By Karla Valente, Director, Communications Product Services
The “Staff Focus” is a monthly report about what is on the minds of ICANN staff. Each month will be written by a different ICANN staff member.
New gTLD Program—Where do we stand?
We just wrapped up our 37th international meeting in Nairobi (March 7 to 12, 2010). There were many important issues before the Board, one of them, deciding whether the Expressions of Interest/Pre-registrations (EOI) proposal should move forward. This model was originally designed to help assess demand for New gTLDs, provide certainty as to root-zone delegation rates, and inform the program's operational readiness plan. The Board withdrew the EOI from consideration and decided to continue with the current implementation plans leading up to the launch of the New gTLD Program. Their conclusion was that the potential benefits of proceeding with an EOI process would be outweighed by the costs of potential delay to the program. Also considered was the fact that several of the open issues would need to be resolved before an EOI could be launched. So, in terms of timing and costs, it was decided the most efficient way to move the program forward is to focus energy and resources into finalizing the open issues.
In regards to Vertical Integration (aka registry/registrar separation or vertical separation), the Board resolved that: “within the context of the new gTLD process, there will be strict separation of entities offering registry services and those acting as registrars. No co-ownership will be allowed.” Also, “if a policy becomes available from the Generic Names Supporting organization (GNSO), and approved by the Board prior to the launch of the new gTLD program, that policy will be considered by the Board for adoption as part of the New gTLD Program.”
Tremendous focus is still being dedicated to addressing the remaining open issues, particularly, trademark and community protection, potential for malicious conduct, process for registry agreement amendment, IDN 3-character requirements and IDN Variants. Those issues and a few others are open for public comment until April 1, some until April 8. It is an important opportunity for the community to participate before the Draft Applicant Guidebook, version 4 is finalized. This version is expected to contain critical updates on several open issues, particularly trademark/community protection and malicious conduct. Version 4 is scheduled for publication prior to the ICANN Brussels meeting (20—25 June 2010).
In February 2009, the Board requested the Root Server System Advisory
Committee (RSSAC), the Security and Stability Advisory Committee (SSAC), and ICANN staff, including the IANA team, to study potential issues regarding the addition of substantial numbers of new TLDs to the root zone. As part of this continuing effort ICANN commissioned an internal study of different scenarios for application volumes. Using the procedures in the Draft Applicant Guidebook as a foundation, ICANN staff modeled a series of scenarios based on the number of applications received in the first round of new gTLD applications. A draft paper [PDF, 326 KB] has been posted summarizing the results of the model and providing the source for the parameters used to predict the rate of growth in delegations to the root zone of the DNS.
Additional economic analysis is being undertaken to address economic and market-related issues. ICANN has contracted to retain the services of Greg Rosston, Stanford University and Michael Katz, University of California Berkeley, both in the United States. The work will be done in a three-phase project plan with the two initial reports expected to be released prior to the Brussels meeting. During the first phase, the economists will survey published studies and resources that describe the potential impacts of new gTLD introduction; examine theoretical arguments about benefits and costs of increased gTLDs; consider and propose empirical studies to identify areas where additional work can serve to assess costs and benefits.
During Nairobi, another interesting Board resolution took place in response to concerns numerous stakeholders have expressed about the possibility that the cost of applying for new gTLDs (currently US$185.000 + registry fees) might hinder applicants requiring assistance, especially those from developing countries. Based on this community feedback and recognizing the importance of an inclusive program, the board requested stakeholders to work through their Supporting Organizations (SOs) and Advisory Committees (ACs), and form a Working Group to develop a sustainable approach to providing support to applicants requiring assistance in applying for and operating new gTLDs. The group is already being formed.
Staff continues working on the program’s Operational Readiness. Recently, staff completed phase 2 of a 3 phase review and selection process for independent evaluators. ICANN met the candidate's leadership and core team members to evaluate in detail the candidate's approach, experience, technical competency, commitment, and proposed costing model. The next and final phase will select primary and back up Evaluation Panels and notify the Board of final selections. The retention of the Evaluation Panels is expected to occur in 2010. For details, see here: http://www.icann.org/en/topics/new-gtlds/tenders-eoi-en.htm. Progress also continues in the development of the Top-Level Domain Application System (TAS). This is the on-line tool applicants will use to submit their applications.
