Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 39
Signposts in Cyberspace: The Domain Name System and Internet Navigation 2 The Domain Name System: Emergence and Evolution The Domain Name System (DNS) was designed and deployed in the 1980s to overcome technical and operational constraints of its predecessor, the HOSTS.TXT system. Some of the initial design decisions have proven to be extraordinarily flexible in accommodating major changes in the scale and scope of the DNS. Other initial design decisions constrain technical and policy choices to the present day. Thus, an understanding of the system architecture and the rationale for the design characteristics of the DNS provides the base for understanding how the DNS has evolved to the present and for evaluating possibilities for its future. This chapter outlines the origin and development of the DNS and describes its key design characteristics, which include both technological and organizational aspects.1 2.1 ORIGIN OF THE DOMAIN NAME SYSTEM For the first decade or so of the ARPANET,2 the host3 table file (HOSTS.TXT) served as its directory. HOSTS.TXT provided the network 1 A general presentation of the history of the Internet is beyond the scope of this report. One source of documentation on the Internet’s history is available at <http://www.isoc.org/internet/history/>. 2 The Internet grew out of the ARPANET project (funded by the Defense Advanced Research Projects Agency (DARPA), which was known as ARPA for a period of its history); for many years the ARPANET served as the core of the Internet. 3 A host is the primary or controlling computer in a network.
OCR for page 40
Signposts in Cyberspace: The Domain Name System and Internet Navigation address for each host on the ARPANET,4 which could be looked up by using the host’s one-word English language name, acronym, or abbreviation. The Network Information Center (NIC) at the Stanford Research Institute5 managed the registration of hosts and the distribution of the information needed to keep the HOSTS.TXT file current. The list of host names and their mapping to and from network addresses was maintained in the frequently updated HOSTS.TXT file, which was copied to and stored in each computer connected to the ARPANET. Thus, HOSTS.TXT6 was introduced to: Simplify the identification of computers on the ARPANET. Simple and familiar names are much easier for humans to remember than lengthy (12-digit) numeric strings; and Provide stability when addresses changed. Since addresses in the ARPANET were a function of network topology and routing,7 they often had to be changed when topology or routing changed. Names in the host table could remain unchanged even as addresses changed. The HOSTS.TXT file had a very simple format. Each line in HOSTS.TXT included information about a single host, such as the network address, and when provided, system manufacturer and model number, operating system, and a listing of the protocols that were supported. Because a copy of the host table was stored in every computer on the ARPANET, each time a new computer was added to the network, or an- 4 These network addresses could be represented using the Internet Protocol (IP) format or in the equivalent (now unused) ARPANET Network Control Protocol (NCP) format. The most widely used version (v4) of IP represents addresses using 32 bits, usually expressed as four integers in the range from 0 to 255, separated by dots. An example of an IP address is 220.127.116.11. 5 Stanford Research Institute became known as SRI International in 1977. 6 For further discussion, see L. Peter Deutsch, “Host Names On-line,” Request for Comments (RFC) 606, December 1973; Ken Harrenstien, Vic White, and Elizabeth Feinler, “Hostnames Server,” RFC 811, March 1982; and Ken Harrenstien, M. Stahl, and Elizabeth Feinler, “DOD Internet Host Table Specification,” RFC 952, October 1985, all available at <http://www.rfc-editor.org>. RFCs are created to document technical and organizational aspects of the Internet. The Internet Engineering Task Force (IETF) manages the process for discussing, evaluating, and approving RFCs. See Box 3.3. For a discussion of the role of the DNS more generally, see John C. Klensin, “Role of the Domain Name System,” RFC 3467, February 2003. 7 Routing refers to the way data flowed on the ARPANET. Data transmitted from point A to point B might have traversed many different paths, or routes, on the ARPANET. Note that the ARPANET, as the original network to employ the Internet Protocol (IP), was often referred to as “the Internet,” although the term later formally encompassed the aggregate of interconnected IP-based networks.
OCR for page 41
Signposts in Cyberspace: The Domain Name System and Internet Navigation other update was made, the entire table had to be sent to every computer on the network for the change to be recognized.8 As increasing numbers of computers joined the ARPANET, the updating task became more and more burdensome and subject to error and failure, and, as a consequence, several major problems developed from the use of the HOSTS.TXT file: Failure to scale. As the ARPANET started to grow rapidly, it became clear that the centralized HOSTS.TXT file failed to scale in two ways. First, the volume of updates threatened to overwhelm the NIC staff maintaining HOSTS.TXT. Second, because every system needed to have an up-to-date copy of HOSTS.TXT, announcement of a new copy of HOSTS.TXT meant that the NIC server where the current version of HOSTS.TXT was stored was inundated with attempts to download the file. Moreover, the download problem was aggravated because HOSTS.TXT kept getting bigger. In short, more hosts on the network meant more updates, more hosts trying to download, and more data to download. Inadequate timeliness. It often took several days to get a new host listed in HOSTS.TXT while the NIC staff processed the request to add the host entry. Until it was listed and communicated, the host was effectively invisible to the rest of the ARPANET. In a community already becoming accustomed to getting data instantly over the network, this delay was a source of frustration. Similarly, correcting an error often took a few days, because fixes to any errors were not generally available until the next HOSTS.TXT file was released—which caused further frustration. The maintainers of some hosts also did not update their copies of the table at very frequent intervals, resulting in those hosts having obsolete or incomplete information even when the master copy of the table was up-to-date. Susceptibility to failure. The system had multiple ways to fail. Probably the most famous outage occurred when the NIC released a version of HOSTS.TXT that omitted the entry for the system where the HOSTS.TXT file was stored. When the subsequent HOSTS.TXT file was released, most systems could not download it, because they could not look up the relevant host name! There were also cases where partial tables were inadvertently released. Furthermore, seemingly innocuous additions to HOSTS.TXT could cause the programs that converted HOSTS.TXT into local formats to fail. Name conflicts. The HOSTS.TXT name space was flat, which meant that host names had to be unique. Popular host names such as Frodo were selected first, and so some people had to invent alternate names for their systems. 8 It was the obligation of individual network and host operators to download the latest HOSTS.TXT file to their machines.
