wampum.wabanaki.net

The editorial page of the Wall Street Journal has elected to publish an advocacy piece by Dr. Andrea Renda with the catchy title Andrea Renda: The U.N., Internet Regulator?. He errs in describing the Jon Postel period as "governance by private bodies". Next, he errs in ascribing to "civil society" a role equal to "business" in GNSO policy development. The wish list of "coulds" to improve the current balance of forces takes note of the single state with sole control over a resource (the IANA contract), but ignores the single corporation with monopoly power over another resource (the .com contract), and the limited success over the past decade to realize any of the enumerated "coulds". All in all, a good essay by any Chicago school ideologue -- free markets, no regulations, and no purpose for communication other than private profit and "free expression" for early adopters, so no fundamental problem of universal access yet to solve.

The image is the visual which accompanies the study released today (pdf) by Reporters sans frontières (RSF). I'll provide the details in updates for France, Australia, India and Egypt.

Normally today I'd be attending the GNSO Council working session, however college kids got all the sane flight tickets to Costa Rica so I'm a SAH policy wonk and coder this week. I did celebrate the beginning of the shark-and-chum-show yesterday morning with an "OUTSTANDING!!!" when I read the morning's mail from the General Services Administration -- it contained a link to the following:

---

Notice - Cancelled Internet Assigned Numbers Authority (IANA) Functions - Request for Proposal (RFP) SA1301-12-RP-IANA

Topics/Subtopics:

Domain Name System

Date:
March 10, 2012

The National Telecommunications and Information Administration (NTIA) remains committed to preserving the stability and security of the Internet's domain name system (DNS). Critical to the DNS is the continued performance of the Internet Assigned Numbers Authority (IANA) functions. In anticipation of the impending expiration of the IANA functions contract, NTIA, via two public notices in February and June 2011, consulted on how best to enhance the performance of the IANA functions. Based on the input received from stakeholders around the world, NTIA added new requirements to the IANA functions’ statement of work, including the need for structural separation of policymaking from implementation, a robust companywide conflict of interest policy, provisions reflecting heightened respect for local country laws, and a series of consultation and reporting requirements to increase transparency and accountability to the international community.

On November 10, 2011, the Department of Commerce issued a Request for Proposal (RFP) SA1301-12-RP-IANA for a new IANA functions contract with a deadline of December 19, 2011. The government may cancel any solicitation that does not meet the requirements. Accordingly, we are cancelling this RFP because we received no proposals that met the requirements requested by the global community. The Department intends to reissue the RFP at a future date to be determined (TBD) so that the requirements of the global internet community can be served. Interested parties are encouraged to visit www.fbo.gov for updates.

---

What is "outstanding!" about the cancellation is that the far too brief notice to potential contractors last December has been extended -- the government has not settled for the only offer it received -- from the incumbent contractor. The original RFP invited responses from universities, non-profit corporations, and for-profit corporations located in the United States. The requirements -- well, they're summarized in para 1 above -- real separation of implementation (IANA function) from policymaking (ICANN GNSO politics), conflict of interest policy (no revolving door), reduced dominance of private interests over public interests (jurisdictions and laws), and reducing industry capture (transparency and accountability to more parties than "ICANN insiders", to quote from the Affirmation of Commitments).

The phrase " ... we received no proposals that met the requirements requested by the global community." is revealing.

Prior posts: here. Time to circulate a letter.

Jonah's schedule has been wildly erratic for weeks, but there's some improvements -- I will be able to drive to Binghamton and take a course or two.

Reuters is carrying a piece by Joseph Menn, Key Internet operator VeriSign hit by hackers.

Several paras caught my eye. These two:

"Oh my God," said Stewart Baker, former assistant secretary of the Department of Homeland Security and before that the top lawyer at the National Security Agency. "That could allow people to imitate almost any company on the Net."

The VeriSign attacks were revealed in a quarterly U.S. Securities and Exchange Commission filing in October that followed new guidelines on reporting security breaches to investors. It was the most striking disclosure to emerge in a review by Reuters of more than 2,000 documents mentioning breach risks since the SEC guidance was published.

And this one:

Ken Silva, who was VeriSign's chief technology officer for three years until November 2010, said he had not learned of the intrusion until contacted by Reuters. Given the time elapsed since the attack and the vague language in the SEC filing, he said VeriSign "probably can't draw an accurate assessment" of the damage.

I've met Ken several times while he was CTO of (the whale) VGRS and I was CTO of (a minnow) CORE. I think his assessment (VGRS's inability to draw an accurate assessment at the point in time it disclosed the breach to the SEC) is likely to be correct.

I've no idea if this was disclosed to ICANN and/or the DoC as part of the .net contract renewal. The notion that the duty of disclosure by publicly traded corporations of operational failure extends to SEC, for the protection of investors, and no further, comes as a surprise. This is the dot after all.

The ICANN Bylaws entity, the Address Supporting Organization, will begin public consideration of the candidates for ICANN Board Seat #9, currently held by Ray Plzak. I've offered to serve, as has Martin Levy, Bill Manning, and Ray Plzak.

After granting a blanket half dollar in additional profits to the price capped registries, each beneficiary is rolling out its price hike implementation. Neustar today raised its wholesale price for new registrations, transfers and renewals for its .biz inventory by $0.55 per domain per year. Three weeks ago the Internet Society ran the same plan concerning it's .org inventory.

What justifies the price increase? The triumphant competition narrative has been that since the competitive registrar testbed was introduced in 2000 that prices for domains have fallen from $35 to $6. How is that narrative "enhanced" by a program of price increases for the price capped inventories, and what base costs, or contractions, can support a necessity claim for an increase in end-user costs?

The 2012 edition of one of my favorite wall hangings is out. I'll have to pass on the purchase (I've the 2009 version I picked up to add some visual interest to an otherwise dull vendor exhibit that kept getting recycled, at ICANN meeting after ICANN meeting), but it is fun to peer at (pun).

In today's Le Monde there is a useful five-part infographic showing how name to address resolution works, from the end user associating his or her endpoint device, e.g., a browser, with a file shareing resource, e.g., Megaupload.com, and how the FBI interposed on the name to resource mapping, preventing such associations. The amount of French poor Francophobes must read to understand the sequence of wire frame diagrams is limited (and Google does translate for those that need help). See Comment le FBI a-t-il bloqué Megaupload ?.

In updates to this post I'll expand on the aspects I think interesting.

First, while the DoJ sites are servicing the LOIC loads, a copy of the indictment can be found here: MegaUpload.pdf.

Second, to quote from the NYTimes piece to get to a quote from GW Law's Orin Kerr

The Megaupload case is unusual, said Orin S. Kerr, a law professor at George Washington University, in that federal prosecutors obtained the private e-mails of Megaupload’s operators in an effort to show they were operating in bad faith.

"The government hopes to use their private words against them," Mr. Kerr said. "This should scare the owners and operators of similar sites."

See 17 USC 512(c)(1)(A) for the significance.

Update 1:
A writer for the LA Times provides an interesting view in http://opinion.latimes.com/opinionla/2012/01/copyrights-feds-push-novel-theories-in-megaupload-case.html.

The Meagupload case has generated a response, LOIC has been deployed. The collective's targeteers have selected the US DoJ and other high-value targets of the public facing (non-operational) US critical infrastructure, effecting a reduction of efficacy of the USG's direct messaging outlets, and the public facing critical infrastructure of Universal and other major political contributors to the SOPA/PIPA/... copy suppression bills.