Plans to Reform Root Server System Governance

Posted on by IG Institutions, Internet Identifiers

ICANN’s Root Server System Advisory Committee (RSSAC) has published a new proposed governance model for the DNS Root Server System. 

Root servers are critical parts of the domain name system. While Public Technical Identifiers, which used to be known as the IANA, defines the contents of the root zone file, the Root Server Operators (RSOs) take that content and distribute it, unmodified, to the world’s Internet users so that domain names can be resolved in a globally consistent and compatible manner.

Root server operators are one of the last legacies of the informal, early Internet. Some of them are still run by the U.S. military or government agencies, others by universities. They were initially delegated their responsibilities through an informal process that preceded ICANN, and perform their functions on a voluntary basis. Still, they are baked into the Internet’s infrastructure in ways that are important. Although occasionally geopolitical contention has emerged around who gets one and who doesn’t, there is actually no formal process or criteria for making these decisions. 

Therefore, RSSAC’s efforts to proactively reform and formalize the governance of the DNS Root Server System should be welcomed. As Internet industry, standards and supporting technologies evolve there will certainly be a need for a more well-defined process for making changes. There will also be a need to fend off politicized demands by politicians that they “want a root server” as a matter of national pride or sovereignty or other stupid reasons.

The RSSAC has done a pretty good job in proposing a new model. Most important is their proposed set of 12 principles to guide RS governance, on p 12 of the report. A shortened summary of those principles is: 

  1. The Internet requires a globally unique public namespace, which is a hierarchy derived from a single, globally unique root.
  2. IANA is the source of DNS root data. Root servers provide answers to DNS queries containing complete and unmodified DNS data from IANA (PTI).
  3. The RSS must be a stable, reliable, and resilient platform for the DNS.
  4. Diversity of the root server operations is a strength of the overall system.
  5. Architectural changes should result from technical evolution and demonstrated
    technical need.
  6. The IETF defines technical operation of the DNS.
  7. RSOs must operate with integrity and an ethos demonstrating a commitment to the
    common good of the Internet.
  8. RSOs must be transparent.
  9. RSOs must collaborate and engage with their stakeholder community.
  10. RSOs must be autonomous and independent.
  11. RSOs must be neutral and impartial to the politics of geographic regions and nation states when delivering the DNS root service. The RSO’s focus is on provisioning a reliable technical service which knows no political boundaries and maintains an unbiased position to the politics of any nation state.

These are good, solid principles. Especially relevant in the current context is Principle 11, the call for neutrality with respect to “the politics of geographic regions and nation states when delivering the DNS root service.” Principle 11 in combination with Principle 4 (Diversity) suggests that RSO’s should encompass greater variation in political jurisdictions. Currently, most of the RSOs are in the United States, some in the hands of the military. While we do not believe that the selection of RSO’s should be strive to be politically determined or politically representative, diversification across jurisdictions does mitigate a risk that might be associated with too heavy a reliance on one jurisdiction.

Functional separation

The RSSAC proposal defines a set of different functions that are needed to carry on the work of the root server system. It has done a good job of separating functions in ways that facilitates good governance. In particular the need for more or less RSOs is delegated to the Strategy, Architecture, and Policy Function (SAPF), which is separated from the specific decisions made in the Designation and Removal Function (DRF) as to which RSO will be added or dropped.

The composition of the SAPF is unclear. We agree in general terms with the description of its composition on p 21, but there is no indication of how people are selected for it, how large it is, terms of office, etc. We would not favor an SSAC-style model of designation in which the ICANN board has arbitrary authority over who is selected and an old boys network is created.

We agree with the basic approach to representation on the DRF on p 23. When the report says “submit representatives” however, it needs to be made clear whether each unit listed will provide one or more representatives. We believe that all of the groups except the GNSO and CCNSO should have one representative. The DRF should have more than one representative from the GNSO and CCNSO, which have greater and more direct stakes in the RSS than most of the other entities listed. Regarding GNSO, it is divided into supplier stakeholder groups (registrars and registries) and user stakeholder groups (commercial and noncommercial). These two “houses” of the GNSO have dramatically different interests and perspectives on the operation of the RSS, essentially a producer vs a consumer perspective. We think it would not be possible for one representative to adequately represent both.

The problem of funding

Our main concern with the proposal has to do with the funding function (FF). It appears to us that the proposal is creating a new organization that will be at least the size of PTI and probably bigger, with 12 FTEs, half of them rather senior, and annual costs of around $2 million for staff alone. It is difficult to evaluate the cost-effectiveness of this unless we know where the money is coming from and how it would be allocated. It seems as if the report has deliberately left this open; we look forward to continued discussion of this.

The most important thing is that the funding model must be carefully designed to ensure that the incentives of RSOs and the community are fully aligned with the critical principles outlined in the report. The current FF seems top heavy and possibly subject to bureaucratizaton and capture. One lighter-weight possibility we would encourage the RSSAC to explore is the idea of a smaller Secretariat and a flat, lump sum grant to RSOs which may or may not cover all of their costs. This grant would come with their designation as a RSO. The fixed size of the grant would enable technically and operationally qualified RSO’s to apply but reduce the risk that they are only doing it for the money, while at the same time avoiding the risk that large governmental or corporate players would fully subsidize the operation in order to seek some form of control or leverage.

Public comment on the RSSAC proposal is still open, those with ideas are encouraged to make their views known here.

Will The Internet Fragment?

“In characteristically rigorous fashion, Mueller’s outstanding book punctures the alarmist myth of Internet fragmentation and helps us to understand what is really at stake as nations and other groups vie for power over the Internet.”

Jack Goldsmith, Harvard Law School

Purchase Online