Perhaps one of the most interesting discussions taking place in Nairobi has been around the New gTLD Program communications, which has a goal to increase global awareness of the program. The Board has resolved that: “ICANN will implement a formal launch of communications activities for the New gTLD Program, tailored according to the relevant program phases and developments, recognizing that the plan will need to be flexible to respond to unforeseen circumstances and adapt to the needs of regional audiences”; “…will continue to take into account the advice of ICANN's supporting organizations and advisory committees in the New gTLD Program communication activities”; and will “…begin the formal communications plan for the New gTLD Program when the overarching issues are resolved to the satisfaction of the Board.”
ICANN has undertaken significant communications activities since the Board approval of the program in June 2008. Some of these activities and plans were published in October 2009 as a Draft Communications Plan. Staff plans to revise the current communications strategy and work more closely with the SOs and ACs to increase the volume and effectiveness of the global outreach. More specific plans will be shared with the community soon.
One of the most critical elements of the formal communications campaign that will precede the application period is an announcement of the formal launch date. That date has not yet been officially finalized by the organization.
New gTLD Program:
Nairobi Adopted Board Resolutions:
Draft Delegation Rate Scenarios:
One World. One Internet. Everyone Connected.
In this area we will be reporting on the activities of our President
and CEO, Rod Beckstrom, as he travels around the world representing
one unified, interoperable, Internet.
March began with a trip to Beijing to engage in talks with the Ministry of Industry and Information Technology, Industry leaders, and the China Internet Information Network (CNNIC). This was my first bilateral visit of 2010 and it was in recognition of ICANN’s strengthening ties with China since China returned to the Governmental Advisory Committee (GAC) last year.
During the visit I attended a Nominating Committee outreach event, sponsored by CNNIC, designed to encourage greater participation from the Region in the Nominating Committee process. Dr. Wei Mao, Director General of CNNIC made a very positive contribution to our efforts to encourage greater Chinese participation in our multi-stakeholder model. The event was both interesting and fun, bringing together a good cross section of the Internet ecosphere in China.
From Beijing, I headed to Nairobi for our 37th International Public Meeting. As many in the community were aware, there were security concerns about the location of the meeting and a lot of planning and preparation was undertaken leading up to the meeting by our hosts and ICANN’s meeting team to mitigate the risks. I was very pleased that the security measures were well executed and resulted in our meeting being conducted in a safe environment. We also enhanced our remote participation capabilities to ensure that the many members of our community who could not attend in person, were only disadvantaged by their respective time zones. One of the concerns for us, was that many of the policy discussions would be stalled or delayed in some way because our low meeting attendance, but this simply did not happen thanks in large part to the success of our remote participation.
The Board and the community got through a considerable amount of work during the week. The Board passed eight resolutions relating to the implementation of new gTLDs, including not supporting the Expressions of Interest (EOI) idea which had generated an enormous amount of community discussion and deliberation after the Seoul meeting–finding instead that the potential benefits of proceeding with an EOI were outweighed by the costs of potential delay to the New gTLD Program. On the matter of Vertical Integration within the new gTLD context, the Board opted for a strict separation of entities offering registry services and those acting as registrars. However, if the Board approves a policy by the GNSO on this issue, prior to the launch of new gTLDs, the Board will consider that policy for adoption as part of the new gTLD program. The complete list of Board resolutions from Nairobi can be found at: http://www.icann.org/en/minutes/resolutions-12mar10-en.htm
My sincere thanks to everyone in the community, and our hosts, for their patience and the spirit of cooperation in which they went about their business to make sure Nairobi was another successful ICANN meeting.
Policy—What’s Wrong with DNS Redirection and Wildcarding?
The ICANN Board has prohibited, for all new gTLDs, a practice referred to as “redirection” – yet some ccTLD managers view the practice as helpful. To gain background on the issue, Scott Pinzon, Director of Policy Communications, interviewed Dave Piscitello, Senior Security Technologist for ICANN.
Scott: We’re talking about redirection at the top level of the Domain Name System, a practice also sometimes called “synthesized response” or “wildcarding.” Dave, what is it?
Dave: Most people are familiar with the fact that the Domain Name System is used to determine the IP address associated with a domain name. So there’s a number, and when we make a query to the DNS what we want to do is find that number for a name like, example.com. This is called domain name resolution.
SP: So, this is how instead of having to remember the IP address of Google or Amazon, I can type Amazon.com and it will resolve to whatever IP address that is.
