Re: Services and top-level DNS names

Karl Auerbach <> Sat, 05 July 2008 02:10 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id CE6DC3A683D; Fri, 4 Jul 2008 19:10:00 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 87E3B3A6817 for <>; Fri, 4 Jul 2008 19:09:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6V9Q9bO+UrTR for <>; Fri, 4 Jul 2008 19:09:58 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 6ED2B3A683D for <>; Fri, 4 Jul 2008 19:09:58 -0700 (PDT)
Received: from ( []) (authenticated bits=0) by (8.14.2/8.14.2) with ESMTP id m652A4dK023426 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 4 Jul 2008 19:10:05 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=04142008; t=1215223805; bh=Ju05eyT+BF8FOJuKHYBvoMqbBfA6spKDnkWYcM ED3K8=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=P0TVZztNyZcL ZS9q2UqYGvb0Zoq96XrxFMjzGOfazLJrNc0Nef0pfaBylPqIHrEI97dqxJxDm5Za+wq +wfUV+cCaIjUMcbuJxxOCQTgzOTWh5oQTIalHHItP5JIM6Ah5Pefj0z/opB1LvMXIkJ //18GdSJZ1ONpXz5SyIkYPcWw=
Message-ID: <>
Date: Fri, 04 Jul 2008 19:10:04 -0700
From: Karl Auerbach <>
User-Agent: Thunderbird (X11/20080501)
MIME-Version: 1.0
To: John C Klensin <>,
Subject: Re: Services and top-level DNS names
References: <> <E709066D4201B0B9202841FC@p3.JCK.COM> <BLU137-W50030593690ADECA1032C7939B0@phx.gbl> <795604F9E96F8D31B307B8E1@p3.JCK.COM> <BLU137-W4119825EB30C448D9C87B7939B0@phx.gbl> <6DF6CD2370AAF383D8F9172F@p3.JCK.COM>
In-Reply-To: <6DF6CD2370AAF383D8F9172F@p3.JCK.COM>
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"

John C Klensin wrote:

> I'm going to try to respond to both your note and Mark's, using
> yours as a base because it better reflects my perspective.

I sense that many of your concerns are well grounded.  And I find it 
interesting that the concerns come not so much from DNS as a system and 
protocol in and of itself but rather from the practices that have 
developed in the ways that DNS is used.

I see that you consider this situation urgent.

But I think that even your sense of urgency may underestimate the 
exigency of the need to coming up with an answer that can be labeled as 
a standard or BCP.

It is my feeling that pretty much every company in the Fortune 1,000,000 
is going to want to go for their name as a TLD.  And the marketing 
people at those companies will exert strong internal pressures to have 
every service - from web to email to SIP to whatever - using only the 
single TLD/company name.

As for contracts - ICANN should, if it is not doing so aready, clearly 
articulate a requirement that TLD operators clearly agree to follow 
written and broadly practiced internet technical standards that pertain 
to DNS.  (I've gone further and suggest that this ought to be ICANN's 
sole criterion for accepting [which does not mean granting] an 
application for a new TLD, but that's another discussion for another day.)

But contracts only go so far.  First of all there is the issue of the 
ccTLDs - they tend to operate outside of the ICANN contractual hierarchy.

Then there is the issue of enforceability of contract provisions.  ICANN 
seems to have an institutional fear of something called "third party 
beneficiary" status.  This is a thing that a contract can grant to 
certain non-parties so that those parties can step in and demand that 
certain contract terms be enforced against one or both of the parties 
even if the parties themselves are not holding one another to account.

In other words, unless the contracts give these rights, the IETF and 
others might have to stand on the sidelines and able to do no more than 
gnash their teeth in frustration.

ICANN has not demonstrated that it is quick to take up its sword to 
enforce its contractual rights when users are being harmed - For 
instance it kinda took dynamite to get ICANN to notice, much less to 
react to the developing RegistryFly mess.

Also you mentioned that the Brooklyn Bridge park folks might want to sue 
ICANN rather than the people who register "brooklynbridgepark" as a TLD. 
  My sense is that this might be a poor strategy because ICANN might be 
able to excuse itself as merely acting as a bookeeper and recommending 
that you sue the people who registered the TLD once they show, through 
actual use, that you have suffered some concrete harm.  Also, ICANN 
operates with a somewhat uncertain shield that exists because ICANN is 
able to operate in that vague middle ground between being a private 
entity and an arm of the US government.  (It is this same uncertainty 
that may explain why ICANN has so far avoided squarely facing the 
restraint of trade question in the US or elsewhere.)

Also, you use the word "property".  That's a word so full of different 
meanings to different people in different places that it tends to cause 
more trouble than it is worth.  I might suggest that we look at this 
situation as one in which the various actors have various explicit 
rights (contractual or otherwise) and duties towards certain domain 
names.  That way we can deal with these things with clarity rather than 
getting buried under the emotional baggage that comes from the word 

With regard to that final point about requiring only delegation and glue 
records - what about things like LOC and some of the TXT and other 
records for things like DKIM, SPF, SIP, etc?  My point here is that this 
might not be as simple to define as we might initially think.

But the boiler in ICANN's locomotive is coming up to pressure and we can 
expect ICANN's new TLD train to start chugging fairly soon - so answers 
may be needed more at IETF 1988 speed rather than IETF 2008 speed.

Ietf mailing list