OCR for page 42
Signposts in Cyberspace: The Domain Name System and Internet Navigation The emergence of these problems caused technologists to develop a new, distributed, method for managing the mapping of names and addresses. 2.2 DESIGNING THE DOMAIN NAME SYSTEM In the early 1980s, research on naming systems—systems for associating names with addresses—was underway and a few prototype naming systems had just been developed, most notably the Grapevine and Clearinghouse systems at the Xerox Palo Alto Research Center (PARC).9 Also in progress at this time was preliminary work on other computer network addressing standards such as X.400.10 Because of the uncertainty as to whether these research and development efforts would yield in the near term an operational system with the required functionality and needed scale, Internet researchers elected to develop their own protocols. In August 1982, Zaw-Sing Su and Jon Postel authored “The Domain Naming Convention for Internet User Applications,” Request for Comments (RFC) 819, which described how Internet naming should be changed to facilitate a distributed name system. As envisioned in this document, Internet names would be organized into logical hierarchies, represented by text components separated by a period (“.”) (thus the existing host “ISIF”—host computer “F” at the Information Sciences Institute (ISI)—would become F.ISI), and the various parts of the name as assigned (i.e., the parts delimited with periods) would be managed by different network servers. RFC 819 specified only how names would be represented—the details of how the management of various parts of assigned names would take place operationally by the different network servers remained to be determined. In November 1983, Paul Mockapetris authored “Domain Names—Concepts and Facilities” (RFC 882) and “Domain Names—Implementation and Specification” (RFC 883), which specified a set of protocols, called the Domain Name System, that implemented the hierarchical name space proposed by Su and Postel. Reflecting the discussions of the previous several months on the electronic mail list Namedroppers, the proposed DNS 9 See Andrew D. Birrell, Roy Levin, Roger M. Needham, and Michael D. Schroeder, “Grapevine: An Exercise in Distributed Computing,” Communications of the ACM 25(4):260-274, 1982. 10 The International Organization for Standardization and the International Telecommunication Union endorsed X.400 as a standard that describes a messaging service (e.g., electronic mail). The first version of X.400 was published in 1984 by the Comité Consultatif International Téléphonique et Télégraphique (CCITT), which is now the International Telecommunication Union–Telecommunication Standardization Sector (ITU-T).
OCR for page 43
Signposts in Cyberspace: The Domain Name System and Internet Navigation supported more sophisticated services and features than simply converting host names to addresses (e.g., the proposed system would provide a way to map a name to different addresses, depending on the purpose for which an inquiry was being made). With some modest changes, the proposed protocols are exactly those in use two decades later. Conceptually, the DNS is implemented through a distributed and hierarchical series of tables, linked like the branches of an inverted tree springing from a single, common root. When an address is sought, the search proceeds successively from the table at the root (or top) of the tree to successive branches and leaves, or lower tables, until the table that holds the desired address is found. For a particular query, only the last table in the search serves as a white pages directory. All of the other tables serve as directories of directories, each one pointing to lower-level directories on a path to the one holding the desired address. Thus, the entries in a table at any given level of the tree can include pointers to lower-level tables as well as final network addresses. See Figure 2.1. When a change is made in the network, only the table directly affected by that change must be updated and only the local organization (e.g., the system administration function in a university or corporation) responsible for that table needs to make the update. As a result, the work of registering changes is distributed among many organizations, thus reducing the burden each must carry. The DNS naming syntax corresponds to the levels in the hierarchical tree. Each node in the tree has a name that identifies it relative to the node FIGURE 2.1 The hierarchical Domain Name System inverted tree structure.
