US Control of Internet Remains an Issue

Hugh Pickens writes "A UN-sponsored Internet conference ended with little progress on the issue of US control over the domain name system run by ICANN, a California-based nonprofit over which the US. government retains veto power. By controlling the core systems, the United States indirectly influences the way much of the world uses the Internet. As the conference drew to a close, the Russian representative, Konstantin Novoderejhkin, called on the United Nations secretary-general to create a working group to develop ''practical steps'' for moving Internet governance ''under the control of the international community.'' The United States insists that the existing arrangements ensure the Internet's stability and there's little indication that the US government and ICANN plan to cede their roles over domain names anytime soon. ''I think (there are) a small number of countries that are very agitated and almost don't care what the facts are,'' said Internet pioneer Vint Cerf, who stepped down as ICANN's chairman earlier this month. ''It's a very small vocal group bothered by this issue. ICANN has existed for eight years and done a great job with its plans for internationalization.'' With no concrete recommendations for action, the only certainty going forward is that any resentment about the American influence will only grow as more users from the developing world come online, changing the face of the global network. The next forum will held next year in New Delhi, India."

Re:Not really an issue

[foobsr]

The only issue here is that the United States currently has control, and is being presented with no good (or even clear) reason why it should give that control up.

Maybe one can find a majority that does not like it ( http://www.internetworldstats.com/stats.htm ).

CC.

Re:Internet is USA property now

[Smidge204]

Is there a clear technical reason why "control over the internet" should be handed over to the "International Community" ?

It issues you cite: "packet shaping, net neutrality, etc..." are all end-user (ISP level) issues. They do not effect the backbones and international communications at all. Furthermore, there is still no legislation at all regarding these issues (though the packet shaping/tampering thing is currently being "worked on")

Putting things into the hands of the UN is a horrible idea, simply because the UN has basically failed to do anything noteworthy since it's formation - unless they screwed something up, anyway. Do you honestly think that putting control into the hands of the "international community" will magically resolve all the political issues?

Also, my understanding is that international domain names are largely a TECHNICAL problem, not so much a political one. Putting the UN in charge will very likely not solve it. If their track record is anything to go by, they will likely force the issue and mess everything up. Let's not get politicians involved any more than they already are, yes?

Right now, the bulk of the argument in favor of the shift is essentially anti-American sentiment. Every country is free to build their own national internet and connect it to the global network... then they will have total control over the part that effects their country.
=Smidge=

So make your own!

[Chicken04GTO]

So make your own DNS and your own interwebs and go forth and be happy.
Americans dont trust the international community to do anything right except bitch about Americans.

If you dont like it, no one is gonna stop you from going your own way. Make your own.
Just stop complaining about it.

Where would it go?

[IBBoard]

Never mind the fact that people don't trust ICANN to be in charge of things* then that implies they want it to be moved to some other central location.

If we put it under NATO or UN control or something then where do the main authoritative servers get put? The UN doesn't own any territory, which means it would have to put it in the territory or a member state. Either that or they put it somewhere completely neutral (middle of the sea?) at which point the connection is terrible.

So, while it might be good to have it under less potentially influenced control, where would it all physically go?

* which, TBH, if the US Government have a veto on them then I don't really, but that's not important

America Bends Over Again

[usul294]

America in that past 20 years has constantly been making policy based on trying to be a good guy, and that just pisses people off because that's such a holier than thou attitude about things. If American policy was "If you want the internet, Russians/European Union folks, do something about it besides whining", it would make people upset in the short run, but if this was always policy, our true allies (not-Russia) would be happier because they benefited more. To quote Thucydides: "The strong do what they can, and the weak suffer what they must." No state maintains a status of power when it is willing to surrender authority to other states.

Re:Time for a heart bypass?

[photon317]

1) There are core systems and networks that make the network more vulnerable to physical attack than was originally planned. I'm hopeful that going forward, in the best interests of low latency and high bandwidth, we'll see more and more of the giant backbone providers doing mesh-like interconnects with each other all across their respective networks, instead of thinking in terms of discrete exchange points.

