How The U.S. Government Undermined the Internet

sakshale writes "The Register has an article about U.S. Government backed policy changes that have led ICANN to redelegate top level domains in such a way as to provide 'greater state-controlled censorship on the internet, reduce people's ability to use the internet to communicate freely, and leave expansion of the internet in the hands of the people least capable of doing the job'" More from the article: "At that meeting, consciously and for the first time, ICANN used a US government-provided reason to turn over Kazakhstan's internet ownership to a government owned and run association without requiring consent from the existing owners. The previous owners, KazNIC, had been created from the country's Internet community. ICANN then immediately used that 'precedent' to hand ownership of Iraq's internet over to another government-run body, without accounting for any objections that the existing owners might have."

Read The Guidelines

[N8F8]

From CP-1: Internet Domain Name System Structure and Delegation (ccTLD Administration and Delegation)

(a) Delegation of a New Top Level Domain. Delegation of a new top level domain requires the completion of a number of procedures, including the identification of a TLD manager with the requisite skills and authority to operate the TLD appropriately. The desires of the government of a country with regard to delegation of a ccTLD are taken very seriously. The IANA will make them a major consideration in any TLD delegation/transfer discussions. Significantly interested parties in the domain should agree that the proposed TLD manager is the appropriate party. The key requirement is that for each domain there be a designated manager for supervising that domain's name space. In the case of ccTLDs, this means that there is a manager that supervises the domain names and operates the domain name system in that country. There must be Internet Protocol (IP) connectivity to the nameservers and electronic mail connectivity to the entire management, staff, and contacts of the manager. There must be an administrative contact and a technical contact for each domain. The administrative contact must reside in the country involved for ccTLDs. The IANA may choose to make partial delegations of a TLD when circumstances, such as those in a developing country, so dictate. It may also authorize a "proxy" DNS service outside of a developing country as a temporary form of assistance to the creation of Internet connectivity in new areas. [N.B. The IANA continues to receive inquiries about delegation of new gTLDs. This is a significant policy issue on which ICANN will conduct a careful study and review based on the established decision making procedures. Information about this study will be disseminated on the website at icann.org.]

Evidence?

[garcia]

When the US government took over Afghanistan in 2001, it was fortunate in that the current ccTLD owner was killed during bombing of Kabul. It simple forged the man's signature on a piece of paper handing over control to the US-created authority and the job was done.

Really? They have plenty of other links to information in that article but nothing about this particular tidbit. I did a quick search and found nothing in the first 100 results. Granted, I didn't do as much homework as I should have but I would have expected that the author of this article would have provided something more than a simple paragraph making such a claim.

Anyone else have some more evidence or is this another piece of sensationalist journalism that's meant to fire everyone up over nothing?

Misleading headline

[sparkydevil]

Should actually be "How ICANN Undermined the Internet"

What policy changed?

[MightyYar]

Unless I'm missing something, it has been ICANN policy to give the country's government ultimate control over the TLD for that country. This policy is from 2000:

Principles for Delegation and Administration of ccTLDs Presented by Governmental Advisory Committee

The relevant section (I think) says:

7.1 Where a communication between the relevant government or public authority and the delegee is in place, when ICANN is notified by the relevant government or public authority that the delegee has contravened the terms of the communication, or the term of the designation has expired, ICANN should act with the utmost promptness to reassign the delegation in coordination with the relevant government or public authority.

And there is a lot more language like that. The way it reads to me, ICANN does what the local government says regarding the TLD, as soon as possible - and this has been policy since at least February 2000.

Re:So how long....

[giorgiofr]

Already happened: just look at the ORSN, European Open Root Server Network (The Independent DNS Solution with IPv6 support for the European Community) at http://european.ch.orsn.net/.

Re:Decentralized Internet

[silas_moeckel]

Well the internet has 3 things that need any sort of central control IP's, ASN's and the DNS root. IP's are a finite resource and have to be given out based upon need. DNS could be made rootless at the server level but you still need some authoritative group to arbitrate domain names etc. mDNS along with some crypto like DNSsec could make a distributed root while maintaining some sence of stability. AS to ASN's it's just a number that acts as a unique identifer in the world wide BGP mesh that makes it all work :) again it's just a question of some group taking responcibility for it publishing a list and being reachable but like the DNS issue it's all about getting EVERYBODY to change over to it. mDSN has the best chance of moving as it's easy to be backwards compatable IP's and ASN's realy would require handoff from the current people that control them.

Tor: An anonymous Internet communication system

[Wikipedia]

http://tor.eff.org/

Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

Your traffic is safer when you use Tor, because communications are bounced around a distributed network of servers, called onion routers. Tor's technology aims to provide Internet users with protection against "traffic analysis," a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security.

Instead of looking at the content of your communications, traffic analysis tracks where your data goes and when, as well as how much is sent. Tor aims to make traffic analysis more difficult by preventing websites, eavesdroppers, and even the onion routers themselves from tracing your communications online. This means Tor lets you decide whether to identify yourself when you communicate.