OCR for page 44
Signposts in Cyberspace: The Domain Name System and Internet Navigation above it. The highest level, the “root node,” has the null name. In text it is written as a single dot (“.”) or simply implied (and thus not shown at all). Each node below the root is the root of another subtree, a domain, that can in turn be further divided into additional subtrees, called subdomains. Each subdomain is written in text to include its name and the subdomains above it in the applicable hierarchy. In Figure 2.1, .com, .org, and .edu are top-level domains (TLDs) and cstb.org, mit.edu, and ibm.com are subdomains of the TLDs, often called second-level domains. The third-level domain, csail.mit.edu, is a subdomain within the mit.edu second-level domain. The DNS name of a computer is the name of its node or end point in the Domain Name System. Thus, frodo.csail.mit.edu would be the computer (or device) named “frodo” that is located within the csail.mit.edu subdomain of the mit.edu second-level domain within the .edu TLD. On the other hand, myownpersonalcomputer.com (without any further subdomains) could point directly to a particular computer. Applications, such as Web browsers and e-mail software, use domain names as part of the Uniform Resource Identifiers (URIs; see Box 6.2) or other references that incorporate information about the protocols required for communication with the desired information source. Examples of URIs are http://www.national-academies.org and mailto:firstname.lastname@example.org. In the first example, “http” refers to the Hypertext Transfer Protocol (HTTP) used for communication with sites on the World Wide Web. In the second example, a particular user at the host identified by “example.com” is identified as the addressee for electronic mail. In terms of information technology, the Domain Name System is implemented through a series of name servers that are located at each of the nodes in the hierarchy. Each name server contains a table that indicates the locations of the name servers immediately below it in the hierarchy and the portion of the hierarchy for which it contains the final (authoritative) network addresses. Thus, the root name servers (at the top of the hierarchy) contain the locations of each of the name servers for the top-level domains.11 At any given node, such as .com or ibm.com, there are expected to be multiple (physical) name servers at different Internet Protocol (IP) addresses, each with identical information; the purpose of this redundancy is to share the workload to ensure adequate system performance. When a user wants to reach www.national-academies.org, his or her computer usually sends a message to a nearby name server (usually local or operated by the user’s Internet service provider), where software (called 11 Each of these root name servers contains identical information; the purpose of having multiple root name servers is to distribute the query workload and ensure reliable operation. Specifics concerning the root name servers are discussed in Chapter 3.
OCR for page 45
Signposts in Cyberspace: The Domain Name System and Internet Navigation a resolver), in conjunction with other name servers and resolvers, performs a series of queries to find the name server that is authoritative for www.national-academies.org. That server is then queried for the corresponding IP address(es) and returns the resulting address(es) to the user’s computer.12 2.2.1 Simple, Mnemonic, and Deeply Hierarchical Names As indicated above, domain names were intended to enable a more convenient and efficient way of referring to IP addresses and other information, using a simple taxonomy. The early DNS included eight generic top-level domains (gTLDs): .edu (institutions of higher education—most of which were based in the United States), .gov (U.S. government), .mil (U.S. military), .com (commerce), .net (network resources), .org (other organizations and persons13), .int (international treaty organizations), and .arpa (network infrastructure).14 In addition, country-code top-level domains (ccTLDs) were created based on the two-letter code set (e.g., .gh for Ghana or .au for Australia) in the ISO 3166-1 standard.15 Despite the ability of the protocols and data structures themselves to accommodate any binary representation, DNS names were historically restricted to a subset of the ASCII character set.16 Selection of that subset was driven in part by human factors considerations, including a desire to eliminate possible ambiguities in an international context. Hence, character codes that had international variations in interpretation were excluded; the underscore character (too much like a hyphen) and case distinctions (upper versus lower) were eliminated as being confusing when written or read by people; and so on. These considerations appear to be very similar to those that resulted in similarly restricted character sets being used as protocol elements in many International Telecommunication Union (ITU) and International Organization for Standardization (ISO) protocols. 12 The summary provided in this paragraph is quite simplified; there are many discrete technical processes that are not articulated here. See Chapter 3 for a more detailed explanation. 13 Initially, the .org TLD was intended as the category for organizations and individuals that did not fall into any of the other categories. Through time, many individuals increasingly viewed .org as representing the domain name space for non-profit organizations. 14 These definitions of the gTLDs were generally followed, although a number of exceptions existed. 15 Thus, the determination of what constitutes a country did not need to be addressed by those who administer the DNS. See <http://www.iso.org/iso/en/prodsservices/iso3166ma/index.html>. 16 This subset, which derives primarily from the original HOSTS.TXT naming rules, includes the 10 Arabic digits, the 26 letters of the English alphabet, and the hyphen.
