NSI Operational Failures & Direction of US Government Policy Could Give Impetus to Move of DNS Operations to Europe as Opening of ARIN is Held up by Delay in Getting Liability Insurance in Place pp. 1 - 19

We have examined IANA and IP registry policy closely during the past month. In a long four part article we look at registry policy and coordination problems; at IANA authority, and finally at evolving U.S. policy. What we have found is disappointing. Part I below surveys registry policy. Part II focuses on the issue of IANA authority and how it is coping with the Internet's having gone from a sleepy academic and research communications network to a critical piece of the world's communications infrastructure. Part III covers the launching of the American Registry for Internet Numbers (ARIN). Part IV surveys jockeying for position between IAHC and IANA, on the one hand, and the US Government's on-going effort to shape DNS issues, on the other. Not surprisingly developments in each of these areas impact processes underway in the other areas. The cooperative model that enabled the original growth of the Internet has been fractured with uncertain consequences for all players.

Consider Network Solutions' evaluation of the situation in which it finds itself [from its July 3rd SEC filing] : "Continuing to achieve consensus may become difficult or impossible and may become extremely time consuming and costly. Achieving consensus may be made more difficult because of the lack of leadership by any one entity. This lack of regulation creates great uncertainty as to the legality of any action, making business planning and operations difficult. Conversely, the lack of regulation could theoretically result in individuals and entities taking harmful or disruptive actions with respect to the Internet with impunity."

Part I: Registry Policy, pp. 2 - 7

We found that correct interpretation of RFC 2050 demands very careful reading. Also RFC 2050 does not inform its readers that policy among registries differs significantly. For example, when an ISP joins RIPE it receives a routable 19/. While there are reasons for this, no single document exists that serves as a clear guidance mechanism to global registry and IANA policy in an area that is increasingly contentious for ISPs served by InterNic. Many of these ISPs wish to receive a globally routable 19/ IP block direct from the Registry in order to be able to multi-home effectively to two or more different upstream providers. But many who want 19/s find themselves unable to meet the InterNic's requirements in terms of total number of customers and allocation of their existing IP space.

One of the critical reasons for the creation of ARIN is to move policy making for the allocation of IP numbers from the very slow and laborious IETF RFC best current practice track to a membership organization responsive to the needs of its members. We present some highlights of pagan and apnic list discussion from July. This discussion highlights the reasons why multi-homed providers need provider independent 19/ allocations from InterNic/ARIN. It also contains suggestions for the formulation of policy designed to deal with concerns about route flap, routing table entries, and efficient use of IPv4 space. ARIN hopes to have its first membership meeting in October. Its intent is to have member driven policy before the end of this year.

Part II IANA Authority, pp. 7 - 13

Depending on which metaphor one prefers Jon Postel is either thought of by Internet insiders as the Supreme Court, the FCC, or God. His decisions are considered to be final and beyond the review of the Internet Architecture Board and Internet Engineering Steering Group. They include final decisions affecting all of DNS, all of IP, serving as secretary for all Internet RFCs and making port assignments for various Internet protocols.

Jon is widely and we find deservedly respected and trusted. However, the Internet has grown and changed so fast that the current environment has outstripped his ability to function adequately. IANA, as now constituted, is having difficulty dealing with an environment where attorneys appeal IP allocation decisions directly to Jon and then, finding inconsistencies and what may look, at first glance, to be loop holes in the allocation process, threaten to sue him if he does not grant the allocation they seek. Having been the recent target of one suit and, as far as we can ascertain without serious legal liability insurance, he would be under pressure just from the sheer numbers of issues that he is called to deal with, even had the atmosphere had not grown vastly more contentious as well. It is folly to expect Jon to continue to operate as the sole world authority in this area without putting a sound foundation of checks and balances underneath him. The difficulty of Jon's position has been further increased, by USC's unwillingness to provide him with any legal defense for actions taken as IANA, even though, as a USC employee carrying out his official duties, he'd normally be entitled as such.

Insiders are critical of aspects of his recent performance, yet they will not say so in public. Consider some of the testimony given us by a recent former member of the Internet Architecture Board. ExIAB: Jon honestly believes he has the ability to make the right and ethical decisions on a consistent basis. I have known him for a long time and know better than to ever try to convince him differently. We need his help and backing often on many things, so every now and then we even tend to be a little extra compliant. COOK Report: In the sense of propitiating the "gods"? ExIAB: Yes. COOK Report: What we are most fearful of right now is that Jon Postel may wind up moving too slowly to broaden and share his authority. IANA institutionalization remains the achilles heel of the Internet. It needs to happen rapidly. ExIAB: I agree. What do you think would help Postel/Whomever Else to make it happen better? I think many feel that the IANA institution needs to become broad-based.

