, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
Hi Jordan,
My response inset
On Wed, Dec 17, 2014 at 5:24 PM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Hi all, Seun:
On 18 December 2014 at 05:07, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
On Wed, Dec 17, 2014 at 4:55 PM, Jordan Carter <jordan@internetnz.net.nz
wrote:
Giving both the right to operate the IANA functions, and the responsibility for operating the Root Zone, to the same entity would be far worse in respect of accountability and creating a new massively centralised power structure in Internet Governance than even the current idea of simply transferring IANA to ICANN in perpetuity.
The implementation of the names related IANA functions is largely the operation of the Root Zone, so i am not sure i understand why/how you have counted this as double rights?
Because today, there are two agreements and three parties:
NTIA which essentially "owns" the DNS, and offers two contracts/agreements: - to ICANN to be the IANA functions administrator - to Verisign to be the Root Zone Maintainer
If I read your suggestion right, you seem to think folding all that into one organisation would be OK.
Please note that VeriSign role is simply executing rootzone instructions from ICANN (which currently gets channelled through NTIA to VeriSign), so VeriSign by process has no control to independently make any change without authorisation. If we both have that understanding then i hope we can then agree that there is no double rights in that.
I am afraid you're not getting the point. That contractual and organisational separation is very important. It is the *fact* of that separation between entities and managing relationships by contract that allows us all to feel comfortable. I genuinely can't understand why you think that adding it into one organisation and removing all that is OK - or even more concerningly, that you don't seem to understand how big a change that would be.
I can't imagine how that would be OK. It would be a giant concentration of power in one place and would create an all-powerful central institution for names management (absent massive cultural and structural changes at ICANN).
From my explanation (how i understand it) above, i hope you agree that its not in anyway a new thing and like i said, if Verisign is willing to continue maintaining (which i expect has cost implication) then one would envision an agreement between ICANN and Verisign that ensures the authorisation source remains single as it currently is.
No, we don't agree - as above.
Even if ICANN transitions to a more accountable organisation in terms of what it does, that doesn't balance out the very far-reaching change you seem to have suggested of putting all the pieces in one basket.
The way i understand it, there has always been a basket, just that the basket gets sighted by another party i.e NTIA (without NTIA changing its content) before it arrives Verisign who then load the content of the basket in the store.
What if one person controls the whole process, as you are proposing? That's the nub of my concern. Jordan -- Jordan Carter Chief Executive *InternetNZ* 04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter *To promote the Internet's benefits and uses, and protect its potential.*
Hi Jordan, Let me make another attempt to clarify my point On Thu, Dec 18, 2014 at 11:18 AM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Hi Seun,
On 17 December 2014 at 18:21, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
I am afraid you're not getting the point. That contractual and organisational separation is very important. It is the *fact* of that separation between entities and managing relationships by contract that allows us all to feel comfortable.
I think you are mis-understanding my point which is that gTLD at the moment ONLY has its home in ICANN. Yes contractual approach is currently been used for gTLD because there is no sense of strong accountability within the organisation. If there is then need to continue the contractual route it can ONLY work in the manner currently being used i.e an entirely independent organisation (like the RIR, IETF, ccTLD, NTIA) makes a service agreement with the operator. However as we have now identified the need to transition oversight to multistakeholder, that can ONLY be effective by implementing mechanism within an organisation that allows the multistakholder community feel somewhat in charge. It does not make any diagrammatic sense(talkless of it making a practical sense) saying a contractor will rely on the resources of the operator in order to perform its duties.
I genuinely can't understand why you think that adding it into one organisation and removing all that is OK - or even more concerningly, that you don't seem to understand how big a change that would be.
I do hope you do understand my point based on above now. Otherwise do let me know what/where
I can't imagine how that would be OK. It would be a giant concentration of power in one place and would create an all-powerful central institution for names management (absent massive cultural and structural changes at ICANN).
From my explanation (how i understand it) above, i hope you agree that its not in anyway a new thing and like i said, if Verisign is willing to continue maintaining (which i expect has cost implication) then one would envision an agreement between ICANN and Verisign that ensures the authorisation source remains single as it currently is.
No, we don't agree - as above.
Even if ICANN transitions to a more accountable organisation in terms of what it does, that doesn't balance out the very far-reaching change you seem to have suggested of putting all the pieces in one basket.
The way i understand it, there has always been a basket, just that the basket gets sighted by another party i.e NTIA (without NTIA changing its content) before it arrives Verisign who then load the content of the basket in the store.
What if one person controls the whole process, as you are proposing? That's the nub of my concern.
