what problem are we solving? (was Re: ICANN opens up Pandora's Box of new TLDs)

[snip conflict examples]

Finally, will there be any performance impact on DNS servers around the
world (thinking of caching issues) ?

more to the point ... what problem is ICANN trying to solve with this
proposal? What about the current system that's broken, does this new
system fix? It looks like a lot of thought went into the process
(thanks for the PDF link, DRC), and most of the issues raised here are
addressed (conflicts, abuse/phishing grabs, etc.) - I'm just still
unclear what the motivation for this new system was in the first
place.

I'm not opposed to it if it solves a legitimate technical/operational
issue that's germaine to either the operators of the Internet or the
users of the Internet, but so far I can't see that this serves either
of those communities. In fact, it could very well be argued that a
slew of new TLDs (whether a few dozen or a few hundred) will only
serve to increase complexity and add additional confusion to a system
that the standard user has just now come to grips with
("www.company.com will get me Company's official, legitimate page").

perhaps somebody with more insight can explain the rationale to me
(DRC?) - is there a purpose served here aside from corporate/legal
interests?

thanks,

I suspect one's view as to whether a purpose is served is largely subjective.

Some folks believe that by liberalizing the rules, innovators will come up with new and interesting uses of the DNS namespace. A commonly cited example of this innovation would be the establishment of a ".BANK" top-level domain that has some assurance that registrants in that domain were actually 'certified' banks and thus would have a higher level of trust regarding banking transactions than registrants in (say) ".SCAMMERS".

Other folks believe that anything that reduces the effective monopoly VeriSign has (through .COM and .NET) would be a good thing. This view holds that by increasing the number of top-level domains, you increase the opportunities for consumer (that is, domain registrant) choice, thereby reducing the value of any single top-level domain.

And then there are the folks that claim "all the good names are gone", either registered appropriately or squatted on by IPR holders or scammers, thus new top-level domains are necessary in order to allow more "good names".

Of course, there are a myriad other views, both positive and negative. However, more generally, ICANN was established in order to allow private (read: non-government) management of the Internet namespace under the assumption that public (read: governmental or inter-governmental, i.e. treaty organizations like the ITU) management would be too slow, too beholden to geo-political interests, and/or stifle innovation. A key component of this management was explicitly stated as being the promotion of competition. While one might argue that creating new top-level domains doesn't really promote competition given the cost of changing from one domain name to another, realistically, I figure there aren't many other ways in which additional opportunities for competition can be created.

FWIW.

Regards,
-drc
(speaking only for myself)

It strikes me as fomenting another gold rush. The notion that disputed TLDs go up for auction sounds like a request for a nice, high quality money printing device. I may have skimmed over it, but where does the money from these auctions go? At the risk of invoking Ron Paul, this will turn TLDs into a fiat currency, and devalue the rest of them. A small subset of people will profit, and everyone else loses.

Off the top of my head, I can see some high dollar fist fights breaking out for .sex, .porn, .games, .hotel, etc. It'll be like the .alt tree on usenet for people with money. There may also be an actual fist fight over TLDs like .irc, .leet, .goatse, and .krad. Maybe not .krad.

I agree with Scott, I'd rather see ICANN spend time on current problems instead of making new ones.

- billn

Funny you should say that.

On my way back from lunch, I heard an ad on the radio for a company in
town that said: "or visit blueridgerealestate.org".

Yep. dot-org, because the dot-com variant is owned by another company
some 50 miles from here.

And doing a 'whois' on both shows that "company" didn't get "company.com"
because somebody else snagged it first. So it's a crap shoot regarding
whether the .com gets you the "official legitimate page"...

perhaps somebody with more insight can explain the rationale to me
(DRC?) - is there a purpose served here aside from corporate/legal
interests?

It strikes me as fomenting another gold rush. The notion that disputed TLDs go up for auction sounds like a request for a nice, high quality money printing device. I may have skimmed over it, but where does the money from these auctions go? At the risk of invoking Ron Paul, this will turn TLDs into a fiat currency, and devalue the rest of them. A small subset of people will profit, and everyone else loses.

Off the top of my head, I can see some high dollar fist fights breaking out for .sex, .porn, .games, .hotel, etc. It'll be like the .alt tree on usenet for people with money. There may also be an actual fist fight over TLDs like .irc, .leet, .goatse, and .krad. Maybe not .krad.

The Newdom WG was frequently insane, reaching its peak in the hack for which Eugene Kashpureff went to jail.
I for one would not want to go there again.

I agree with Scott, I'd rather see ICANN spend time on current problems instead of making new ones.

