Re: [ga] ALAC Draft on ICANN-VeriSign Settlement -- Under Discussion, Not Final

[Jeff Williams <jwkckid1@xxxxxxxxxxxxx>]

Danny and all former DNSO GA members or other interested
stakeholders/users,

It is not realistic or even legal for ICANN to provide protection of
DNS records or any specific Domain Name in ANY name space.
ICANN does not now, has it ever, nor should it have such power
to provide any type of security or protection in any TLD name space
or any registry data given the registry agreements in place for same.

Such protections are indeed needed and concerns in this regard
are indeed real and troubling.  However as ICANN has no enforcement
mechanism or ability of any kind, regulation from the registries country

of origin is therefore advisable and I would argue, necessary.  Such
regulations must be specific, have teeth, and be easily enforceable.
A daunting task indeed to create and/or provide for such regulation
without unnecessarily harming normal business operation and adding
cost to registry operation.  Verisign is no different than any other
registry in this respect.  It should not be under a cloud of suspicion
simply because it is the largest TLD registry.

However some requirements for name server security could have
been included in this skewed agreement.  For instance, DNSSEC
could have been one such requirement as could IPSEC for IP
registries.  This however was not done or may have not even
been discussed or considered.  If not, such should be, and how
such security implementation specifically should be included in
same as a requirement with measures in place for independent
inspection/audit without prior warning as a prerequisite and
sanctions/fines regulated by DOC/NTIA as a punishment for
non-compliance of whatever regulation in determined in this
respect.  Those fines should be reflective of the severity of
the infraction or non-compliance of said regulation accordingly
and automatic in payment of such sanctions, i.e., light or
moderate fines will not discourage recalcitrant behavior by
a registry operator.

Complaint response mechanisms also were not included in this
new settlement, and should have been.  Any registry should be
required by contract to any registrant and to DOC/NTIA to
respond to every complaint in as much as correcting the error
if any, in no more than "n" number of days, lest that registry
be fined automatically "X" amount for each extension past
"n" days, by the day, so as to ensure good registry operation
is encouraged.  Complaint filings should be by Email and/or
Fax by the registrant or by the ICANN representative responsible
should it become necessary for ICANN or DOC/NTIA to file
such a complaint regardless of the nature of said complaints.

To conclude this one area in respect to Danny's observations
below, it seems reasonable that with such minor regulation with
corresponding DOC/NTIA enforcement powers, registries of any
type will be more likely to provide the service that is safe, honest,
and considerate of it's registrants and the whole of the internet
community/users.

Danny Younger wrote:

> http://forum.icann.org/lists/alac/msg01379.html
> D R A F T* UNDER DISCUSSION *NOT FINAL
>
> Concerns on the proposed ICANN / Verisign settlement
> from the At Large Advisory Committee
>
> 1. We are concerned about the loss of accountability
> and oversight both of the community over ICANN and of
> ICANN over Verisign. The external oversight of ICANN's
> budget currently provided by the registrars will no
> longer exist. The settlement provides no meaningful
> checks on Verisign's behavior, short of conduct so
> egregious as to void their contract. As the registrars
> have pointed out, the proposed "consensus process" is
> new and untested.
>
> 2. We are concerned about the use and misuse of
> personal data. Under the agreement, Verisign is
> allowed to do whatever data mining they want of COM
> zone usage and access. For example, they could sell
> DNS traffic data about pepsi.com to Coca Cola, or
> about democrats.com and other political sites to the
> Republican National Committee. If ICANN sees itself as
> a trustee for the Internet community, it should
> provide appropriate protections for the community's
> data. We are also concerned that such data mining
> would be illegal in countries with data privacy laws,
> and could place registrants from such countries in
> legal jeopardy.
>
> 3. We believe that the proposed price increases for
> the COM registry are inappropriate, since other
> domains such as .NET have considerably lower fees and
> no provision for regular increases. We are also
> concerned about the tripling of ICANN's per-domain
> fee. Although the incremental cost to each individual
> user will be low, the aggregate cost to users will be
> in the tens of millions of dollars per year. Market
> forces can have an effect on .COM registry prices in
> two ways: (a) periodic rebids, and (b) a substitute
> service. The current proposal does away with the
> rebidding, and we doubt that .BIZ or .INFO or CCtlds
> are a substitute for current registrants who already
> have branded their .COM address.
>
> 4. We are concerned by the lack of economic and legal
> analysis of the effects of the proposed settlement. If
> the .COM registry is a de-facto monopoly, it requires
> stricter regulation than if it is not. Analysis by a
> qualified economist of the price sensitivity and
> substitutability of COM and other domains, based on
> the extensive historic data, should help understand
> the situation. Similarly, qualified legal analysis of
> the likelihood of success of ICANN's and Verisign's
> suits would help quantify the legal risks and costs
> the settlement would avoid.
>
> 5. The proposed settlement makes Verisign the
> permanent source of the majority of ICANN's revenue.
> By making itself dependent on an entity not
> accountable to the public, ICANN endangers its
> independence and hence endangers ICANN's public trust.
>
> 6. We are deeply concerned by the lack of transparent
> process. The current (2001) .COM contract had a
> specific renewal timeline that has been ignored, since
> the settlement includes a new contract that would void
> the current one. ICANN offered no timetable or process
> for consideration of the proposed settlement until
> forced to by the CFIT lawsuit. The community does not
> know whether it has a month or a year to collect its
> input and offer its advice, nor whether it may be
> possible to modify the proposed settlement or it
> simply has to be accepted or rejected.
>
> 7. With these considerations in mind, the ALAC advises
> the board to reject the proposed settlement, to see
> qualified advice on the econmic and legal aspects of
> any proposed settlement, and to seek a settlement that
> addresses our concerns.
>
>
>
> __________________________________
> Start your day with Yahoo! - Make it your home page!
> http://www.yahoo.com/r/hs

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827