2) "Routing traffic" isn't the issue. European traffic already stays in Europe (etc). This is an issue regarding who controls the policies that control the root nameservers. In other words, who decides how domain-name disputes are settled, what the rules are for top-level domains, and what the rules and regulations are for domain registrars. Already most countries are served by locally-controlled top-level registrars underneath ICANN. Unfortunately for the whiners, if you want a coherent worldwide domain name system, someone has to set the policies, and it's us. The UN's ability to govern anything is a joke, much less govern technical policy affecting the Internet. It should stay in the US where it belongs.

Re:Not really an issue

[dajak]

There is no property issue here. Taking "control" from the US is merely an issue of reconfiguring DNS in your own country: no goods are taken away from the US, its citizens, or its companies, and the permission of the US is not required. Neither is a democratic majority of the world population. The reason to bring this into the UN is to coordinate the operation.

What's next? The US complaining if countries X and Y decide not to trade oil to eachother anymore in US dollars, or if country Z decides not to use operating systems from a US company anymore? "Control over DNS" is not an entitlement. It's simply what happened when countries connected to the Internet and didn't fix a thing that wasn't broken. Since the US started talking about "cyber warfare" many countries started to realize that DNS as it works now is broken, at least from a military strategic point of view. It is not surprising that the countries most worried about it are exactly those that the US likes least.

IPv4 cost, DNSSEC, & control of root servers

[anticypher]

I have been talking quite a bit with an economist who was in Rio all this week at the IGF. His take is more of watching what the economic situation will be when artificial, monopoly based, scarcity is introduced into the system. I can't wait to hear his take on the brazillian brawl this week.

Specifically, what happens to IPv4 address allocation when there is no longer any freely available netblocks. (Pay special attention to pages 27&29, and watch the accompanying video). New allocations will come from returned address pools, so a queuing system will have to be implemented at the RIR level. Starting up a new ISP, or expanding your customer base and need more address space after 2010, and your request will go into a FIFO queue.

Now, economists see two distinct futures for a market based on scarcity. One is where cooperation and fairness ensure that everyone gets along, which is the current internet model, and the other is known as the "University of Chicago School of Free Market Uber Alles^W^W^W^WEconomics" government enforced monopoly, where a few select companies are allowed to charge whatever the market will bear with no real competition or alternatives. Maybe a US government sanctioned company called IPbay will become the sole broker to trade netblocks.

In the first scenario, the internet continues to function as it does now, companies needing new addresses will have longer and longer waits and will have to adjust their business plans accordingly. Into a system like this, where address space could be traded, stolen, pirated or worse, RIRs have no real powers to stop it falling into total anarchy. Except, the IETB, IANA, the RIRs, have a new tool in their arsenal to combat anarchy, called DNSSEC.

In the second scenario, one, or a very few, private companies based in the US, of course, take over the entire market for buying and selling IPv4 address space. Want to keep that nice /16 you are using? It will cost you $BIGNUM/month in rental fees, or we give it to someone else. Those controlling companies will also use DNSSEC to control who has the right to announce a prefix.

For router engineers, those who work with BGP and AS numbers on a regular basis, things have been pretty quiet until now. A few bogon filters, and you just generally believe whatever gets fed to you. The internet is mostly "best effort" and if some traffic doesn't reach it's goal, there isn't much that can be done beyond some simple tuning. There is some routing data in the routing registries, but it's rarely up to date and the accuracy depends on whatever random person did the update.

But in a few years, when companies start to get desperate for IPv4 address space NOW!, and can't wait for a proper allocation, they'll steal or buy a prefix. Companies with a large allocation not completely used will renumber internally, and sell the right to announce half their prefix to they highest bidder. Or companies will just find part of an unused block and announce it. Total anarchy! The most conservative estimates for 2012 with rampant de-aggregation and without DNSSEC is that the routing table will exceed 2,000,000 prefixes. Not much routing equipment out there today will be able to cope with that.

With DNSSEC, there will be cryptographically signed certificates [pdf warning]for every allocation from an RIR[quicktime warning]. When you build your routing table in BGP, you will verify every prefix for origin and valid neighbors based on certificates stored in the RIR whois/routing registry. This will prevent the anarchy part of stealing a prefix and announcing it in the wrong AS. This wil