DP: Exactly. Normally, the DNS responds to a query in one of two ways. If the name is found in what’s called the “zone file” (which is essentially the database of names for a particular registry) -- a positive response containing the IP address associated with that name is returned to the user. If a name is not found, or is a special error called “non-existent domain,” that’s returned in the response. You all clear?
SP: Yeah, and most of the time, the typical user is working this out through their web browser, right?
SP: I typed a URL and I’ve hit “go” – that’s actually a query to the DNS.
DP: Yes. So, redirection alters this fundamental behavior. You only get positive responses from the DNS. There are two kinds of positive responses. The first kind is exactly what I described. If the name is found in the zone file, you will get the IP address associated with the name.
The second type is a synthesized response. In a synthesized response, instead of receiving a “non-existent domain” error, the response message indicates there was no error. And it returns an IP address chosen by the zone authority, the operator of the name server.
So, instead of getting a response that says, “I can’t find example.com,” it says, “I found example.com and here is the address I’ve chosen to assign to it.”
SP: I think I get the concept but let’s follow up a little more with your example.com to clarify.
DP: Sure. Suppose I type ww.example.com –
SP: Instead of www?
DP: Right. My finger slipped. I hit the Enter key and I should get an error message because this is not really a name that example.com placed in its own file.
SP: Yeah, they didn’t make ww.example.
DP: Right. So, because ww.example doesn’t exist in example’s zone file, someone decides, “I’m going to return an IP address.” That IP address takes me to a search page as opposed to the webpage, www.example.com.
SP: Oh, I see.
DP: So, as a consequence of my mistype, instead of going to the web page I wanted to visit, I’m now directed, or in fact, redirected to a search page that a zone operator chose to direct me to. That page could have pay-per-click advertising. It could have a different search engine than the one I normally use. And it might even install malware.
SP: Why would anyone do redirection?
DP: Let’s look at the marketing or positive benefits associated with redirection. One argument is that Internet users don’t benefit from receiving errors, but they benefit from an error resolving to some page that provides them with a solution to the problem.
SP: So the thought is, “I don’t have your true answer but I’m helping you along your way.”
DP: Exactly. You could go to a redirection page and it says, “You were trying to get to ww.example.com. Perhaps you meant to go to www.example.com.” In the meantime they’ve placed pay-per-click advertising on that site that says, “Oh, you could also be visiting example.2.com.”
Now, if you click the pay-per-click, you’ve provided the one who’s hosting the redirection page with money for redirecting you to another page. The monetizing traffic in the form of pay-per-click or in the form of payments that a search engine will offer a person for hosting their search engine on their page, are two reasons why people would do redirection.
SP: Another camp is opposed to redirection. Why?
DP: Problems can arise with redirection. Thus far we’ve talked about the Internet as if the only application is the Web. But imagine if I’m doing this with mail, or imagine if I’m doing this with a voice call, using voice-over-IP. A little bit different, isn’t it?
SP: Yeah, it is. I don’t want my phone call redirected!
DP: A second and very important factor is that suppressing those errors fundamentally changes the way the DNS protocol works, and that breaks things.
SP: What kinds of things does redirection break?
DP: Take, for example, network management applications or utilities, such as “ping.” Ping is a program that you use to see if a host is alive and present on the Internet. At a command line, you type “Ping” and a domain name. If you get a response you know that the host is up.
DP: Well, suppose you only get positive responses every time you ping.
SP: Whether the host is up or not.
DP: That means that you never know whether the host has gone down.
SP: Because you sent a ping, but it got redirected to something that’s responding.
DP: Exactly. The same is true for many applications that rely on the ability to distinguish when a host is up, when a name resolves and when a host is down where the name is not resolving.
SP: This is like removing one of your five senses. As a network administrator, you’re trying to know what’s going on. Now you’ve lost the ability to sense when certain things are down.
DP: Right. And imagine traffic that’s supposed to go to your company email system, redirected to a host that is either not hosting a mail service or a host that’s hosting mail service that’s not your mail service. Both those scenarios result in a denial of service of mail delivery. In the worst case, somebody that you don’t want receiving your mail is actually spooling all your mail on their machine.
SP: And since mail is almost always clear text, there goes all your privacy.
DP: Exactly. In fact, hijacking emails and trying to hijack email servers is a traditional attack factor.
SP: It sounds like you’re saying that generally any kind of application that uses a client and a server needs some way to distinguish between success and error.
