Can the inmates run the asylum? The U.S. plan to stop ruling the open Internet

north america set to run out of ipv4 numbers icann fadi chehade

Are the heads of ICANN ready to run the Internet without the U.S.? (Credit: Flickr/icannphotos)

In March, an arm of the U.S. Commerce Department dropped a bombshell: it asked ICANN to come up with a proposal to take over core functions of the Internet by September, 2015. Last week’s NETmundial conference in Brazil — originally organized to address surveillance and privacy issues raised by the Snowden revelations — represented the first time ICANN and the Internet community have tried to hammer out a plan for Net governance independent of the United States.

Ideally, ICANN (Internet Corporation for Names And Numbers) needs something approved and in place in less than 18 months, or the U.S. will extend its current management arrangement until 2019 … keeping the Internet’s central functions under its thumb.

When will ICANN come up with a plan? And does the U.S. ceding control over central Internet operations represent a threat to Net freedom, as some politicians claim?

What is the IANA?

The IANA — a department of ICANN named the Internet Assigned Numbers Authority — is responsible for some of the fundamental glue that holds the Internet together. Without getting too geeky, the so-called IANA functions come down to three important tasks:

  • Managing domains: Handling changes to the DNS root zones used by the entire Internet. These are what define top-level domains like .com, .edu, .uk, .ru, and (now) hundreds more.
  • Choosing ports and protocols: Coordinating technical protocol parameters used by Internet services – like the Web. When you connect to a Web server, your browser normally does it on port 80, rather than any of the other 65,535 ports it could choose. Port 80 is standard for the Web because the IANA says it’s standard; they also assign thousands of other ports for other services and protocols, like email, and FTP.
  • Handing out IP: Allocating IP numbers (blocks of Internet addresses) to regional Internet registries for different parts of the world, who in turn allocate them to ISPs, corporations, and others in their regions.

On paper, the U.S. government ending stewardship of the IANA would remove the last vestige of U.S. control over the Internet’s day-to-day operations. Symbolically, the handover might represent that ICANN is all grown up – that the once-struggling, bickering organization is a true player on the world stage.

Who operates the IANA?

Back in the old (old!) days, the IANA functions were handled by one guy: Jon Postel, one of the fathers of the Internet. (And he did it more-or-less when he had time.) Postel died in 1998, and the NTIA asserted greater authority over IANA functions. After all, the Internet had become important to the U.S. economy (this was the first dot-com boom), and the U.S. government wasn’t comfortable with the Internet’s heart being in the hands of one guy who might decide to arbitrarily change the Internet’s core routing. (Postel did that once.) However, when the NTIA stepped in, it was with the idea that the IANA functions would be handed over to the private sector.

Jon Postel

Jon Postel in 1994, with map of Internet. (Credit: Wikipedia)

“In its 1998 policy statement, the Department of Commerce stated that the U.S. government is committed to a transition that will allow the private sector to take leadership for DNS management,” NTIA chief Lawrence Strickling told Congress earlier this month.

But back in 1998, ICANN had literally just been founded, and had no experience doing IANA stuff – that had been Jon’s job! So the NTIA (National Telecommunications and Information Administration) contracted with ICANN to handle the work (for free), retaining formal oversight just in case. Sixteen years later, the Internet is now indispensable to the global economy … and that’s where things still stand.

How does U.S. Internet oversight work?

In practice, neither the NTIA nor the U.S. government has direct control over ICANN policymaking. When ICANN’s sometimes-protracted process approves an update to the root zones – say, to add new top-level domains such as .ninja – the NTIA acts as a middle-man, verifying the changes and then passing them to Verisign, the company that operates two of the 13 root servers and responsible for propagating changes. The NTIA has described its involvement as a “secretarial role,” and for 16 years it’s been very hands-off, letting ICANN do its own thing.

But, you know, there was that one time in 2005 things went awry: .xxx.

The Bush administration was not pleased that ICANN granted preliminary approval to the racy top-level domain. The implication was that if ICANN pressed forward, the administration would direct the NTIA to block its implementation. That never happened: ICANN awkwardly backpedaled and .xxx didn’t become a top-level domain for six more years. The NTIA can still legitimately claim it’s never exercised control over root zone changes. But it probably would have if ICANN had forced the U.S. government’s hand, and that chance of U.S. government intervention makes lots of people nervous.

Next page: How the U.S. Wants the Internet to run

1 of 2