ICANN has recently published a number of updates to the implementation program for new gTLDs.

One of these updates is a paper by ICANN’s “auction design consultant PowerAuctions LLC”. The document makes a case for an auction to be held for the “resolution of contention among competing new gTLD applicants for identical or similar strings.” In other words, two (or more) applicants for “.bank”, or applicants for “.bank” and “.banks.”

The paper acknowledges that auctions are not the perfect answer to resolving these contentions, but says that they would be used for “tie-breaking.”

The problem with this argument is that, in our imperfect world, it seems unlikely that there will be real ties to be broken. Auctions lately have become popular with one of the US federal agencies, the Federal Communications Commission, to allocate portions of the frequency spectrum, and the ICANN paper relies heavily on some academic support for them. But frequency spectrum allocation is not the same as selecting from among applicants to operate a generic Top-Level Domain registry. ICANN has a fundamental obligation to “promote the global public interest in the operational stability of the Internet. . .” (see http://icann.org/general/articles.htm)

ICANN is not a commercial operation, and it should not look at the possibly substantial proceeds of auctions as a motivating factor for a quick and easy solution to “tie-breaking.”

The ICANN paper treats the new gTLDs as a “scarce resource”. This is not necessarily the case, but the paper goes on to say that auctions would accomplish three things:

• “Applicants whose true intentions or abilities are to serve many users would be able to justify higher bids than applicants who will serve few users;
• Applicants capable of providing high-quality service at low cost would be able to justify higher bids than low-quality, high-cost applicants; and
• Applicants who intend to develop the gTLD immediately would be able to justify higher bids than applicants whose purpose is to hold the gTLD, unused, for speculative purposes.”

There is no question that it will be more difficult for ICANN to make selections of operators based on these three criteria, as opposed to holding auctions.

Despite the difficulties, we believe that ICANN’s public interest obligations require it to investigate carefully and make judgments about the merits of gTLD applications, whether based on the three criteria above or other criteria, such as fostering competition and recognition of prior responsible registry management.

We welcome your thoughts and comments.

We have continued to find that much of the growth within the .ORG domain is driven by larger societal trends, such as issue awareness and advocacy, backed by Internet trends such as social networking and online collaboration. These trends are all centered on the theme of community and trust, and that is a key element of the .ORG domain as a whole and the brand image it represents to the market.

Recent high-priced sales of .ORG’s have provided continuing evidence of these trends, and signal the increased value of the .ORG brand as well as its longevity in the industry. Even while several industries and areas of the economy are slowing, the .ORG domain continues to grow and increase its reach.

What drives you to be interested in registering .ORG? How does a .ORG presence accomplish your organization’s mission and goals? We welcome your comments and thoughts.

On July 29, the NCUC and PIR sent out a joint letter to ICANN asking it to consider the interests of the end-users as core to its policies in IDN implementation. The letter was received on August 6. The text of the letter is on ICANN’s website.

As of today’s date, August 21, 2008, we have yet to receive even an acknowledgement of receipt of our letter, let alone a reply. I am concerned about the lack of communication and responsiveness especially on an issue that is so central to the mission of ICANN. After all, at the end of the day do they not serve the interests of the end-users?

Attacks on the security of the Internet have been much in the news lately, and there is an increased urgency to take the technical steps to combat these attacks. .ORG has been doing its part to lead this process by taking introductory steps to implement DNSSEC (Domain Name System Security Extensions). Using DNSSEC, domain name holders can protect the integrity of data in the Domain Name System by digitally signing their domains. In order to make DNSSEC effective, there is one additional step that is needed - “signing the root”. If a digital signature is applied to the root of the Domain Name System, end-to-end assurance of the data is possible. Without a signature on the root, it is impossible to assure the validity of any of the other signatures in the system.

.ORG believes that the time has come to separate the technical matter of signing the root from the unrelated political row over who controls the content of the root, and the nature of the Department of Commerce’s oversight of ICANN. There are serious threats to the security and stability of the Internet that DNSSEC will assist in addressing. The near unanimous opinions of the best technical minds are that first we sign the root, and then we take care of the political arguments.

.ORG supports the technical community on this critically important issue. We understand that IANA (the authoritative body that manages changes in the root zone file) has in fact been signing the root every morning for the past year, as a demonstration of technical feasibility, and as an aid to DNSSEC implementers. However, they’ve been prevented by NTIA from distributing the signed version. Since IANA has the capability, we strongly believe they should be allowed to proceed.

We welcome your comments.

According to DN Journal, .ORG had another great week for domain name sales.

“This was a strong week for .org as that extension took five of the first ten openings on the GC chart and 8 of 20 overall, nipping .net’s seven”

As I mentioned in my previous blog, we watch the results of the secondary market to gauge how well our efforts to build the brand are working. This is a long road and by no means a short–term project, but consistent results like these are reassuring.

