One summer sport in Internet governance is speculating on what direction ICANN’s new CEO will take it in. Making the media rounds yesterday on Fox and Lehrer News Hour to talk about the recent DDoS attacks on US and S. Korea government and commercial websites, new CEO Rod Beckstrom pushed how the response to cyber attacks is a coordinated effort, he also alluded to ICANN's role in similar attacks. Responding to a question on the News Hour about the USG policy response to dealing with cyber attacks, Beckstrom highlighted the critical role of ISP filtering, and identified the “organic” as well as “somewhat structured” coordination which occurs during a typical response. More interestingly, he plugged ICANN's facilitating role.

ICANN, as the global Internet corporation that handles the naming and address for every mailbox in the Internet globally, over 200 million, we have relationships with every single country in the world and play somewhat of a diplomatic role when these things occur, particularly if they affect the naming and addressing system, which this one doesn't yet, but it involves multiple countries.

While there are some technical inaccuracies in his statement (domains are not “mailboxes” and ICANN doesn’t actually have formal relations with every country in the world) producing accurate television sound bites is really tough. But Beckstrom correctly points out the limitations of ICANN's role in resolving cyber attacks.

So far, ICANN's role has largely been as a facilitator. E.g., in the ongoing cooperative effort against the Conficker worm, the security community determined preemptive barring of domain transfers and registrations in affected TLD registries as a mitigation tactic. ICANN's role was largely to communicate this to TLD operators. It took the agreement of ccTLD operators to put the response in place, because in reality, ICANN has very little authority over the ccTLDs business and operational practices. (with gTLDs it has almost complete contractual governance and can even take away the assignment after a period of time) Because of “national sovereignty” claims most ccTLDs have very limited contracts with ICANN, and there are clear limitations to using ICANN's authority to enforce stability and security on the Internet.

View the News Hour interview:

And the Fox interview (which dutifully follows the First Law of Cyberwarfare):