US control of ICANN is a big deal


There’s been a few headlines decrying the Obama Commerce Department’s decision to cede control of ICANN to “the world”.  Most people react to these with some mild foreboding or irritation.

It really is a big deal though.

If the US really does transfer ICANN control to some international body, it could permanently and irretrievably destroy trust in the entire Internet.  In fact, it probably will.

Back in the 1990’s, I started and ran a successful internet service provider.  To build customer base, I used to teach Saturday morning classes about “how the Internet works”.  Having an educated customer base really helps bring in more customers, not to mention eliminating some small portion of absurd customer helpline calls (I’m not going there, and you don’t have six hours to hear those stories).

Internet 101:  It’s not magic

Every computer connected to the Internet has an Internet Protocol (IP) address.  The current in-use version of IP (IPv4) only has 4.3 billion available addresses.  So since the 1990’s we’ve used tricks to assign more than one computer to a single address.  These tricks are still in use.  There’s another version of IP called IPv6 but, despite Chicken Little warnings that IPv4 is about to use the last valid address in the world, and no more souls could enter Heaven, the move to IPv6 has been slow and rocky (IPv6 has approximately 3.4 x 10 to the 38th power addresses, a really huge number).

Even with “just” 4.3 billion addresses, there’s no way any human could ever remember the address to more than just a few servers.  So a system called “Domain Name Service” (DNS) was developed to allow servers to be named, and those names translated into addresses.

DNS is what’s known as a “distributed database”.  It means that each “domain name” (such as redstate) has a particular server that is the authority for knowing the addresses for every computer in that domain.  Domains are written left to right in more specific to less specific terms, separated by “dots” (“.”).  So “www.redstate.com” is broken up into three parts:  “www”, “redstate”, and “com”, where “www” is the actual computer (server) name, “redstate” is the domain, and “com” is also a domain.

The “com” part is a special domain called a “Top Level Domain” (TLD).  TLD’s are special because they are the top of the DNS food chain.  Here’s how the whole thing works:

  1. Your computer asks your ISP for the address of “www.redstate.com”
  2. Your ISP’s DNS server asks the DNS server for “com” for the address of the DNS server for “redstate”
  3. Your ISP’s DNS server asks the DNS server for “redstate.com” for the address of the computer (host) named “www”
  4. Your computer then uses the IP address for “www.redstate.com” to connect to their server

The entire transaction takes a fraction of a second.  Of course there is more complexity to this to improve speed and reliability, but really, if you take a new computer out of a box for the first time, those 4 steps are exactly what happens.

Who owns IP addresses and TLDs?

IP addresses and TLDs are owned by ICANN–the Internet Corporation for Assigned Names and Numbers, and administered by a division of ICANN called IANA (Internet Assigned Numbers Authority).  Together, ICANN and IANA control the entire Internet.

If someone wants a new TLD (such as .xxx which is supposed to be used for adult content, for example), ICANN has to approve that first, and IANA has to “seed” the TLD “root” servers to recognize the new TLD, so that servers can call themselves “www.stupidestideaever.xxx” (I hope that’s not a real name because I am afraid to type it into my browser to check).

There are currently 13 organizations who are allowed to have root DNS servers.

Screen Shot 2014-04-23 at 8.34.24 AM

Most of these organizations have not changed in decades.  They are entrusted with the basic Jedi knowledge to maintain the Internet, and not allow criminals, for example, to redirect “healthcare.gov” to some hacker site to steal identities.  You know if the hackers could, they would redirect valid servers for their own purposes  (and they do it in other ways, but generally not by corrupting the root servers).

IP addresses are similarly doled out to regions worldwide and individual countries.  This prevents Russia, for example, from using the same addresses that are assigned to the US DoD.  That would be very confusing, like having two people with the same phone number, and depending on who is calling, the call might go to one person, or to the other.

It’s all about trust, and there’s no “undo”

The entire Internet is based on trust, and it’s controlled by a surprisingly small number of computers.  ICANN and IANA came into being to preserve trust, backed by the US Government.

Now, our government has decided that the rest of the world is just as trustworthy as the US Government to shepherd and safeguard the Internet.  This is part of the big pattern of American Unexceptionalism that President Obama and his Obots have self-flagellated for the past eight years.  “What makes us so special?”  Oh, you’re right, let’s just trust a polyglot collection of conflicting interests to manage all the data in the world.  That makes perfect sense.

Of course the rest of the world has been crying for a “say” in managing ICANN.  They want to craft the Internet in their own image.  I don’t think China and Russia are interested in preserving international trust in the system.  I think they want one thing:  control.  They accuse the US of exercising monolithic control of the Internet, but in reality, our control is what preserves trust in the system.  They have no interest in trust, only control.

Here’s what can happen once ICANN control is moved to “international” oversight.

Russia, who has already blocked sites it dislikes about the Ukrainian situation, could instead simply remove or redirect entire segments of the Internet through its root servers, and force the rest of the world to “deal with it.”  Right now, they can change their own DNS servers, and use firewalls and other filters at a national level to block content for Russians, but with access to ICANN and IANA resources, they can mess with the entire Internet, all over the world.

Once the first “deal with it” moment happens in the New World Order, what will follow?  Americans will scream and cry for trust to be restored to the Internet.  We will want to “take it back” and make ICANN and IANA American again.  But it will be too late.

Ceding ICANN authority to “the international community” is a big flashing pop-up window that says “WARNING:  This action cannot be undone”.  The best option, for America and for the world, is just to click “cancel”.