OCR for page 46
Signposts in Cyberspace: The Domain Name System and Internet Navigation Another initial assumption behind the design of the DNS was that there would be relatively many physical hosts for each second-level domain name and, more generally, that the system would be deeply hierarchical, with most systems (and names) at the third level or below. Some domains—those of most universities and some large corporations and the country code for the United States (.us)—follow this model, at least in its original design, but most do not17 (see Chapter 3 for discussion). However, experience through mid-year 2005 has shown that the DNS is robust enough—given contemporary machines as servers and current bandwidth norms—to operate reasonably well even though the design assumption of a deep hierarchy is not satisfied. Nonetheless, it is still useful to remember that the system could have been designed to work with a flat structure (e.g., the huge, flat structure under .com comprising tens of millions of names) rather than a deeply hierarchical one. For example, based on an assumption of a flat structure at the TLD level, one would probably not wish to assign specific operational responsibility by TLD (as is the case currently). Instead, it might have made more sense to design the system as one database that is replicated on a limited number of servers (to share the workload and coordinate updates in a manageable way). 2.2.2 Experimental Features The DNS specification included a number of experimental features, intended to enhance the services that the DNS could provide beyond simple name-to-address lookup. Several of these features were intended to facilitate improved support of electronic mail. Several resource records18 were intended to improve e-mail routing, helping to ensure that e-mail sent to a particular host took a reliable route to that host. The DNS also included features intended to support e-mail lists and aliases. The idea was to make it easier to maintain mailing lists and to forward mail when someone’s e-mail address changed. In addition, the DNS contained a feature to track “well-known services.” The purpose of this feature was to provide a list of services (e-mail, File Transfer Protocol, Web) that are 17 The .us country code TLD was designed originally to use geographical and political jurisdictions as subdomains. As one moves to the left, each subdomain represents a subset of the area represented by the immediately preceding name. For example, in the name “www.cnri.reston.va.us,” “va” represents the state of Virginia within the United States, “reston” represents a city within Virginia, and “cnri” represents an organization in the city of Reston. 18 Each table within the domain name tree hierarchy contains resource records, which are composed of fields such as the type (i.e., does this record correspond to a host address, an authoritative name server, or something else) and time to live (i.e., for what period of time may this record be cached before the source of the information should be consulted again?). See Box 3.2 for a detailed discussion of resource records.
OCR for page 47
Signposts in Cyberspace: The Domain Name System and Internet Navigation available from a host. Most of the experimental features have not been adopted for general use. Indeed, the original set of e-mail-related record types were deprecated in favor of a newer model (see Section 2.3.3) and the “well-known services” record was determined to be unworkable. 2.3 DEPLOYING THE DOMAIN NAME SYSTEM Whereas the design of the DNS looked reasonable on paper, several limitations of the new system, as with any new system, did not become apparent until initial deployment began. Addressing these limitations caused a delay in the full implementation of the DNS. The plan called for a switchover to the DNS in September 1984, but full conversion did not take place until 1987. Some of the delay was attributable to reconciling naming conflicts.19 A large part of the delay derived from a far longer than expected period to implement and debug the DNS, of which a significant portion derived from simple procrastination—just not getting around to installing and implementing the DNS. Another delay included the difficulty of retrofitting the DNS into old operating systems that were no longer actively maintained. 2.3.1 Caching The design of the DNS allows for the existence of caches. These are local data storage or memory that can significantly reduce the amount of network traffic associated with repeated successful queries for the same data by providing access to the data in servers closer to the end user than the authoritative name server.20 The data in these caches need to be refreshed at regular intervals21 to ensure that the cached data are valid. In the initial version of the DNS specification, several timing parameters had time-to-live limits of approximately 18 hours. It quickly became apparent, however, that in many cases data changed slowly, and so updating caches every 18 hours or so was unnecessary. As a consequence, the protocol specification was changed to increase the allowed range of these timing parameters; several other protocol parameters were also given expanded ranges, based on the theory that one incompatible protocol change early on would be better than a series of such changes. This happened early 19 Most or all of these conflicts were internal ones—for example, subunits of a university trying to obtain the same domain name as the university. 20 An additional potential benefit from the use of caches is an improvement in user response time. 21 As defined in the time-to-live field in the resource records. See Chapter 3.
OCR for page 48
Signposts in Cyberspace: The Domain Name System and Internet Navigation enough that there was no serious difficulty in deploying upgraded software. In its original design, the DNS did not have a corresponding mechanism for reducing the network traffic associated with repeated unsuccessful queries (i.e., queries for which no entry in the relevant authoritative table is found). Within a few years of the initial implementation of the DNS, it became apparent that such a mechanism would be beneficial, given the number of identical queries that are unsuccessful. A proposed mechanism for negative response caching was developed, and the data necessary to support it were added to the protocol in a way that did not affect software based on earlier versions of the protocol, but the full deployment of the new mechanism was slow. The name server side of the new mechanism was very simple and was deployed fairly quickly, but initial support for the client (user) side of the negative caching mechanism was limited to a few implementations and was not adopted more generally until much later. The lack of widespread and correct client-side support for negative caching is a problem that still persists.22 2.3.2 Lookup Timeouts The biggest single difficulty in the transition from HOSTS.TXT to the DNS, however, was not due to any specific shortcoming of the DNS. Rather, it was attributable to the fundamental change in the nature of the lookup mechanism. In the HOSTS.TXT world, any particular host lookup operation would either succeed or fail immediately—the HOSTS.TXT file is located on the user’s system; it is not dependent on Internet connectivity at the moment of lookup. The DNS added a third possible outcome to any lookup operation: a timeout attributable to any of a number of possible temporary failure conditions (e.g., the required name server is down, so one does not know whether the particular name is indeed in the table or not). The occurrence of a timeout indicates neither success nor failure; it is the equivalent of asking a yes or no question and being told “ask again later.” Many of the network programs that predated the DNS simply could not handle this third possibility and had to be rewritten. While 22 Users derive benefits from the implementation of negative caching, namely faster response times. The larger system also derives benefits through the reduced load of invalid queries. However, there are costs associated with the implementation and maintenance of negative caching. For a given user, if the estimated benefit deriving from faster response times is deemed to be worth less than the costs associated with negative caching, then the user is not likely to implement negative caching, even though the total benefits (which include the reduced load of invalid queries on the larger system) may exceed these costs. This phenomenon is explained under the rubric of what economists refer to as externalities.