The whole process has always been from one source (i.e the IANA operator)
so what its important is ensuring that instruction sent from the source is as expected. This does not require any external body to look at but require internal mechanism that ensure the operator does not send information that is not inline with the community's policy (which will largely require the bylaw/policy rewording) Regards
Jordan
-- Jordan Carter
Chief Executive *InternetNZ*
04 495 2118 (office) | +64 21 442 649 (mob) jordan@internetnz.net.nz Skype: jordancarter
*To promote the Internet's benefits and uses, and protect its potential.*
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- ------------------------------------------------------------------------ *Seun Ojedeji,Federal University Oye-Ekitiweb: http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535**alt email: <http://goog_1872880453>seun.ojedeji@fuoye.edu.ng <seun.ojedeji@fuoye.edu.ng>* The key to understanding is humility - my view !
Hi Seun, On 18 December 2014 at 12:14, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
Hi Jordan,
Let me make another attempt to clarify my point
On Thu, Dec 18, 2014 at 11:18 AM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Hi Seun,
On 17 December 2014 at 18:21, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
I am afraid you're not getting the point. That contractual and organisational separation is very important. It is the *fact* of that separation between entities and managing relationships by contract that allows us all to feel comfortable.
I think you are mis-understanding my point which is that gTLD at the moment ONLY has its home in ICANN. Yes contractual approach is currently been used for gTLD because there is no sense of strong accountability within the organisation. If there is then need to continue the contractual route it can ONLY work in the manner currently being used i.e an entirely independent organisation (like the RIR, IETF, ccTLD, NTIA) makes a service agreement with the operator. However as we have now identified the need to transition oversight to multistakeholder, that can ONLY be effective by implementing mechanism within an organisation that allows the multistakholder community feel somewhat in charge.
We are talking about entirely different things. There is no linkage at all between the ICANN-gTLD contracts and the two contracts I am talking about. The ICANN-gTLD contracts are because the gTLDs are an ICANN creation. Neither their existence, nor the absence of contracts between ccTLDs and ICANN, has anything to do with the questions we are dealing with here. All we are dealing with is whether ICANN should own the stewardship of the IANA functions, or whether an organisation outside ICANN has that stewardship. In my opinion it should be outside ICANN, because an inside ICANN solution makes it next to impossible to ensure that a necessary change of IANA operator will be achievable. You *cannot* have ICANN as steward and an equivalence of accountability to today, no matter what you do in the -accountability CCWG or in terms of improving ICANN accountability. I think we now can see where we are talking about different things... So I ask a question - if you want to put stewardship inside ICANN, can you explain why? <snip>
Even if ICANN transitions to a more accountable organisation in terms of what it does, that doesn't balance out the very far-reaching change you seem to have suggested of putting all the pieces in one basket.
The way i understand it, there has always been a basket, just that the basket gets sighted by another party i.e NTIA (without NTIA changing its content) before it arrives Verisign who then load the content of the basket in the store.
What if one person controls the whole process, as you are proposing? That's the nub of my concern.
The whole process has always been from one source (i.e the IANA operator) so what its important is ensuring that instruction sent from the source is as expected. This does not require any external body to look at but require internal mechanism that ensure the operator does not send information that is not inline with the community's policy (which will largely require the bylaw/policy rewording)
No. The one source of authority has been NTIA, which has contracts with ICANN to be the IANA Functions Operator, and with Verisign to be the Root Zone Maintainer. You are proposing that the one source of authority be ICANN. I am saying I disagree, and I am further saying that nowhere have I yet seen an argument that sets out why consolidating things in one place is a good idea. best, Jordan
Hello Jordan, On Thu, Dec 18, 2014 at 2:35 PM, Jordan Carter <jordan@internetnz.net.nz> wrote:
Hi Seun,
On 18 December 2014 at 12:14, Seun Ojedeji <seun.ojedeji@gmail.com> wrote:
Hi Jordan,
Let me make another attempt to clarify my point
I think you are mis-understanding my point which is that gTLD at the moment ONLY has its home in ICANN. Yes contractual approach is currently been used for gTLD because there is no sense of strong accountability within the organisation. If there is then need to continue the contractual route it can ONLY work in the manner currently being used i.e an entirely independent organisation (like the RIR, IETF, ccTLD, NTIA) makes a service agreement with the operator. However as we have now identified the need to transition oversight to multistakeholder, that can ONLY be effective by implementing mechanism within an organisation that allows the multistakholder community feel somewhat in charge.
We are talking about entirely different things.
There is no linkage at all between the ICANN-gTLD contracts and the two contracts I am talking about.
I am not talking about those agreements between ICANN and registrars/registries. I was more of using gTLD to explain the fact that ICANN is the organisation for gTLD and one the role it does for names is RZM which is part of IANA function. ICANN is not the organisation for numbers neither is it for protocols and that is why there is a need for them to have an agreement going forward because the service its providing to them needs to be formalised.
The ICANN-gTLD contracts are because the gTLDs are an ICANN creation. Neither their existence, nor the absence of contracts between ccTLDs and ICANN, has anything to do with the questions we are dealing with here.
Again this is not what i am saying. This CWG is to transition the rights/accountability (stewardship) of NTIA to multi-stakeholder, there is NO organisation called multistakeholder however we know of multistakeholder communities. How else do you then transfer that if not through providing mechanisms that makes the operator accountable to the multistakeholder community.
All we are dealing with is whether ICANN should own the stewardship of the IANA functions, or whether an organisation outside ICANN has that stewardship.
This is where i think there may be mis-understanding, it does not make any sense to argue that ICANN(as an organisation) should own the stewardship, but it does makes sense to ensure that ICANN (as a community) is exercising the oversight on ICANN (as an organisation). So when we (ALAC members) say "internal to ICANN" we are saying implementation of mechanism within ICANN that empowers the community. Empowerment is not just circled around moving IANA, its circled around seeing a problem, and determining solution through bottom up process and ensuring those solutions are implemented. So more of the exercising will be about fixing.
In my opinion it should be outside ICANN, because an inside ICANN solution makes it next to impossible to ensure that a necessary change of IANA operator will be achievable.
Lets both think through that route; we need to transition to multistakeholder so what is the "outside multistakeholder" you are referring to? what do you also define as "outside" in that context?. The present CWG proposal for instance intends to setup a new organisation that will solely use the resources of the present operator (both the community and the funds) to operate, so how have you justified outside? except that you have just tried to go to Kenya from Nigeria using Emirates airline (why not Kenya airways)
You *cannot* have ICANN as steward and an equivalence of accountability to today, no matter what you do in the -accountability CCWG or in terms of improving ICANN accountability.
The other point is that we/you ONLY see stewardship as ability to move IANA and so circle all your options around that. This should not be the case, stewardship is series of accountability mechanisms and moving IANA is just 1 aspect of it. So the CWG is indeed looking for accountability just that its only concerned about those related to names of IANA functions for example reviewing budget relating to ICANN globalization may not be within our scope but the budget of IANA maintenance is, also the source of IANA operation instruction is within our scope.
I think we now can see where we are talking about different things...
I don't think so, but you may point me to what i may have missed
So I ask a question - if you want to put stewardship inside ICANN, can you explain why?
Again stewardship are rights enabled by processes, if its not incorporated into ICANN (organisation and community) then there is no other way to effectively reflect it other than to continue the current status quo which is basically having another NTIA like organisation (in all its independence) awarding the contracts
Regards
<snip>
Even if ICANN transitions to a more accountable organisation in terms of what it does, that doesn't balance out the very far-reaching change you seem to have suggested of putting all the pieces in one basket.
The way i understand it, there has always been a basket, just that the basket gets sighted by another party i.e NTIA (without NTIA changing its content) before it arrives Verisign who then load the content of the basket in the store.
What if one person controls the whole process, as you are proposing? That's the nub of my concern.
The whole process has always been from one source (i.e the IANA operator) so what its important is ensuring that instruction sent from the source is as expected. This does not require any external body to look at but require internal mechanism that ensure the operator does not send information that is not inline with the community's policy (which will largely require the bylaw/policy rewording)
No. The one source of authority has been NTIA, which has contracts with ICANN to be the IANA Functions Operator, and with Verisign to be the Root Zone Maintainer.
You are proposing that the one source of authority be ICANN.
I am saying I disagree, and I am further saying that nowhere have I yet seen an argument that sets out why consolidating things in one place is a good idea.
best, Jordan
_______________________________________________ CWG-Stewardship mailing list CWG-Stewardship@icann.org https://mm.icann.org/mailman/listinfo/cwg-stewardship
-- ------------------------------------------------------------------------ *Seun Ojedeji,Federal University Oye-Ekitiweb: http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535**alt email: <http://goog_1872880453>seun.ojedeji@fuoye.edu.ng <seun.ojedeji@fuoye.edu.ng>* The key to understanding is humility - my view !
participants (11)
-
Allan MacGillivray -
Christopher Wilkinson -
David Conrad -
Fouad Bajwa -
Gomes, Chuck -
Greg Shatan -
Jordan Carter -
manning bill -
Milton L Mueller -
Olivier MJ Crepin-Leblond -
Seun Ojedeji