DP: There are thousands of applications. Folks who are in favor of redirection probably haven’t investigated the consequences for all of them.
The transcript you’ve just read was excerpted from the first episode of the new podcast, ICANN Start. For more information on redirection, you can read the full transcript [PDF, 32 KB] or listen to the podcast episode, found on ICANN’s new E-Learning Podcast page.
New to ICANN? Check Out Our New E-Learning Site
Visit our new E-Learning site at http://www.icann.org/en/learning/
Listen to Podcasts! Currently available are topics on:
Internationalized registration data, Wildcarding and synthesized DNS responses,
Inter-Registrar Transfer Policy, Country code Top-Level Domains (ccTLDs)
Each podcast is no longer than 20 minutes and a new podcast will be posted on the first of each month.
View Webinars! Upcoming webinars include:
- Introduction to Internationalized Domain Names (IDNs) - 14 April 2010
- Fellowship Program Overview—28 April 2010
- IANA Business Excellence—12 May 2010
- Introduction to the Security, Stability & Resiliency Plan—26 May 2010
Visit the E-Learning page to register for any of the above webinars.
Listen to Audio Briefings! Currently available is:
ICANN Security, Stability & Resiliency Plan (SSR) (on-demand)
Idea for a podcast, webinar or audio briefing? Send an email to firstname.lastname@example.org, or visit the E-Learning site and VOTE!
Issues Currently Open for Public Comment
Numerous public comment periods are open on issues of interest to the ICANN community. Act now for the opportunity to share your views on such items as:
High Security Top Level Domain (HSTLD) Draft Program Development Snapshot
When new gTLDs start up, each new TLD has the option of trying to increase trust by operating as a High Security TLD. How should an HSTLD program operate? Comment by 8 April 2010.
Zone File Access Concept Paper
How should Domain Name Service zone files be accessed if we soon have many more Top-Level Domains? This paper proposes a concept, and a related paper shows what implementation might cost. Comment by 8 April 2010.
Draft Report on Whois Accuracy
The National Opinion Research Center (NORC) recently completed a study commissioned by ICANN to determine the percentage of domain names registered under the top 5 gTLDs (.com, .net, .org, .biz, and .info) that contain accurate Whois data. The draft report is posted for review. Comment by 15 April 2010.
Report of Possible Process Options for Further Consideration of the ICM Application for the .XXX sTLD
On 19 February 2010, the Independent Review Panel issued its Declaration in the Independent Review filed by ICM Registry challenging ICANN's denial of ICM's application for the .XXX sTLD. Comment by 10 May 2010
by Janice Lange
Jambo from Nairobi!!!
This was ICANN’s ninth ICANN Fellowship program (my 8th experience as Program Manager), and each time, I begin the week wondering about the individuals that I will finally meet after reading their applications and exchanging emails over the few months prior to the meeting . Will they be up to the challenge of early morning meetings? We have a 7 to 7:30 am call time. Will they be vocal and participatory? Take advantage of the networking opportunities? Extend their hand to meet community members? Bond as a group and leave with a “fire in their belly” to outreach? Share their learning and become the building blocks for the next generation of ICANN volunteers?
The Nairobi Fellows did NOT disappoint! Each group raises the bar for the next…creating their own experience and making a mark on the community. In this case, individual members created their own blog and facebook entry during the week to start capturing the important topics and events, actually sent applications mid-week to join certain constituencies, took advantage of opportunities to meet key community members and our CEO in roundtables, working groups, sidebars and even at the Gala…which can be a hotbed of opportunity along with the fun and food that are always provided.
The week started with a bang at the AFRALO/Fellowship Networking Social on Sunday. This was after the fellows attended their first Fellowship session, the “ICANN 101 class”. This class has become the kickoff workshop for the Fellowship group in order to get them acquainted with ICANN, the meeting jargon and schedule, as well as one another. The event offered the chance to meet CEO, Rod Beckstrom; former Board member Dr. Nii Quaynor, who also serves on the Fellowship Selection committee; Cheryl-Langdon-Orr, chair of the At-Large Advisory Committee, along with many At-Large epresentatives attending the event, various ICANN staff members and invited guests.