OCR for page 49
Signposts in Cyberspace: The Domain Name System and Internet Navigation this was something of a problem for programs intended to be run directly by a user (e.g., one then-popular e-mail client checked the host name of every recipient during composition), it was a far more serious problem for programs that ran unattended, such as mail transfer agents. These programs had to be rewritten to handle DNS timeout errors in the same way as they would handle any other form of connection failure. Conceptually, this was simple enough, but it took several years to actually track down and fix all the places in all the programs that made implicit assumptions about the host lookup mechanism. Toward the end of this period, the Internet had entered an era of periodic “congestion collapses” that eventually led to a fundamental improvement in certain algorithms used in the Internet infrastructure. During each of these congestion collapses, DNS lookups (along with all other forms of Internet traffic) frequently timed out, which made it much more obvious which applications still needed to be converted to handle timeouts properly. To this day, however, correct handling of the possibility of timeouts during a DNS lookup represents an issue in application design. 2.3.3 Convergence in Electronic Mail Systems In the mid-1980s, the Internet was one of the major data networks.23 Although data could not move from one network to the next, e-mail was able to flow—through carefully designed e-mail gateways—between the networks. Some of the busiest computers on each network were the machines whose job it was to relay e-mail from one network to the next.24 Unfortunately, the system of gateways required users to route their e-mail by explicitly using the e-mail address. For instance, to send e-mail over the Internet to a colleague at Hewlett Packard Laboratories on the Computer Science Network (CSNET), one had to address the e-mail to email@example.com. This complex syntax says that the Internet should deliver the e-mail to relay.cs.net and then send the message on to the appropriate address on cs.net.25 Thus, some people had 23 These major data networks included BITNET, Internet, CSNET, UUCP, and Fidonet. See John S. Quarterman, The Matrix: Computer Networks and Conferencing Systems Worldwide, Digital Press, Bedford, Mass., 1990; and Donnalyn Frey, Buck Adams, and Rick Adams, !%@: A Directory of Electronic Mail Addressing and Networks, O’Reilly and Associates, Sebastopol, Calif., 1991. 24 For instance, relay.cs.net and seismo.css.gov, the e-mail gateways between the Internet and the Computer Science Network, and an important one of those between the Internet and the Unix-to-Unix network, respectively, were typically the top two hosts (in terms of traffic sent or received) on the ARPANET in the mid-1980s. 25 In some instances, the messages were even messier; someone on the Unix-to-Unix network (UUCP) might have to write an address such as <firstname.lastname@example.org> to send an e-mail.
OCR for page 68
Signposts in Cyberspace: The Domain Name System and Internet Navigation not achieved the political status of sovereigns, but that nevertheless wish to protect or control the use of their collective name. In some jurisdictions, the subunits of national governments, such as city administrations or port authorities, have claimed exclusive rights to the use of their name in the DNS.82 In a similar vein, some international organizations have asserted a right to prevent others from registering domain names identical to their acronyms or names.83 These claims have more to do with the imputed legitimacy of the association than with commercial confusion. Here, too, issues arise regarding the balance struck between the use of the name as an identifier and its legitimate use as a reference to the identified entity. These claims also raise questions about who in the affected society has the right to control the name. Also, some legal regimes, which are analogous to trademark law because they are related to reputation in commerce, attempt to vest regions or localities, rather than specific firms or products, with exclusive rights to a name for a certain use. These regimes of “controlled appellations of origin” might be applied, for example, to wines or other agricultural products.84 In addition to nations, regions, and international organizations, many people feel that they have some ownership right over their personal name and other aspects of their persona. National systems of law often recognize “rights of personality” when defined as the ability of a person “to control the commercial use of his or her identity.”85 In the United States, there currently is no federal right of publicity or privacy; rather, the promulgation of such laws has been left to the states. About half of the states have recognized the right of publicity, either through common law or statute.86 Other states provide similar protections as a part of the right of 82 See, for example, Excelentisimo Ayuntamiento de Barcelona v. Barcelona.com Inc., WIPO Case No. D2000-0505, available at <http://arbiter.wipo.int/domains/decisions/html/2000/d2000-0505.html>; and Salinas, California, National Arbitration Forum, City of Salinas v. Brian Baughn, WIPO Case No. FA0104000097076, available at <http://www.arbitrationforum.com/domains/decisions/97076.htm>. 83 For example, international organizations such as the International Monetary Fund (IMF) or the World Health Organization (WHO). See The Recognition of Rights and the Use of Names in the Internet Domain Name System, Report of the Second WIPO Internet Domain Name Process, September 3, 2001, available at <http://wipo2.wipo.int/process2/report/pdf/report.pdf>. 84 For further discussion see, “Geographic Identifiers,” in The Recognition of Rights and the Use of Names in the Internet Domain Name System, 2001. 85 See McCarthy, McCarthy on Trademarks and Unfair Competition, 4th ed., 1992. 86 See, for example, Carson v. Nat’l Bank of Commerce, 501 F.2d 1082, 1084 (8th Cir. 1974) (recognizing a common-law right of publicity in Nebraska); and FLA. STAT. ANN. §540.08 (West 2002) (providing for a statutory right of publicity in Florida).
