The root server agreement between ICANN and ISC was published yesterday. As “agreements” go, this is a good one — by which we mean, it reflects a peer relationship between ICANN and the root server operator and does no harm to the status quo, which is flexible and distributed. The contract, labelled a “Mutual Responsibilities Agreement” (MRA), constitutes a massive concession to distributed authority over the root server system. ICANN's Board should support it.

The new agreement is perpetual, (i.e. it has no expiration or renewal date). The agreement obligates ISC to “to “operate and maintain “F Root Name Server” as an authoritative name server for the DNS root zone and the “” domain, as published by ICANN through its IANA functions, without alteration.” It obligates the parties to exchange phone numbers and contact data, talk with each other if there are to be any changes in the technical aspects of what each is doing, and to abide by relevant industry standards to the extent practicable. In other words, it puts into words what ICANN and ISC are doing now. In cases of disputes among the parties, they will go into arbitration but “the arbitrators shall have no authority to award consequential, incidental, indirect or punitive damages to either Party.”

The MRA specifically recognizes ICANN as the publisher of the root zone, in their role as the entity performing the IANA function. No mention is made of Verisign, which actually publishes the root zone on behalf of IANA/ICANN. The entire agreement also makes no reference to the USG. Both are good things, as it leaves room for current oversight mechanisms to change.

While F root agrees not to modify the IANA zone file (thus presumably ending ISC's participation in ORSN) the agreement does not necessarily lock ISC into publishing “only” the ICANN root zone; as long as the ICANN root zone is served up unmodified it is hard to see what in this agreement would prevent the F root from also publishing another root zone as well. But it would have to clearly distinguish between the two roots and could not collapse them into one.

As a measure of change in the expectations surrounding the ICANN regime, an earlier proposed agreement for root server operators, drafted late in 2001, was for a period of three years and contained renewal terms, and attempted to specify performance standards, accountability for downtime, and ownership over data in the root zone file.

Some observers have suggested that this agreement lacks any substance and is intended to do nothing more than simply make it possible for ICANN to claim progress toward the JPA goal of “formaliz[ing] relationships with root name server operators.” It is true that ICANN wants badly to be free of the USG oversight, but still this agreement does constitute “progress” toward a formalized relationship — one should not assume that a formal relationship should be more binding than this one.

2 thoughts on “The F Root Agreement: Formalized Informality

  1. thus presumably ending ISC's participation in ORSN

    There is no participation of ISC in ORSN. There is a participation of Paul Vixie (as an individual) in ORSN.

  2. Perhaps the name of the game here is liability avoidance. Let's look at a comparison between Verisign accountability for .com operations versus whoever for root zone operations. Whoever is a diffused constellation of ICANN, IANA, root server operators, and some ISP who may take technical leadership in caching the DNS root zone more aggressively than just as allowed by the official standards. Verisign is in the diffused constellation as a root nameserver operator, but it is being removed as a member of the ICANN-NTIA-Verisign triplet for root zone file contents edition.
    The accountability framework for Verisign's .com is very different from the ICANN accountability for the root. Through name registration fees, the public is subsidizing ICANN, but the relationship between payment and value is far more tenuous than in the case of Verisign's .com registrants.
    If you run an industry, e.g. the airline industry which is rumored to ban DNS queries in some mission-critical applications, the MRA does not provide confidence in coming developments in the Internet governance front.
    OK, I can't understand the many ramifications of these issues. But who does?
    – Thierry Moreau

Comments are closed.