Tor's security is improved as its user base grows and as more people volunteer to run servers. Please consider volunteering your time or volunteering your bandwidth. And remember that this is development code--it's not a good idea to rely on the current Tor network if you really need strong anonymity.

We are now actively looking for new sponsors and funding. If your organization has an interest in keeping the Tor network usable and fast, please contact us. Sponsors of Tor also get personal attention, better support, publicity (if they want it), and get to influence the direction of our research and development! Previous funders include ONR, DARPA, and the Electronic Frontier Foundation (who still kindly hosts our website).

TLD's - iraq is .iq and kazakstan is .kz

The Top-Level Domain extensions for each nation is described in the sidebar of its wikipedia entry.
I was curious and figured others must be too:
http://en.wikipedia.org/wiki/Iraq is .iq
http://en.wikipedia.org/wiki/Kazakhstan is .kz

Re:facts you might also remember about 2005

It is a reference, Google 'Ali G' or check out his link.

Re:Since When Is the Register Become a "News" Sour

[msuarezalvarez]

it is somewhat contradictory that the article first criticizes the US Gov't for maintaining too much Internet control, and then criticizes it for inducing ICANN to forfeit Internet control over to non-US entities.

You cannot be saying that you do not see how and why the US might be interested in those "non-US" entities like Afghanistan and Iraq? You cannot possibly be that gullible.

Re:It seems legitimate, Maybe i'm confused.

[Big_Al_B]

I am likely confused, as the article is light on details,

I don't think confusion is the right concept, but I think, "respectfully uninformed" is close.

but as I see it this seems perfectly legitmate, as much as I might disagree

You do have a confusing way of contradicting yourself though...

The .kz domain was set aside for a particular country, so It seems to me that they somewhat 'own' that, since it is labeled with their name.

Actually, normally and historically, governments don't own or control the country code Top Level Domains (ccTLDs) in the global IANA DNS system. Those ccTLDs are delegated to ccTLD managers who are qualified--predominantly private sector--"internet authorities" in those countries.

These delegations began in 1985 when John Postel began personally assigning them to various managers. IIRC, in 1994 Postel wrote IETF RFC 1591, that formalized the delegation and management guidelines for ccTLDs. ICANN/IANA took total control when Postel died, and added their own policies, but RFC 1591 is still considered valid.

Hence, if that government decides that there is something utilizing their .kz domain which they do not approve of, then it seems reasonable that they would be able to remove it, right?

Again, ccTLDs are delegated to managers, whose primary roles are to maintain TLD stability and perform required technical tasks to manage their ccTLD, and neither of those duties include content control or management.

However, since governments, local, regional and national, usually constitute a significant internet community presence in their localities, their influence with ccTLD managers is likely to be much greater than the average netizen's. This is different, though, than complete governence or authoritative control over a ccTLD. And it's this important difference that is the concern for many folks.

They aren't 'censoring' the site per-se, they are just saying they don't want it to use their name, the site can be posted under plenty of other domains, and is of course still accessible via it's IP address.

The tangible concern is that ICANN/IANA has, with the US government's guidance, implemented policies and practices that usurp competent ccTLD manager's rightful and proper delegations. The less tangible concern is that IANA has in some cases redelegated ccTLD management directly to governments--that may manage the ccTLDs to gain political advantage and bolster their power rather than in a stable, custodial manner.

If I let someone use my domain for their site, and then they put up a webpage bashing me, I would likely remove the DNS entry, making their site inaccessible via my domain.... I think that would be reasonable on my part, given that my domain reflects directly on me.

Not the same at all, as explained above.

On a side note, does it not seem reasonable that if you want to put up a site that is somewhat 'extreme' or that you fear would be censored by various governments, that you try to keep it independent of any government control?

Obviously.

Are there ways to do this? I can use different domains, or are all of these controlled by some government?

Well, you could have a friendly party outside your government's jurisdiction host your content for you.

Must I simply have my site accessible by IP address and without DNS to avoid outside control?

Of course, running an HTTP service on port 80 (or any other port) of any machine accessible from the internet will allow folks to view the HTTP content you serve, whether or not it is in global DNS.

Is there someway that someone could/would still shutdown access to my site even if I do not use DNS?

Your internet provider or any provider between you and the folks using your server could trivially redirect or simply drop HTTP packets to/from your IP address. If they are lawfully ordered to do that by authorities in their jurisdiction, they will.

Re:Those bastards

[susano_otter]

I draw to your attention the UN Human Rights Commmission, which condones all sorts of evil by the simple expedient of letting the evildoers chair the Commission.

Or, if your political tastes run the other way, consider the presence of the U.S. on the Security Council...

The problem with U.N. control over the internet is that it would give the worst offenders equal authority with those who do play well with others. Contrast this with the problem of "U.S." (i.e., ICANN) control: the U.S. may be an offender, but it's certainly not the worst, and it doesn't give the worst offenders much authority at all.