OCR for page 69
Signposts in Cyberspace: The Domain Name System and Internet Navigation privacy.87 Under the Restatement (Second) of Torts §§ 652A - 652C (1979), invading an individual’s right of publicity is similar to invading her privacy through unauthorized appropriation of her name or likeness.88 One of the primary motives behind passage of the Anticybersquatting Consumer Protection Act in the United States, for example, was the widespread registration of the names of U.S. politicians as domain names and their linkage to Web sites that were satirical or critical.89 Communications technology can create new arenas for disputes over rights to names. In particular, the process of entering an identifier into a network creates numerous opportunities for conflicts over the boundary of a name right. Of course, many of the underlying issues—confusion, fraud, competition, fair use, freedom of expression—are familiar from other contexts. A good part of the advertising economy of the Internet is based on paying for “hits” (i.e., the exposure of the content of a Web site to a distinct user).90 Thus, the practice of “typosquatting” developed, wherein entrepreneurs registered domain names that were only a keystroke or two 87 See, for example, Allison v. Vintage Sports Plaques, 136 F.3d 1443 (11th Cir. 1998) (describing the appropriation of plaintiff’s personality for a commercial use as an invasion of privacy tort in Alabama). 88 In 1953 in the case of Haelan Labs. v. Topps Chewing Gum, the right of publicity was first explicitly recognized as a right independent of the right of privacy and as an individual’s right to the publicity value of his photograph. The court distinguished the right of publicity from the right of privacy because “many prominent persons … far from having their feelings bruised through public exposure of their likeness, would feel sorely deprived if they no longer received money for authorizing advertisements [or] popularizing their countenances.” See Haelan Labs. v. Topps Chewing Gum, 202 F.2d 866, 868 (2d Cir. 1953). Thus, the right of publicity has developed into a body of law distinct from, but related to, copyright law, privacy rights, and the law of unfair competition. While certain states encode publicity rights within their right of privacy statutes, prominent case law and jurisprudence acknowledge the development of the right of publicity as an independent body of law. See, for example, Carson v. Here’s Johnny Portable Toilets, 698 F.2d 831, 834 (6th Cir. 1983) (stating, “[T]he right of privacy and the right of publicity protect fundamentally different interests and must be analyzed separately.”). When commercial exploitation of names is involved, personality rights often overlap with, or are informed by a logic that parallels, trademark rights. Indeed, a person’s name is often registered as a trademark or used to brand products or services (e.g., Michael Jordan). But rights of personality are often asserted even when commerce is not directly involved. 89 U.S. Patent and Trademark Office, “Report to Congress: the Anticybersquatting Consumer Protection Act of 1999,” January 2000. A law passed by the state of California makes it illegal to register someone else’s name as a domain name “without regard to the goods and services of the parties.” See Section 17525 of the California Business and Professions Code, at <http://www.leginfo.ca.gov/cgi-bin/displaycode?section=bpc&group=17001-18000&file=17525-17528.5>. 90 See Section 7.2.2 for an extended discussion.
OCR for page 70
Signposts in Cyberspace: The Domain Name System and Internet Navigation apart from popular domains. These “typo” domains would then be linked to advertisements in order to collect pay-per-hit revenue from people who mistyped the locator into the browser. The cybersquatter John Zuccarini refined the practice of “typosquatting” to an art, registering hundreds of close misspellings of popular domain names and trapping users into a parade of cascading Web pages, some of them pornographic.91 There are even fuzzier boundaries to consider. There are businesses that register large collections of expired domain names in order to collect advertising hits from people who are looking for the old Web site.92 Is this an abusive practice or one as innocent as putting up a billboard on a choice spot on a busy highway? Beyond Second-Level Domain Names Thus far, the discussion has focused on second-level domain names. Although less common, there are disputes involving third-, fourth- and higher-level domain names, as well as involving directory and file descriptors. For example, in Bally Total Fitness Holding Corp. v. Faber, 29 F. Supp. 2d 1161 (C.D. Cal. 1998), an infringement suit was brought against a defendant who used the URL <http://www.compupix.com/ballysucks> to post critical comments regarding the plaintiff. The court held that “no reasonable consumer” was likely to confuse the defendant’s domain name with the plaintiff’s marks BALLY, BALLY TOTAL FITNESS, and BALLY’S TOTAL FITNESS, because, among other things, the defen- 91 See, for example, Joanna Glasner, “Typo-Loving Squatter Squashed,” Wired, October 31, 2000, available at <http://www.wired.com/news/business/0,1367,39888,00.html>. In 2004, Zuccarini was sentenced to 30 months in prison for using misleading domain names to trick children into visiting pornographic Web sites in violation of the federal Truth in Domain Names Act. See “U.S. Man Jailed for Luring Children to Porn Sites,” Reuters, February 26, 2004. 92 Other cases include attempts to protect the “nonproprietary” status of a name by excluding it from a name space. The World Health Organization and the World Intellectual Property Organization (WIPO) proposed to do this with respect to International Nonproprietary Names (INNs), a list of over 3000 names of pharmaceutical substances. See “International Nonproprietary Names (INNs) for Pharmaceutical Substances,” in The Recognition of Rights and the Use of Names in the Internet Domain Name System, Report of the Second WIPO Internet Domain Name Process, September 3, 2001, available at <http://wipo2.wipo.int/process2/report/pdf/report.pdf>. This proposal is particularly problematic because the list of INNs not only is long, but also expands over time. Religion is another potential source of rights claims. Certain religions recognize words as sacred and attempt to protect or restrict their use.
