Will ICANN Reform?

By Larry Seltzer  |  Posted 2007-03-26 Print this article Print

Opinion: ICANN's Lisbon meeting this week may be spoiled with a reform agenda. At least the parties will still be fun.

Theres nothing like a big, fat scandal to kick obstinate authorities into gear, pursuing the goals they always speak highly—if vaguely—about. This weeks ICANN meeting in Lisbon (do they ever meet in the United States?) presents an opportunity for the organization to have some talking points ready when things get really ugly on April 1. The April Fools Day joke will be on Registerfly customers who havent gotten their domains out of Dodge by then.
I already went on about this some last week. Since then, ICANNs president and CEO, Paul Twomey, has issued a statement wondering if maybe its time to rethink the current Registrar Accreditation Agreements.

When I spoke to ICANN (not Twomey, I believe) several years ago about my concerns that a rogue or irresponsible registrar could damage many a registrant, officials scoffed at the idea that any registrar would risk their accreditation with such behavior. But it has a big problem now with Registerfly, which claims on its home page to have "over 900,000 customers. Serving 120 countries. 2 million names registered." And there are other registrars with dirty histories.

An ICANN report describes how and why a recent attack on the Internets "root servers" failed. Click here to read more.

Twomey directly addresses one major problem I brought up last week—that of proxy registrations: "...proxy registrations are available as a choice, but people who have them have great difficulties getting access to their data and having their domain name transferred where a registrar is uncooperative or has other problems with transfer. ICANN has had difficulty accessing this data, too."

No kidding. Come April 1, if ICANN follows through on its threat to bulk-transfer Registerflys remaining domains, those with proxy ("private") registrations will be in big trouble, unless Registerfly comes to their assistance. And I have trouble believing it will.

Of course, Registerfly is not the only registrar with a proxy or some other form of private registration service. Network Solutions service isnt strictly a proxy. Even the big and stable ones have to be thought of as a risk now, and Twomey makes the suggestion of data escrow, which I imagine means that some trusted third party holds the registrant data in a proxy registration, with its obligations for the privacy of that data strictly defined by contract.

I think perhaps the registry should be the agency to escrow the data. Nobodys in a better position to expedite a transfer. Especially with the .com names, VeriSigns fee of $6 per domain per year (a fee that is likely to grow on a regular basis) is a humongous markup on its teeny costs for each marginal domain in the registry. But, of course, that agreement isnt up for renewal for a while, and its unlikely that Verisign (or the other registries) would agree to be a data escrow for free. So this service will likely end up adding to the cost of registration, at least for private registration.

This is just one of the issues Twomey raises that makes you wonder how it took so long for ICANN to be concerned. Heres a good one: "What is the best mechanism for ICANN to hold affiliated registrars accountable for an affiliates actions?" Perhaps this is a question ICANN should have asked two years ago during the Panix.com scandal, which was instigated by an affiliate. In that case, ICANN did its best to hush everything up and protect the affiliates reputation.

Heres another good one: "How should ICANN and the registrar constituency encourage a system that rates registrars according to customer service and performance, and should this be available to registrants?" Should we let them know? This from the same ICANN CEO who said a few months ago, at the last ICANN meeting (in Brazil, of course), that he considered transparency a top priority for ICANN.

Twomey actually asks a lot of good questions, but its hard to take ICANN seriously before we see real action. And since ICANN has become, as others have pointed out, a guild of registrars and registries with no real interest represented for registrants, Ill believe these issues will be addressed by ICANN when I see it.

If ICANN were truly interested in making things different, it should consider radical notions, like Karl Auerbachs idea of using cryptographic keys rather than contact information in order to indicate domain ownership. (Read it, its a heck of an idea.)

But Twomeys new agenda covers the immediate crisis, which is how to respond in about a week when thousands of registrants scream bloody murder. And when the next registrar goes bad. And the next one.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog. More from Larry Seltzer
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel