Submission to the Workshop on Internet Governance
26-27 February 2004
Deconstructing Internet Governance
Author: Karl Auerbach, former North American publicly elected Director, ICANN
In my final report to ICANN I suggested this
definition of the internet:
The internet is the open system that carries IP packets
from source IP addresses to destination IP addresses.
This proposed definition of the internet focuses
on the flow of IP packets between end points designated by IP addresses.
IP addresses, and the mechanisms that guide a packet to its intended
destination as it flows across the intricate spider web of the internet are
topics that many consider arcane and comprehensible only to a few
technologists. Yet in many regards, the issues of IP addresses and the
routing of packets are far more important to the public and to nations than the
domain name system.
My proposed definition is narrow. It regards things such as Voice over IP (VOIP)
and the World Wide Web as applications that are layered on top of the internet
but which themselves are not necessarily part of the internet. I know that
this distinction will disturb many people. Let me therefore mention that
my definition does not exclude these applications from governance. Rather,
I believe that by clearly articulating the linkages and dependencies between
things like the VOIP and the base internet we will be able to design more
appropriate governance structures.
Under my proposed definition, the Domain Name System is an application, albeit a critical
one, that is layered upon the base internet. It is my sense that we ought
to deal with DNS as a matter distinct and separate from the system of packet
routing and delivery that I have defined as the base internet.
The End-To-End Principle and The Risk of Internet Fragmentation
You may have heard of the "end-to-end principle".
This principle is implicit in my proposed definition of the internet.
The end-to-end principle is one of the primary reasons why the internet has
been so successful. Failure to maintain the end to end principle
could lead to several negative consequences: Without a firm commitment to
the end-to-end principle, the internet could evolve into separate networks that
touch one another only through guarded portals. Without the end-to-end
principle innovation on the net would be more expensive and occur more slowly.
Promising technologies such as Voice over IP could be crippled or stillborn.
Without the end to end principle the internet could easily stagnate.
Is the end to end principle at risk? The answer is "yes".
We have already begun to observe the first symptoms of fragmentation of the
Very understandable and legitimate concerns about unsolicited bulk e-mail
("spam"), the distribution of
unsavory material, the protection of children, and the protection of cultural
values have fueled the creation of what amount to protected gates that today
control the passage of network traffic. These portals could harden and not
only reduce the value of the worldwide internet but also create opportunities
for those in charge of the portals to take advantage of their privileged position
either for profit or political gain. A good example of this is Versign's
"SiteFinder", a recent attempt to profit by leveraging Verisign's
highly privileged position over the .com and .net top level
The IP address allocation system has driven many people and companies to
deploy Network Address Translation (NAT) devices. These devices break the
end to end principle. NATs have already begun to impede the deployment of
Voice over IP products.
The Internet As A Multifaceted System
Let me return to my original purpose - to inquire how our approach to
internet governance may be informed through a clear understanding of what the
Let me submit the following proposition: There is no single thing
called "the internet". Rather, I submit that the internet has
several distinct aspects. Let me further suggest that these aspects may
each be governed separately with a mode of governance most appropriate to its
What I have suggested above is a departure from the current practice in which
governance of multiple aspects of the internet are merged into one body.
It is my strongly held opinion that the division of internet governance into
distinct bodies is more than merely prudent, I believe that it is a necessity.
What are the distinct aspects of the internet that ought to be
considered as subjects of governance? Here is my list:
First, a system of IP address allocation that meshes well
with the IP packet routing systems.
This function, to date, has been
handled with relatively little controversy by various "Regional IP
Registries" (RIRs). However, I anticipate that questions of
fairness of IP address allocation, as well as quality of service demands for
network services such as VOIP will begin to inject public-interest concerns
into what has been a largely technical area.
Second, a system of inter-carrier/inter-ISP traffic exchange in which
end users can obtain usable assurances not merely that packets can actually
flow between senders and receivers but also that designated traffic flows will
achieve specified levels of service.
Today the internet is composed of
carriers and ISPs who are often jealous and suspicious of one another.
However, it is only by virtue of the adherence to at least a minimal set of
shared practices that IP packets can find their way across the internet,
through a sequence of carriers and ISPs, from senders to receivers.
The dissemination and processing of information regarding the routing of IP
packets is a complex technical matter. Overlaying that
technical difficulty is the resistance of carriers and ISPs to disclose how
they connect to one another and under what terms.
It is not unusual for
large portions of the net to be unreachable or invisible at any given
moment. Today most of these events are transitory (on a timescale
ranging from minutes to a few hours.) With the increasing use of
potentially permanent filtering, selective reachability may become the norm
rather than the exception; the scope of the internet will begin to vary
depending on the place from whence one looks.
New uses of the internet, such as
for Voice-over-IP (VOIP) will require adequate end-to-end service
levels. Without adequate service, applications such as VOIP may find
it difficult to expand beyond local scope or be treated as anything but a
The notion that internet packet routing, issues of
inter-ISP peering and transit, and end-to-end service levels are matters for
governance is a notion that may be strongly resisted by carriers
and ISPs. It is very important to initiate a dialog with that
Third, a system to allocate protocol numbers and other similar
identifiers. This has been, and will remain an essentially clerical
function performed on behalf of standards bodies. (I do not believe
that this aspect of the internet is in need of governance, however the
legacy of ICANN and IANA have placed this aspect into the realm of internet
things that are expected to be governed.)
Fourth, the responsible and accountable operation of the upper layers of the DNS
hierarchy including oversight, on behalf of the community of internet users,
of a suite
of Domain Name System (DNS) root servers.
Fifth, the management of the DNS root zone file. This function
includes the clerical task of preparing the root zone file for distribution
to the root servers. This function also includes the discretionary
task of developing and applying policies to determine which new top-level
domains will be
allowed entry into the root zone. (This latter function could conceivably
be split so that national and "country code" top level domains are
handled separately from other top level domains.)
I will return to those aspects of governance in my next submission and
suggest how appropriate structures of governance might be designed for each.
Earlier in this note I indicated that I believe that layered upon the
internet are several important applications. These include, but are
certainly not limited to, the World Wide Web, Voice over IP, and Instant
Messaging. It is my suggestion that for each of these applications, to the
extent that governance is appropriate at all (and I strongly urge that in many
cases there is no need for governance), should be handled by its own distinct body of
A Note of Concern
The internet is rapidly becoming a public utility. People and entities are
basing economic plans, products and services, and, increasingly, matters involving
health and safety on the internet. As part of that evolution, I believe that not only do
our engineering practices have to evolve but I
also believe that we need to consider how to ensure that the net's infrastructure
remains stable and dependable into the future without badly compromising the
ability of the still nascent net to evolve.
 My final report to ICANN is available online
The referenced material is found towards the end of that document.
 Saltzer, Reed, Clark, "End-to-End
Arguments in System Design", 1981 available online at http://www.reed.com/Papers/EndtoEnd.html
 See my note Is
the Internet Dying? at http://www.cavebear.com/cbblog-archives/000051.html
 See "IAB Commentary: Architectural Concerns on the use of DNS Wildcards",
available online at http://www.iab.org/documents/docs/2003-09-20-dns-wildcards.html
 See "From Barnstorming to Boeing -
Transforming the Internet Into a Lifeline Utility" slides
notes at http://www.cavebear.com/rw/Barnstorming-to-Boeing.pdf
Updated: 19 Feb 2004 09:49:10 AM