Throughout the week, the focused morning meeting workshops, which are a mainstay of the program and mandatory for all participants to attend, covered the following topics: overview of the ccNSO, AFTLD and .KE, with emphasis on registry best practices, informational sessions on NomCom, ISOC and the At-Large organization, Internet Governance and ICANN Global Partnerships. The sessions are highly interactive, as they provide a small group opportunity to get questions answered by experienced members of staff and the community. In addition, there were 4 presentations from Fellowship Alumni covering IDN Fast Track, the GAC, expectations for the week ahead and goals for the participants when they return home in order to continue to promote the work of ICANN and its constituent groups. These presentations, have become a “staple” of the fellowship week, and as one newcomer, Vitus Foli Aborogu of Ghana said “For me, the various presentations by the Alumni really challenged me. After listening to them, I am well positioned to be a great ambassador of ICANN in Ghana. This experience gained as a fellow will continue to affect my life intensely, and hoping the get the great opportunity to mentor future fellows as I will have, no doubt, a wonderful story to tell”.
Dr. Sarmad Hussain just “graduated” from the program, having experienced 3 fellowships over 2 years beginning in New Delhi, then Cairo and lastly here in Nairobi. He met Tina Dam in New Delhi and became one of the IDN wiki volunteers in Pakistan, which has escalated to a position on the DNS stability panel for IDN Fast Track. Sarmad provided a detailed presentation to the fellows regarding IDNs and connected with the ccNSO and NomCom on possible paths for him to follow to become more involved in ICANN post fellowship.
Nelly Stoyanova is also a “graduate”, having come to her first ICANN meeting in New Delhi, where she was finally able to participate in her first ICANN GAC meeting due to the financial support the program provided. Her involvement and participation increased from there, and she funded herself in 2 additional meetings before once again looking to the Fellowship Program for support when Bulgaria went through shifts in power at the government level…attending both the Seoul and Nairobi meetings. Her
presentation focused on Bulgaria’s challenges and defining for other fellows what the GAC’s role in ICANN is and how participation is possible.
Fouad Bajwa is a 2 time fellow, from Pakistan; he is an Internet Governance policy advisor, ICT4D research and consultant, and UN-IGF IGC and MAG member who had not had the opportunity to travel to an ICANN meeting until the Fellowship opportunity in Seoul. He made quite a splash there, introducing himself to, and familiarizing himself with, each constituency group in some way.
Amr Elsadr also participated in his second meeting in Nairobi, and has one of the most unusual and diverse paths of any fellow. As a doctor, as well as Chief Operating Officer at Tele-Med International and a member of Net-Aman, the Internet safety focus group for youth (a non-profit organization), he has quickly immersed himself in Internet Governance capacity building, through involvement in the Diplo Foundation and Internet Governance school over the past two years, and he has brought an energy and enthusiasm to the program that focuses on the future of our youth.
These four individuals are just a sampling of the quality of fellowship candidates this program has cultivated, and with continued community support, they and others like them will continue to grow and take larger roles in the ICANN community.
As Pastor Peters Omoragbon of Nigeria said at our last meeting on Friday, “I am not an IT expert, not an Internet expert, but I am a consummate consumer of the Internet Services. Whatever I have achieved thus far with my NGO and all the places I have been to all over the world was made possible by my use of the Internet…I have become addicted. “ He provided the action items to support his addiction in the required follow-up report recently sent to me, which includes: Revive the Nigerian Chapter of the African Caucus of the WSISI as the Coordinator; post and continually introduce activities of ICANN into our website (Nurses Across the Borders) and link to ICANN website; work in collaboration with Anne-Rachel Inne…explore ways to ensure that Africa contributes to ICANN; and relate with all known ICANN constituencies in Nigeria, such as the Internet Society.
We look forward to seeing these names and faces in the years ahead, with stories in this publication, blogs, public comment, and as community members taking more active roles in their chosen constituency.
For the complete list of Nairobi fellows and their photo, as well as information on the Fellowship Program, please go to http://www.icann.org/en/fellowships/
Visit our home page for a high level overview of issues discussed in Nairobi. Watch our President and CEO, Rod Beckstrom, summarizes decisions made by the Board of Directors during the final session of the 37th ICANN meeting in Nairobi, Kenya. http://www.icann.org/
To listen to audio of recorded sessions: http://nbo.icann.org/nbo/media
To view presentations and transcripts: http://nbo.icann.org/nbo/documents?tid=172&tid=354
To view photos of the meeting: http://www.flickr.com/photos/icann/
Policy update: http://www.icann.org/en/topics/policy/
Monthly magazine: http://www.icann.org/en/magazine/
Public Participation: http://public.icann.org/