OCR for page 71
Signposts in Cyberspace: The Domain Name System and Internet Navigation dant did not use the plaintiff’s mark in his domain name.93 Based on the facts of the case, the court stated that the result would have been the same even if the defendant’s domain name was ballysucks.com.94 The court also contrasted the defendant’s domain name and the hypothetical second-level ballysucks.com domain name with other cases where likelihood of confusion was found when the plaintiff’s mark was the only mark (e.g., panaflex.com) used in the defendant’s second-level domain.95 In another example, the Usenet newsgroup name space contains numerous descriptors that use a variety of names to describe the space, including, for instance, the name Disney (e.g., alt.disney.disneyland or rec.arts.disney.parks). These newsgroups (which are visible to most Internet users) are not run by the Disney Corporation, and the content and administration of the group may or may not have the corporation’s approval. In the even more freewheeling world of AOL screen names, any user can appropriate the name of his or her favorite Disney character (even in less than flattering variations) and use it as his or her screen name and e-mail address. While it is clear that no exemption exists for Usenet groups and AOL screen-name aliases, it does appear that trademark holders have chosen not to pursue many of these uses in these naming spaces.96 Yet current law and policy regarding domain names erect major distinctions between the various parts of the domain name used in a URL. Within the generic and most country-code top-level domains, all (or at least most) of the political and legal conflict over rights to names takes place over the second-level domain name. The third-level domain and all identifiers to the right of the domain name are generally outside the scope of challenge through dispute resolution processes.97 Current law and policy therefore regard the top-level domain as a fixed set of generic cat- 93 See The Recognition of Rights and the Use of Names in the Internet Domain Name System, 2001, pp. 1163-1165. 94 See The Recognition of Rights and the Use of Names in the Internet Domain Name System, 2001, p. 1165. 95 See The Recognition of Rights and the Use of Names in the Internet Domain Name System, 2001, p. 1165. 96 Many trademark holders have not done anything regarding many newsgroup names, in part because it is difficult to police such activities as well as prove that trademark infringement or dilution has occurred. Indeed, as soon as a name was removed or changed in this space, another of the millions of users could create a new one. 97 There are some important exceptions, such as the case of .uk, for which most entities register at the third level (e.g., Disney.co.uk) rather than at the second level. For these exceptions, it is the fourth level and beyond that are outside the purview of dispute resolution processes. Dispute resolution processes are further described in Chapters 3 and 5.
OCR for page 72
Signposts in Cyberspace: The Domain Name System and Internet Navigation egories or country codes, the second-level domain as the identifier of an organization, product, or Web site, and the third-level domain as part of a “private” naming system, wherein assignments can generally be left to the discretion of whoever holds the second-level name. To further illustrate this point, Yahoo! Inc. has been an active defender of its brand name in cyberspace. It has challenged the registration of hundreds of second-level domains, including some rather remote misspellings, such as “jahu” or “yhuu,” whenever they appear in the second level of a domain name. But under current legal precedent, it would likely take no action against a name such as yahoo.blatant.cybersquatter.com. In all likelihood, however, Yahoo’s decision not to pursue claims for trademark infringement or dilution for alternative uses of its brand name and mark is less influenced by current precedent than it is by Yahoo’s likelihood of success on the merits, especially in view of decisions such as that in the above noted Bally Total Fitness Holding Corp. v. Faber case. By contrast, second-level domain names are ripe for generating conflicts over rights to names. They are meaningful, they are perceived as being economically valuable, and they are part of a global, public naming system administered via collective action. And perhaps most importantly, they are susceptible to centralized control because of the existence of a single, central point of coordination, the relevant registry. See Box 2.2. 2.5.3 Whois In concert with the rise in the interest in and demand for domain names was a corresponding increase in the value of contact information associated with domain names. Hence, interest in the Whois database continued to rise in the 1990s. Some of the targeted uses of the Whois data were for old-fashioned marketing purposes—for example, to send sales brochures and to make telephone solicitations to network operators and domain name registrants. As domain names became economically valuable after 1995, accessing Whois data also became a popular way to find out which domain names were taken, who had registered them, and the creation and expiration date of the registration. The Whois database also became an investigation and monitoring tool for intellectual property rights holders. When a trademark holder discovered a potentially infringing domain name, the trademark holder could use the Whois database to identify, investigate, and contact the registrant of the domain name. At that time, the Whois database could also be used to determine if the same registrant had registered any similar domain names that the trademark holder did not know about or to search for further evidence of cybersquatting by the registrant. Trademark holders also discovered that they could use the database proactively
OCR for page 73