+1

- billn

Marshall

David Conrad (drc) writes:

Other folks believe that anything that reduces the effective monopoly
VeriSign has (through .COM and .NET) would be a good thing. This view
holds that by increasing the number of top-level domains, you increase the
opportunities for consumer (that is, domain registrant) choice, thereby
reducing the value of any single top-level domain.

  The process ensures that too few new TLDs will be created for
  it being a threat to VeriSign, but sufficiently enough of them
  will be created that it will bring in lots of cash, if only with
  application fees, auction, but also because of the perceived rarity.

  As business models go, it's a fine example of how to build demand
  without really servicing the community.

component of this management was explicitly stated as being the promotion
of competition. While one might argue that creating new top-level domains
doesn't really promote competition given the cost of changing from one
domain name to another, realistically, I figure there aren't many other
ways in which additional opportunities for competition can be created.

  Allowing anyone to register a TLD is one, but I do agree it's
  not necessarily a trivial model.

that's exactly my point! it's _not_ reliable, but it's the behavior
that the average user has come to expect. If we can't even guarantee
reliability with the small handful of TLDs currently in use, when we
start introducing arbitrary new ones to anybody that can pay, I'm
concerned that it's going to make user support even more of a headache
(for those of us unfortunate enough to be involved in that role,
professionally or personally :))

realistically, I figure there aren't many other ways in which
additional opportunities for competition can be created.

Allowing anyone to register a TLD is one, but I do agree it's not
necessarily a trivial model.

we have two tools with which to build scale, distribution and hierarchy.
this goes against both, though maybe the latter a bit more than the former.

this is one of those where the short term business/political gain trumps
the long term pain it can cause. we're not very good at this kind of
trade-off because we discount future pain very very heavily.

and you gotta love the spin that excess pain will be damped by the very
high fee. i wonder how much of it will go to where the pain is actually
felt, the root servers.

randy

that's exactly my point! it's _not_ reliable, but it's the behavior
that the average user has come to expect. If we can't even guarantee
reliability with the small handful of TLDs currently in use, when we
start introducing arbitrary new ones to anybody that can pay, I'm
concerned that it's going to make user support even more of a headache
(for those of us unfortunate enough to be involved in that role,
professionally or personally :))
--
darkuncle@{gmail.com,darkuncle.net} || 0x5537F527
http://darkuncle.net/pubkey.asc for public key

It's amusing to see companies actually profit from this behavior. The poker gambling sites know they can't advertise on TV as a gambling site, so everyone of their ads mention *.net which is their play for free site. They know that a major of people will instead go to their *.com website which isn't a free site.

That sounds like the "gun control will reduce gun crime" argument, to
me.

If there are enough *widely used* (generic) TLDs, then *people will stop
believing that ".com is the 'real' domain" (wasn't that Verisign's
sales pitch, once upon a time?).

Cheers
-- jra

Out of curiosity, what are the problems you feel ICANN should be spending its time on?

Regards,
-drc

This remains to be seen, at least from my perspective. I have no idea how many TLDs are going to make it through the gauntlet or even how many applicants there will be. If nothing else, I'm sure it'll be 'interesting' (for some value of that variable).

Regards,
-drc

I might suggest that the assumption that reliability can be guaranteed by TLD (any number), regardless of what the labels might imply, is where things are broken. That ship has sailed (and already crashed into the rocks and sunk).

Regards,
-drc

indeed, TLD provides no assurance of authenticity. However, my concern
is that adding add'l TLDs will make this problem worse, not better -
what little assurance we have that e.g. bankofamerica.com is the
legitimate (or should I say, _a_ legitimate) site for the financial
institution of the same name becomes less certain when we have e.g.
bank.of.america, www.bankofamerica.bank, www.bankofamerica, www.bofa,
and other variants.

Perhaps the solution is to devalue names (through the introduction of
some theoretically unlimited number of variants) to the point that
users come to rely upon reputation-based systems (e.g. PageRank)
exclusively.

Or maybe I'm just brewing a tempest in a teapot. *shrug* What I do
know is that the folks @ ICANN who were involved in this are
universally more experienced than myself, so I think perhaps I'll pipe
down for a while and see what happens.

cheers,

Bill Nash wrote:

Off the top of my head, I can see some high dollar fist fights breaking
out for .sex, .porn, .games, .hotel, etc. It'll be like the .alt tree on
usenet for people with money. There may also be an actual fist fight over
TLDs like .irc, .leet, .goatse, and .krad. Maybe not .krad.

