2015-04-30

What Is The US Government's Claim to the Internet Root?

This is part 2 of the post: The Day Jon Postel Freed The Internet Root From US Government Control

So what exactly is the U.S. Government's claim of authority to, or over, the Internet or its highest domain in the hierarchy of the DNS, the Internet Root Zone?

List of Root Servers
Current List of the 13 Named  Root Zone Authorities - source: IANA

Slide from Root Server Operators Presentation to GAC in 2003
Today the authoritative name servers that serve the Internet DNS root zone, commonly known as the “root servers,” are in fact a network of hundreds of servers in many countries around the world. They are configured in the DNS root zone as 13 named authorities, as shown above but no single organization (neither commercial nor governmental) controls the entire system. The root zone is the information created by IANA and distributed by Verisign to all root servers. The 13 named authorities in the DNS root zone are operated by 12 independent organizations - 10 located in the United States, and 1 each in Sweden, the Netherlands and Japan. Hundreds of machines respond to DNS queries sent to the root server IP addresses through a technique known as "any cast." This technique ensures global accessibility of root zone data. Changes to the root zone are currently administered by ICANN through the IANA function pursuant to the contract administrated by NTIA. VeriSign performs the related root zone management functions pursuant to a cooperative agreement with NTIA which ensures that the procedure of making changes to the root zone is properly followed and observed.

"Governance of the root zone has been one of the most controversial issues in the international Internet policy debate. The main point raising divergent views has been about the historical role of the United States in the stewardship of changes to the root zone as administered through the IANA process by ICANN." Mapping of international Internet public policy issues, pp.16-17, April, 2015 (emphasis added).

Therefore, it was no surprise that in the course of the IANA stewardship transition, specifically, within the CCWG on ICANN accountability, a question was raised as to the US government's "claim" to the Internet root. The very same US government official quoted in part one in the Washington Post excerpt about the Postel root server incident in 1998, J. Beckwith Burr a/k/a Becky Burr (now Chief Privacy Officer and Deputy General Counsel of NeuStar, Inc.), is a member of the CCWG-Accountability group and wrote a lengthy, detailed response to that question which one can read in full hereDomain Mondo has edited and abbreviated it below (emphasis and links added):

"The answer to your question re USG [US government] “claim” to the root is – as I’m sure you know – somewhat convoluted ... The USG entered into a “cooperative agreement" with Network Solutions in 1993, under which Network Solutions operated the authoritative root, and also provided both registry and registrar services to TLDs other than ccTLDs. Until he died in 1998, Jon Postel was in charge of IANA functions through a contract between the University of Southern California Information Sciences Institute and DARPA. As far as I know, during that period, Jon delegated ccTLDs and Network Solutions added them to the root at Jon’s direction. We have no record of the terms and conditions under which these delegations occurred prior to 1994, when RFC 1591 was issued. "The Cooperative Agreement was somewhat ambiguous about “ownership” and “authority.” In 1993, when the Cooperative Agreement was signed, there were some 7500 registered domain names.... The situation was complicated by the fact that the IANA functions – so presumably the authority to modify the authoritative root – was performed by USC/ISI under a regular government procurement contract with DARPA. Did that mean DARPA had authority to control changes to the authoritative root? I don’t think anyone really knows. Maybe the answer lies in the Postel archives, which have not been made available by USC. And finally, it should be noted that throughout this period there were no formal agreements with the root server operators in the US and elsewhere ... As a practical matter, it is the root server operators who determine which root is authoritative (as Jon once demonstrated). So, call the situation murky....

"Your question about whether or not the USG has a basis for its “claim” of authority over the root is a bit metaphysical. The USG clearly has the right to prevent Verisign from modifying the authoritative root. Whether or not it had the right before Amendment 11, Verisign gave the DOC [Department of Commerce] that right by contract in that amendment. The USG’s authority to determine which root serves as the authoritative root and who operates that root is not spelled out in black and white anywhere that I know of – it is something that happened along the way, a byproduct of contract and the passage of time, and certainly not an inherently governmental function. To the extent there ever was “property” - e.g., in the form of USG funded root server hardware, for example, I am confident that such property is long past its useful life and no longer in service. What we know for sure is that Verisign operates the authoritative root and the DOC has the contractual authority to tell Verisign not to make a change to the root. That right reflects a contractual agreement between two parties, and does not seem to me to be a delegation of authority over USG “property.” Accordingly, I think the USG has the right to transfer authority for changes to the root in the manner contemplated here. To be sure, this transfer was in fact contemplated expressly in Amendment 11, when the DOC and Verisign agreed that the USG had the right to direct Verisign to follow the directions of “Newco” (which subsequently became ICANN)...."


Domain Mondo archive