We reviewed some of the recent IANA decisions that have been criticized: The case of the 19/ allocation in March of this year, the @home allocation, the Genuity board membership, and the Haiti TLD decision in March of this year. In every case we found nothing serious for which Jon can be blamed - except that, when operating with little support structure and essentially alone in midst of turmoil and under great pressure, it is very difficult to be always completely consistent.

Both @home and the March 97 19/ Geist allocation involve the not well documented area of appeals. Even though Kim Hubbard says she has precisely described the @home situation on network mailing list, her description is not easily retrievable. The decision which given the identity of players has taken on an undeserved life of its own was nothing more than @home requesting a very large allocation from InterNic, being turned down, and appealing to Jon,who, on the basis of information presented by them to InterNic, said they qualified for a 14/ - period. We described March 97's 19/ appeal last month.

Rodney Joffe, the CTO of Genuity, was kind enough to answer our questions about Jon's involvement with Genuity. He explained that he prevailed on Jon to join his Board after he sold Bechtel a 75% interest in Genuity. He did so in order for Jon to make it very clear to Bechtel management the kinds of behavior that were appropriate in order to be a good citizen within the Internet community. He also stated that Jon said while he would advise Bechtel about of some ways in which it could improve the Internet community, he would never permit himself to be involved in advising Bechtel how to improve its own interests.

Unfortunately, we did not recall, until we were going to press, that the member of a Board of Directors of a corporation has a legal, fiduciary responsibility to that corporation. Thus, contrary to Rodney's assertion about Jon's insisting that his membership not benefit Genuity, it could be said that, if Jon had information about an action that he would take as IANA, and he did not disclose it to Genuity, he might be acting in violation of his legal, fiduciary responsibility to Genuity. If Jon served on an advisory board, this liability would vanish. Unfortunately the web page makes it very clear he is a full member of the Board of Directors of the corporation. We see this as one more example that, filled with good intentions as he may be, Jon has gotten in over his head.

The issue of the Haiti TLD is a bit different and, some people feel, potentially serious. Jon delegated the HT TLD to REHRED, a non governmental group, in early March. When soon there after the Haitian government came to him and demanded that it get the TLD, Jon gave in, contravening as he did so the process established in RFC 1591. In the words of an observer: "was not about to stick his neck out without any protection from our government by refusing to grant what even smelled like a request from any other government." For on April 3 Jon wrote to REHRED (from who he had removed control of the HT Top Level Domain). "Hello: I am sorry if you do not understand that we have explained to you that there is a rule we have adopted since RFC 1591 was published: 'Follow the expressed wishes of the government of the country with regard to the domain name manager for the country code corresponding to that country'. We have decided that this rule takes priority. We do not believe it is wise to argue with the government of a country about the TLD for that country." "In other words," continued the observer, "he gave in, and issuing a *private* directive that, in effect, said that 1591 applies unless a government objects, in which case the government gets its way in its own country. Jon was told that if governments were given special consideration and permitted to contravene standard IANA procedures, he might just as well pack up the IANA and let the U.N take over."

Looking at these events, we must ask from a policy point of view whether the issue is Postel or the functions of IANA? If we argue that it is Jon, we have the problems of whether we can get him to go along with the conclusion that he should retire because neither he nor any other fallible human should have to be asked to carry responsibility, in isolation, for the financial consequences that flow from the decisions he is being asked to make. On the other hand if we argue that the issue is the IANA FUNCTIONS, we can entertain the following scenario.

We see three alternatives. 1. Jon Postel bails out and retires by year end, exacerbating the present "authority problem and destabilizing an already troubled Internet. 2. Jon hangs on. Makes mistakes. Legal actions begin. IP gets as controversial as DNS and US government decides to intercede. Or 3. Jon shares power and convenes the Council of Global Registries (CGR) in which he participates (perhaps, initially, as Chair) providing stability and guidance in time of transition. Eventually, he turns the IANA Functions over to the CGR and Council over completely to the registries while remaining as an Emeritus IANA available for guidance and consultation.. He creates an institutionalized function for appeals, for coordination and development of procedures. This function, with the larger set of CGR by laws and procedures, becomes the legal basis for policy.

Part III Launching ARIN, pp. 15 - 23

The process of getting ARIN up and running is ensnared in a kind of "catch 22" position because prior to the founding of ARIN, NSI has paid for IP number allocation costs out of income from sale of domain names. Therefore ARIN is setting up a membership organization with no cash flow. Given the criticality of its functions for the Internet and the volume of its day-to-day business, the resources needed to perform these tasks are substantial. The execution of these tasks cannot stop while ARIN collects membership fees and ramps up its activities. Therefore NSI's Year 5 Program Plan proposed that NSI would bear the full costs of the transition and this has been incorporated into the NSF co-operative agreement. NSI's responsibility for the IP functions includes the financial responsibility to establish ARIN and pay its expenses until it is financially self sustaining.