Recently we teamed up with the Non-Commercial Users Constituency (NCUC) to express our concern to ICANN that the rights and needs of end-users are taken into account in the discussion of Internationalized Domain Names (IDN). Namely, IDNs are to be seen as a technical measure to allow for multi-lingual direction navigation of the Internet and not used as a tool to control access, impose censorship or limit freedom of expression online. Ultimately, each and every one of us, privileged enough to participate in the ICANN process in some way shape or form, does (or should) endeavor to represent the needs of the Internet end-users around the globe, and not simply our own political, or commercial self interest. I don’t purport to have the solution, but I think it is incumbent on all of us, especially those in the decision making capacity to simply ask the question: “Is this right for the welfare of the Internet user?”

Since the topic of Internet control is quite relevant these days, I wanted to post the full letter to ICANN.

July 29, 2008
Dr. Paul Twomey, President
ICANN
4676 Admiralty Way, Suite 330
Marina del Rey, California 90292-6601

cc: Denise Michel, VP of Policy Development, ICANN
John Jeffrey, General Counsel, ICANN
Kurt Pritz, Senior VP, Services, ICANN
Craig Schwartz, Chief gTLD Registry Liaison, ICANN

Please feel free to comment.

I recall a year ago when, as a new CEO, I attended some industry events and first brought up the topic of DNSSEC in the .ORG zone. At that time, DNSSEC wasn’t as understood as now (notice I did not say it is now well understood), and there were major opponents to DNSSEC in very influential arenas who charged that the DNS did not need anything like DNSSEC and that the time for the type of technology like DNSSEC had come and gone. We went back to the drawing board, asked ourselves some very tough questions, and still came up convinced that the way to secure the future of the foundations – namely DNS – was through DNSSEC. Since announcing our plans in June to implement DNSSEC, we have naturally been following related news and happenings. As we mentioned in the press release a new DNS vulnerability was discovered since our plan was approved.

Based on the current discussion about the Kaminsky attack on DNS, the Federal Office of Information Security (BSI) in Germany has issued a press release today mainly targeted toward patching DNS-servers but also stating that the final solution has to be DNSSEC.

The press release states:
“Um das Domain Name System nachhaltig zu verbessern, empfiehlt das BSI die Einführung der DNS-Erweiterung DNSSEC, bei der die DNS-Einträge mittels kryptographischer Verfahren auf ihre Gültigkeit geprüft werden.”

The *non official* translation:
“To improve the Domain Name System in the long run, the BSI recommends the implementation of the DNS-extension DNSSEC, which checks the validity of DNS-entries using cryptographical methods.”

The news of the existence of vulnerabilities in DNS is unfortunate, but we do have a long-term solution that according to many independent experts would work: DNSSEC. Perhaps it’s time for the critics to take another look?

We’re thrilled with this week’s Washington Post WashBiz blog series about our .ORG colleague, Adam Palmer. Adam is Law & Policy counsel for .ORG, working on issues dealing with Internet governance, cyber security, and e-commerce. The series shows how, in keeping with the spirit of our .ORG community, Adam devotes much of his free time to volunteer activities and service to our country.

In his first post, Adam talks a bit about his work at .ORG, but really focuses on his personal crusade to stop child pornography on the Internet.

In his second installment Adam talks about a typical day at .ORG.

Today, on “My Day with the Navy”, Adam talks about his experiences with the U.S. Navy Reserve.

We think this is pretty exciting stuff, of course, but leave a comment and let us know what you think!

.ORG just reached another milestone in its campaign to foster a more robust and secure Internet. Beginning today, July 31, the Internet addressing system known as IPv6 will be deployed for testing, and will shortly be available for full use by registrars.

The reason that this is an important development can be explained as follows, courtesy of the Internet Society web site:

“Internet Protocol (IP) addresses are unique numeric identifiers that are needed by every device that connects to the Internet. They are a shared common resource that must be managed carefully to ensure the continued growth and stability of the Internet. Most of the Internet is currently addressed with IP version 4 (IPv4)….IPv6 is the next generation IP address, offering vastly more unique addresses than are possible under IPv4. IPv6 has been available and used for many years, but levels of deployment and understanding remain relatively low.”

In its announcement to registrars, .ORG emphasized that use of IPv6 is optional, and .ORG will continue to support IPv4. Registrars may upgrade their clients and customer-facing interfaces as desired.

.ORG welcomes your comments.

The GNSO Improvements working group wrapped up its work in a marathon negotiating session on Friday 25 July.

The ICANN Board had told the GNSO to work out a consensus on the structure of the new GNSO Council; if the GNSO could not reach consensus, the Board would make its own decision on the structure.

The good news is that the concept of a bicameral GNSO Council was accepted by all parties. One chamber will represent the contracted parties (the registries and registrars), and the other chamber will represent the non-contracted parties (Noncommercial, business, intellectual property and ISPs), with equal votes for each chamber.

The primary concern of .ORG and the other registries had been to maintain this voting balance. Also, there are safeguards requiring supermajority votes on significant policy issues, which will protect all parties from efforts by one or two groups to gang up to impose burdensome policies on a minority.

The only bad news is that the group was unable to reach consensus on the number and role of the NomComm members of the Council. This issue will likely be decided by the ICANN Board. Maintaining voting balance and the fact that a consensus was reached within the GNSO working group could be a sign that the GNSO constituencies will now be better able to reach consensus in policy matters.