IGP Partner Milton Mueller, a scholar known for his work on global Internet governance and professor at the School of Information Studies (iSchool) at Syracuse University, has internationalized his academic post and strengthened ties to the Internet industry by accepting a chair at Delft University of Technology in the Netherlands. The three-year research position was created by the Dutch Internet service provider XS4ALL, and will be located in the Faculty of Technology, Policy and Management, Information and Communication Technology (ICT) section.
A consulting group (DNK LLC) report to the U.S. Department of Homeland Security stated clearly that the problems of who would own the DNSSEC keys and mistrust of the U.S. government's intentions could be barriers to DNSSEC deployment. While the August 2006 report covers developments only from March 2005 to July 2006, it makes two important points that are relevant and timely today. First it makes clear, if it weren't already, that the issue of root signing and key management has been recognized as a political issue for long time. It also offers some interesting insights on how DHS has approached the politics of DNSSEC and Internet security.
In developing the government's message about DNSSEC, DNK clearly identified barriers to adoption across several relevant interest groups, including the Internet community, the private sector, other governments and public sector actors, consumers/end users, and the media. Tellingly, “ownership of DNSSEC keys and registration” and “trust in government's [i.e., the USG] intention” were specifically identified as potential tripping points across many of the groups.
DNSSEC and the issue of signing the root have been hot topics in Internet governance over the past year. Most recently, the IGP co-sponsored workshop at IGF-Rio saw several interested parties (see the workshop writeup) vigorously debating if the root should be signed. Perhaps anticipating that discussion, ICANN released a ccNSO survey of 61 ccTLD operators on DNSSEC just before IGF-Rio. It highlighted that the majority of interviewed operators preferred ICANN/IANA sign the root, but numerous other arrangements were identified as well. In Rio, the CEO of the largest ccTLD argued that deploying DNSSEC at the root entails making a decision about whether to dedicate trust to one or multiple entities. She and a representative of CGI.br openly expressed concern about a single entity controlling such a critical piece of the DNS.
In a promising sign that policy discussions regarding critical internet resources are responding to IGP advocacy and IG Forum discussions, the DNSSEC-Deployment group is now discussing options for distributing root signing authority. This turn in the debate shows that constructive criticism and discussion of DNSSEC governance arrangements can indeed lead to improvements, despite early resistance to even discussing the topic.
The second Internet Governance Forum in Rio de Janeiro continued the slow but steady movement to clarify the critical Internet governance issues. The Forum discussed, for the first time, the initial issue that prompted the international focus on Internet governance, critical Internet resources. It also explored the other clusters that had been identified: openness, diversity, access and security and further refined these. But the main result, not as well noticed, is a growing recognition that the key issues have less to do with the clusters than with where they overlap and conflict.
[Editors note: Below is a summary of discussions which will feed into a report on the “DNSSEC: Securing a Critical Internet Resource” workshop held at IGF-Rio on November 14th.]
This informative workshop, co-sponsored by the Internet Governance Project, CGI.br, and EuroISPA, drew approximately 80-90 attendees from government, civil society, the private sector and technical communities. While the multi-stakeholder panel brought a diversity of opinions regarding DNS Security Extensions (DNSSEC), they agreed that improving the security of the Internet’s infrastructure is an important activity which should be pursued.
In general, there are two camps concerning the deployment of DNSSEC, which is a technical standard that requires coordination among many actors to be successfully deployed on a wide-scale basis. One side is ready to proceed with deployment, particularly the hurdle of creating a “trust anchor” key and digitally signing the root zone file. The other is more cautious in its approach, believing that the successful deployment of DNSSEC is subject to many open technical and governance questions.
It is quickly becoming apparent that an important function of the UN's Internet Governance Forum could be to serve as a long term clearinghouse for knowledge acquisition and assessment concerning Internet governance. Despite its structural imperfections, the IGF is becoming a magnet for the academic community to discuss Internet governance ideas. As such, it may be finding its role in the global Internet governance regime.
The introduction of internationalized domain names (IDNs) offers the world one of the best opportunities it will ever have to introduce more diversity and competition into the domain name registry market. Unfortunately, the politics within ICANN are threatening that opportunity. There is a move afoot to give country code TLD registries a free gift of an IDN top level domain. Did I say “a” free gift? That implies only one. But as I will explain later, it may turn out to be two, or three, or maybe six or even twenty free gifts by the time ICANN's Governmental Advisory Committee and CCNSO gets done with it.
Reflection on what was wrong and what was right with the Rio Internet Governance Forum is not waiting for the February 25 “stocktaking” session planned by the IGF's Secretariat. Civil society advisory group member Adam Peake has already opened an interesting dialogue on the governance list. I have some opinions about that…
Too much of the energy of the Forum and its participants is being thrown away on issues that are not global in scope, and have nothing to do with global governance of the Internet. We all must pay closer attention to the distinction between issues that are best addressed at the national, local or regional levels and those that truly require global coordination and global institutions. IGF should be restricted to the global. If the truly global governance issues are actually quite narrow and specialized, and don't include the issues that turn you on, so be it. Those who are fundamentally not interested in those issues should find a more appropriate venue for their activities. The disappointing thing about IGF 2 was that the dialogue was so cluttered with things that do not require or will never get international coordination or agreement that it was impossible to focus on the things that do.
The Rio IGF has been a great venue for raising ideas and fostering dialogue. But the managers of the Forum will have to address some severe structural problems during the next two years. The basic problem is that all of the action at the Forum has gravitated to the “edges” — i.e., to participant-defined workshops and dynamic coalitions — while the “core” plenary sessions have become hollow. They were mostly stilted, boring one-way communication affairs; the speakers were selected more for their lowest common denominator political acceptability than for their ability to advance important ideas. Worse, there is almost no common processing of ideas and common deliberation on what transpires at the edges. In fact, due to the competition for attention created by scheduling many workshops at the same time as the plenary sessions, the workshop programs attracted far more people than the plenary itself during the second and third days. The result is a decentered trade-show or academic conference-like atmosphere. One can sense growing frustration with this among a variety of parties.