Say I am a pastry chef, and I pay $40 per year for "pastry.com", I got
it because I signed up early and now cherish my domain name. I am a
small business.

But now, some rich guy can come in and bid for .pastry

I have no money to participate in this endeavour, and no intentions of
running my own TLD. All I can do is voice an objection, but if the other
guy is also involved in food, he is likely to convince ICANN's comittees
that it is a legitimate request.

Then you end up with pastry.com being the original small business, and
.pastry being anything else. This will lead to a lot of confusion.

Yeah, for guys with deep pockets like yahoo, google, banks, GE and oil
companies, they won't even notice a dent in their wallets when they
register their own .TLD . For small businesses who worked early to get
THEY name attached to a .com, they now see the value of their domain
name evaporate because anyone else can now use a confusing variation of
it and you just don't have the money to bid/auction against them

I didn't have the time to carefully read all the documents that were
pointed to here, but are there any requirements for a TLD to operate a
true WHOIS server so people can easily verify the indetity of some site
using a new .TLD ?

(aka: to enable people to see that pastry.com is the original shop,
while www.pastry is some impostor who started a pastry shop that is
unrelated to pastry.com)

In article <Pine.LNX.4.64.0806271051500.5759@pegasus.billn.net>, Bill Nash <billn@billn.net> writes

I agree with Scott, I'd rather see ICANN spend time on current problems instead of making new ones.

Did you express that opinion to the Paris meeting?

[Not an attack on you specifically, but as this process has been ongoing for at least five years, I think I detect a number of people here hastily building stables, debating what kind of door to attach, when the horse is already several blocks away.]

This will prove interesting for users who are still using browsers that will
automagically prepend 'www.' and append '.com'..

what little assurance we have that e.g. bankofamerica.com is the
legitimate (or should I say, _a_ legitimate) site for the financial
institution of the same name becomes less certain when we have e.g.
bank.of.america, www.bankofamerica.bank, www.bankofamerica, www.bofa,
and other variants.

I agree, but we already face that problem now. Is bankofamerica.{org,net,us} the same thing as bankofamerica.com? I would agree that a flood of new TLDs would exacerbate the problem, but I suspect the difference is between a run over on a two lane street versus being run over on a five lane highway. In both cases, you're road pizza....

Perhaps the solution is to devalue names (through the introduction of
some theoretically unlimited number of variants) to the point that
users come to rely upon reputation-based systems (e.g. PageRank)
exclusively.

I suspect the right answer is to rely not on reputation or labels, but rather stronger security credentials, e.g., valid X.509 certs, PGP/GPG signatures, etc. Of course, that's been true for a while now.

Regards,
-drc

For starters, has Verisign ever been sanctioned by ICANN for it's business practices, with stupid stuff occurring as late as what, this past February (the front running debacle)? If ICANN is supposed to be encouraging competition, et cetera, why is Verisign still in business?

Also, show me a single registrar that actually gaurantees their service. Almost every registrar has boilerplate user agreements that shafts the domain owner in the event of any failure, even if the registrar screws it up. I'm not talking about some standard protection against user errors or identidy theft, I'm talking about a genuine 'If our service breaks, you get to keep both halves.'

Would you use a registrar with these terms of service? I bet you do.
Would you use them if you had a choice? I bet you wouldn't.

"Because certain states do not permit the limitation of elimination of liability for certain types of damage, $registrar's liability shall be limited to the smallest amount permitted by law. $registrar disclaims any loss or liability resulting from:

    1. access delays or interruptions to our web site or domain name registration system;
    3. events beyond our control (i.e. acts of God);
    4. the loss of registration or processing of a domain name or the use of a domain name;
    5. the failure for whatever reason to renew a domain name registration;
    7. errors, omissions or misstatements;
    8. deletion of, failure to store, or failure to process or act upon email messages;
    9. processing of updated information to Your registration record;
   11. errors taking place with regard to the processing of Your application;"

I pulled a couple of lines out because they were things that I felt a registrar might actually be indemnified, in the event of, but seriously.
How does an entire class of business truly serve the consumer with these kinds of policies?

reg·is·trar
1. a person who keeps a record; an official recorder.
2. an agent of a bank, trust company, or other corporation who is responsible for certifying and registering issues of securities.

Except for domain registrars, who are only really a registrar when they make a mistake that could cost your entire commercial enterprise.

I'll be the first to admit there's been progress made on the front of preventing domain theft and other shenanigans, but when it comes down to it, running a domain registry doesn't seem to be in the best interests of the primary consumers of such a product.

- billn

Edit: s/when/until/

Beer:30.

- billn