Month: October 2003

Bruce Tonkin: Twomey response to sitefinder — no documented procedure for dealing with new services. Special meeting of council. policy-development process; issues report requested by council. During meeting, Twomey and Jeffreys read letter that clarifies scope. Subtle wording.Not just registry services as defined in contracts — also other services that could have impact on internet stability. Not purely looking at registry services.Other issue towards end of letter: Industry participants might be concerned because of competition issues. In end of Twomey letter, indicated that ICANN should seek external advice from competition authorities.Barbara Roseman in charge of preparing issues report. Questions?Elana Broitman: GNSO to look at definition of service or process? Tonkin: Early discussions with ICANN GC. Want to get away from what a service is, but rather look at impact and effect….Process not about determining good service or not, but about impact on security and stability. GNSO developing process that staff applies on case-by-case basis. Q: Meet 15 January deadline? BT: probably not. But shouldn’t take a year either. Miss 15 january by bit, not much. Q: Look at old requests? BT: Question to board, not to GNSO Council.

Sebastian Bachollet speaks to the registrars’ meeting. Has given presentations to different constituencies. Conducting interviews. 7 new gTLDs. 6 launched, .pro in the middle of the river. Address 12 questions; priority questions set up by NTEPPTF. Evaluation team: Summit Strategies Intl. (Miriam Sapiro); Solucom (?; Michel Briche); Bachollet supervising. Goal: Draft evaluation report at middle January / end January. Draft to TEAC (TLD Evaluation Advisory Committee); final report to TEAC around Rome meeting. Rough overview of questions. For some questions, input from registrars needed since they were between end customers and registry. Would like input about process with different new gTLDs. Difficulties faced? Technologies used by registries? Initial trademark protection? Startup issues? Implementation of registration restrictions? WHOIS and how it was implemented? Competition — how did new gTLD change market, if at all? Effect on scope and competitiveness of domain name market? Effect on existing TLDs and registrants? Service continuity? Legal framework?If anyone wants to be interviewed, please contact Bachollet.Question: Evaluation process further delaying new gTLDs? SB: Question to board, can’t answer that. Dan Halloran points out formal deadline from MoU — September 2004.Bachollet asks that r’ar constituency identify a small, but diverse set of registrars that might serve as interview partners.

ICANN 2.0 is also going to come with a shiny new user interface.Preview here; the new site is being showcased at the Carthage meeting. ICANN’s webmistress is seeking comments.

Vittorio Bertola: Many don’t speak English. Many aren’t even able to deal with latin scripts. Not everything that’s technically allowable should be practically done. Users like it? Correct architecture? Build wildcard in competition-friendly way? Controlled innovation? No. But only by respecting competitive environment. Long-term point. Most unpleasant thing see parts of community fight; fragmentation. IP-addresses hardwired. Protocols agnostic. Collateral damage such as effect on .name worrisome for future of Internet.Nobody else speaks up.

About EPIC. “Where do you want your data to go today?” Impact on privacy tools. Privacy law.Privacy Issues with Wildcard. Data use — Techniques — Laws. E-Mail session. Omniture partnership. Omniture as privacy issue. Looks like doubleclick. No indication to user that data is sent to Omniture; cookie with 5 years lifetime. Information gathered by omniture from wildcard.OECD privacy principles. Try to apply to service as offered by Verisign. Purpose specification principle. Collection limitation principle. Use limitation principle. Openness. Make known to users what is happening to their information. Ability for community to participate in decision-making.Core legal question — is it legal? Interesting question. Maybe it is legal. Consent, lots of notice, learn typing! Maybe it is not legal. Go to classical communications: Have to keep them confidential, either deliver as intended, or return. Essential problem from privacy perspective: Not giving information to person originating communication on where communication ends up.Privacy issues in various categories. Keep in mind while developing policy for wildcard DNS.

My presentation is here.

Joost Zuurbier relatively briefly describes what .tk (Tokelau) does with wildcards: Wildcard A points to URL forwarders; wildcard MX points to centralized e-mail forwarding server..tw: Using wildcards for IDN support. Plugins.

Innovation needs stable basis. New internet services don’t interfere with old ones, so no need for expensive and tedious approval process. Important for new applications that infrastructure — including naming system — behave predictably.Easy to write new network applications. Don’t have to special-case by TLD when writing software. Keeping tables of TLD behavior is a bad thing and brings you into trouble. host table analogy. Nobody updated them. Idiosyncratic features return us to host table situation.Impact on users. Attention to backwards compatibility. Let old applications see old behaviour. Don’t force old applications to upgrade. Upgrades don’t happen. One of the things that killed OSI was need for gatewaying between different versions of X.400. We don’t do that on the Internet, that’s why we are here.Example: IDN. DNS spec permits any binary string. Applications told that it’s not a good idea. Applications expect letter-digit-hyphen. To old applications, IDNs look like meaningless domain names. Hard problem: Internationalized e-mail. Internationalized addresses: Last step, hard.Alternative ways to do typo-fixing service. DNS Internationalization in practice. Some letters look like other letters. Have unregistered reserved name — not possible with wildcards.Network incredibly robust against many types of nonsense. Robustness depends on stability and predictability. Practical stability, not some lawyer reading contract, finding something defined, and concluding defined = permitted.Robustness principle.Wildcards: MX wildcards important when bringing countries with poor communications infrastructure to Internet — let wildcard MX point to gateway, have gateway convert to legacy protocols. Wildcard then defined generically, but known from the beginning to be harmful when applied across protocols. MX only affects one protocol.

Clarification: There is no wildcard in .name. Talk about the non-delegation patch to BIND and its impact on .name. Feature to rewrite authoritative DNS answers containing non-delegation records. 15000+ downloads. Quite a bit more now. Used incorrectly, changes fundamental hierarchy of DNS system. For .name, patch will rewrite valid authoritative MX records returned from registry. root-delegation-only needs explicit list of TLDs that are allowed to return non-delegation records. Explains .name structure. Impact of rewrite: E-Mail to @*.name bounces.

Steve Crocker kicks off the wildcard session in Tunis.About SECSAC. Evolution of events. Change to registry; redirection of unassigned names to SiteFinder server. SECSAC meetings in DC. Still gathering public input by e-mail. Emphasizes that Sitefinder was change to existing protocols, as opposed to introduction of new protocol (like WWW). Defensive action: Changes to undo the change. Change and counterchange. Has not escalated.Registries, registrars, registrants — explains registration system structure. Name resolution; explain mechanism. What happens when name exists, what happens when name doesn’t exist? Explain wildcard situation. Broad areas of concern: Abruptness; right thing? competition; lots more. Initial SECSAC advisory: Verisign — please roll back; tech community — clarify specs; ICANN — clarify procedures.Overview of 10/7 DC meeting. Presentations available on the net. Follow-up meeting on 10/15. Ben Edelman etc.SECSAC has not yet finished its work; still very interested in receiving comments. Scope of SECSAC work. Will produce report, will then step back and be part of the audience.