NSI, with its July 3rd IPO filing and recent DNS infrastructure troubles, has had its hands full and the launch of ARIN has progressed more slowly than we would like. When we set out to rebut Dave McClure's recent attack on ARIN, we found out in a phone interview with NSI's Senior Vice President Don Telage that due to a delay in getting legal liability insurance in place, what we had assumed to be the ARIN board was not yet legally seated and ARIN would be unable to accept members until the Board was in place. We are now confident that it will be in place in less than two weeks.

Part IV DNS, IANA and US Government on a Collision Course?, pp. 16 - 19

Jon Postel not surprisingly, regards much of his stewardship over the IANA processes as being one of making sure that the infrastructure works. We can imagine that the events of the last ten days (Kashpureff's attacks and the defective tape loaded into the root servers) have given him severe indigestion on this account. In this context, a wide range of people to whom we have talked say that Jon has the power to remove the root or "." server from the control of Network Solutions.

The tension existing in the area of the ownership of root has been heightened by a move on the part of the US government. On page 14 of NSI's IPO filing with the SEC we have found a very telling statement: The NSF has given "written direction . . . not to take any action to create additional TLDs or to add any new TLDs to the Internet root servers until further guidance is provided." The chances that this would happen without the direction of either DOJ or the Interagency Task Force or both would be remote. We will no longer find the NSF making independent policy in this very sensitive area. Furthermore "written direction" sounds like an order and not a request. An order would not be given without the US government having decided that it has authority to make law and determine policy.

Ignoring the question of whether root moves, if the US government has decided that the best interests of the Internet, from an American perspective, would be served by no new TLDs in the root servers, the decision on whether to try to keep the IAHC domains out of them, is likely to be some time away. Dave Crocker has told us that it will be October before IAHC/IPOC has any new TLDs ready for the root servers. Furthermore, other sources suggest that the more likely moment of decision for Jon Postel on this issue won't come until January.

Consider his situation. (1) out of money at home. (2) his leadership on DNS new TLDs stymied by US government. (3) ARIN approved but not yet operational. (4) his IAHC TLD process more centered in Europe than the U.S. (5) the RIPE registry in Europe under Daniel Karrenberg strongly supportive of his goals. (6) a new TLD root server in London (7) DNS infrastructure under control of Network Solutions in the US crumbling. Given these facts it would be hard to imagine Jon not thinking of ordering a move of the DNS root from NSI to Europe at some point in the next few months.

In the meantime, ISOC, IANA and IAHC/IPOC appear to be well ensconced in the driver's seat on this issue and are showing no signs of being willing to back off. Consequently, the U.S. government has painted itself into kind of a corner. For, if it comes down openly and hard in the next few weeks with the position that no new TLDs should go into the root servers, it seems likely to us that such action would ensure - barring a major change of heart on the part of Jon Postel, a move of root to Europe.

Forecasting a denouement for these highly uncertain variables is not easy. is also difficult to imagine an outcome - other than one involving prompt and creative cooperation among the three IP registries regarding the IANA functions - that would really benefit the Internet.

CAIDA Offers Tools for Inter NSP Cooperation, pp. 20-25

We interview KC Claffy and Tracie Monk of the National Laboratory for Applied Network Research (NLANR) about the origin and progress of the Cooperative Association for Internet Data Analysis. While NLANR has provided engineering "glue" for members of the research community who are using the vBNS, the hope is to have CAIDA to the same for national ISPs who, since the have emerged, have had no cooperative means for developing tools to help them build reliable networks that can best handle the stress of the enormous growth of the commercial Internet as a whole.

The tools in question range form web caching technology to Oc3mon, a tool to identify separate IP flows over ATM paths. Oc3mon can be used both for real time flow analysis and to improve hardware design. Cisco has funded CAIDA to do a tool taxonomy. CAIDA also is focusing on virtual environments where engineers from different NSPs can meet to do problems solving and technical idea exchange. In May of this year it held a second annual Internet Statistics and Metric Analysis Workshop where it brought tool makers together to critique and analyze the strengths and weaknesses of each others tools. The tools that it supports development of are all also in the public domain. The interview is filled with URLs that give further information about the technical elements discussed.

David Holub on Peering: pp. 26 - 31

We interview David to assess his experience on the evolution of peering and interconnection issues over the past two years. Regardless of the issue of who benefits from peering (and as the interview shows it remains difficult to define) he points out that one of the most difficult positions the smaller players find themselves in is getting full disclosure from the largest backbones, in advance, of just what their conditions for peering are now or will be six months in the future. Holub also has some very interesting things about how common carrier status would affect an ISP both in the context of peering and in the context of dial up network access charge exemptions.