[dns-operations] When TLDs have apex A records

Doug Barton dougb at dougbarton.us
Mon Jul 20 17:52:46 UTC 2009

In the interests of full disclosure, a little bit about me and my
ICANN involvement:

1. I followed ICANN "from a distance" starting shortly after its
2. As DNS admin (and as part of the team that worked on our registrar
reseller product) for Yahoo! I started attending ICANN meetings, which
led to me becoming a charter member of the SSAC.
3. In December of 2003 I joined the ICANN staff as GM of IANA.
4. I left the ICANN staff in July 2005 but continue to follow (and in
some cases be involved in) the process as an individual contributor,
and on behalf of my consulting clients.

However, all opinions here are mine, and mine alone.

Jorge Amodio wrote:
>> And what happens when folks who run TLDs either do not have very good clues
>> or, worse, have very good clues and are intentionally misusing the feature?
> As Randy said, deal with it.

I was going to reply to Randy's message about this, but yours is
better. :)  This response is typical of a very vocal contingent of
ICANN-followers that on the one hand want ICANN to do less, be
smaller, etc.; but on the other hand DO want ICANN to act on issues
that THEY believe to be important.

What you and Randy are proposing is essentially the creation of a
mechanism for vetting "appropriate" use of apex wildcards and/or a
mechanism for judging "abuse" of them after the fact. Both of these
options would be expensive and time consuming to create and manage.
The first has the additional problem of no one being happy with the
definition of "appropriate," and the second has the additional
problems related to the fact that the damage to the Internet's users
would already have occurred/be occurring while the problem is
rectified. Personally, I don't find either of those options appealing.

Now all that said I do believe that there are times when the value of
a technical option in the right hands would justify the expense of
vetting it properly to make sure that it's benefits outweigh its
risks, and TMK there is still a provision in the gTLD contracts for
technical review of new features. However, I have yet to see anyone
answer David's request for information on why a TLD would need a
wildcard at its apex. I would add my own request for information on
why the benefits of that solution outweigh the risks.

It's easy to say "Big bad ICANN took away my wildcards!" and you will
obviously get a lot of sympathy for statements of that nature. It's
much harder to engage in reasoned discussion about what's best for the
Internet as a whole.

I would add that "back in the day" when "the Internet" was run by the
technologists answers like "deal with the abuse" were appropriate. But
"the Internet" hasn't been run by the technologists for a long time
now, and won't be again. It's run (for better or worse) by businesses
and governments, not all of whom have the users' best interests at heart.

>> Perhaps apropos:
>> http://www.techcrunch.com/2009/07/08/pre-order-your-cm-domain-now-start-making-money-off-domain-typos-soon/
> Some typos, errors and issues with the user interface can be handled at the
> application level.
>> (Note that ICANN does not have any mechanism of control over ccTLDs like
>> .CM)
> You can't and you shouldn't, ICANN was not created as a regulatory agency
> of any sort

But aren't you and Randy suggesting that ICANN "regulate" the use of
wildcards at a TLD apex?

> (albeit some folks from IGF that would love to find a place where
> they can "govern").
> And as more ICANN gets to play a regulatory role the more it makes itself
> liable for what it does or does not.
>> I understand (and have some sympathy with) this view.  However, this
>> discussion has been going on for more than 10 years now and ICANN has tried
>> lots of different approaches "to privatize the management of the domain name
>> system (DNS) in a manner that increases competition ..." (from the original
>> USG MoU with ICANN). There are valid arguments on both sides.
> Perhaps after 10 years is it time to give up ?

And put what alternative in place? You don't honestly believe that
"the Internet" can operate successfully for more than a microsecond
without some sort of operational coordination, do you? There are so
many different forces, different interests, and different calibers of
people/companies (and I'm ignoring governments altogether for the
moment) involved in "the Internet" today that there is no possibility
it survives without some form of coordination. If you don't like how
ICANN is constituted, propose a better model. Believe me when I say
that if you had The Answer for this problem you could get plenty of
people/governments lined up behind you to get it in place.

Otherwise, work within the system to try and make it better. Pissing
and moaning on the sidelines doesn't accomplish anything.

>> I'd agree with this too, however I'd note that if IANA needs to scale, it
>> can (after all, if new gTLDs are sufficiently successful to stress IANA,
>> there will be funds to grow IANA).
> How do you put a number to "sufficiently successful" ?
> IANA needs to be ready before the fact regardless of the level of success
> of the new gTLDs.

Unless they've changed the process significantly since I ran it, the
IANA part of the equation for adding/updating gTLDs is already quite
efficient, and minimal effort would be needed to scale it say one
order of magnitude. (Please note I specified gTLDs in that sentence.)
Adding a whole lot more gTLDs would require thought and planning for
both the external and internal mechanisms, but the IANA portion is not
the limiting factor here.

> ICANN already has the funds for it if they cut wasteful
> spending on other budget lines.

I would point out once again that what you consider "waste" other
parts of the Internet community consider "essential." I would also
point out again that the ICANN budget process is open to public input,
as is the strategic plan (from which the budget is derived).

>> There are far better places to discuss ICANN's budget or particular aspects
>> of http://www.icann.org/en/planning/ops-budget-framework-09.pdf.
> I'm aware of the venues where under the ICANN's umbrella the discussions
> take place.

Excellent! I look forward to reading your input.

> I remember when Karl had to sue ICANN to gain access to
> financial information, even while being a director.

There is no doubt that there were plenty of mistakes made in ICANN's
past. Trotting this issue out now, N years after the fact is good for
an applause line but doesn't really advance the discourse.



More information about the dns-operations mailing list