Signposts in Cyberspace: The Domain Name System and Internet Navigation BOX 2.2 The Institutionalization of .com For the most part, the initial dominance of .com among the TLDs was a historical accident, a product of the chance conjunction of the commercialization of the Internet, the rise of the Web, the openness of the InterNIC registry relative to the ccTLD registries, and the lack of any other commercially oriented TLD in the original set of gTLDs. Once .com became established as the most desired TLD for many registrants, other forces contributed to the solidification of .com’s increasing dominance. As discussed elsewhere in this section, “Beyond Second-Level Domain Names,” the rise in value of .com names (whether for navigation or marketing functions) led to the registration of some domain names for speculative, abusive, or preemptive purposes. Based on a desire to avoid further registration of domain names for these same purposes in new TLDs, some resistance developed to the creation of new TLDs, thereby reinforcing the focus on extant TLDs (with disproportionate advantage to .com, given its dominant market position). Whether the historical dominance of .com from the mid-1990s will continue in the future of the DNS is discussed in Section 5.4. to perform searches for character strings that matched trademarks, and retrieve many of the domain name registrations in the generic top-level domains that matched or contained a trademark. This automated searching function proved to be so valuable that trademark interests began to demand that the Whois functions be institutionalized, expanded, and subsidized, including the right to purchase the complete list and contact data for all of a registrar’s customers. The first World Intellectual Property Organization (WIPO) domain name process, initiated in 1998 in response to a U.S. government request, as detailed by a U.S. Commerce Department white paper,98 recommended that the contact details in a Whois record be contractually required to be complete, accurate, and up to date, on penalty of forfeiture of the domain name.99 2.6 GLOBALIZATION Worldwide interest in the DNS developed during the 1990s along with increasing concern about U.S. dominance of a critical element of global communication and a commercial resource on which other nations fore- 98 For the text of the white paper, see <http://www.ntia.doc.gov/ntiahome/domainname/6_5_98dns.htm>. 99 See paragraph 73 of The Management of Internet Names and Addresses: Intellectual Property Issues. Final Report of the WIPO Internet Domain Process, April 30, 1999, available at <http://wipo2.wipo.int/process1/report/finalreport.html#49>.
OCR for page 74
Signposts in Cyberspace: The Domain Name System and Internet Navigation saw their economies and societies becoming ever more dependent. With increasing recognition of this value came a growing desire to participate in the management and policy decision making with respect to domain names. An issue of particular interest in many countries is access to the Internet and the DNS using home-country languages other than English. As the number of users whose first language is not based on Roman characters grew dramatically during the 1990s, interest developed in domain names based on non-Roman scripts (e.g., Chinese, Hebrew, Arabic, and so on). Several major efforts have been undertaken to accommodate internationalized domain names (IDNs) within the Internet infrastructure.100 The design of the DNS, however, presents formidable technical challenges for the accommodation of languages that use non-Roman characters. As a lookup system, the DNS must be able to determine unambiguously whether or not there is a match with a query. Comparing strings is much more difficult than most people realize, because the definition of what is “equal” is often not deterministic. For the French language in Canada and in France, for example, there are different rules as to whether an accent stays over a character when it is converted from lower to upper case. And some languages (e.g., Chinese) cannot be reduced to a relatively small number of standardized characters (e.g., the character set for English). See Section 4.3 for further discussion of the IDN issue and the increasing interest and involvement by parties outside the United States in matters related to the DNS. 2.7 ADMINISTRATION OF DOMAIN NAMES In the 1980s, the Network Information Center managed the registration of domain names, operating under the auspices of SRI International and funded by the Department of Defense (DOD), by DARPA and the Defense Information Systems Agency (DISA).101 Jon Postel and other researchers at the Information Sciences Institute at the University of Southern California had been given the authority to establish procedures for assigning and keeping track of protocol and network numbers and controlled the definition of TLDs.102 Overall, the administration and policy oversight for domain names was relatively straightforward. 100 See discussion in Section 4.3. 101 Formally, the NIC was the Defense Data Network-Network Information Center (DDN-NIC). 102 Jon Postel had a central role in the DNS from the beginning as co-author of “The Domain Naming Convention for Internet User Applications,” RFC 819. Postel “held leadership positions in several Internet infrastructure activities. He was founder and head of the Internet Assigned Numbers Authority, RFC editor, and chief administrator
OCR for page 75
Signposts in Cyberspace: The Domain Name System and Internet Navigation In the mid-1980s, the National Science Foundation (NSF) created NSFNet to provide data communication services to researchers and educators. It selected the Transmission Control Protocol/Internet Protocol (TCP/IP) as its transport protocol and worked closely with the Department of Energy, the National Aeronautics and Space Administration, and DARPA to share facilities to extend this infrastructure in the United States and worldwide. NSF encouraged campus network investment by focusing its efforts on high-speed and high-capacity long-haul “backbone”103 and regional networks to connect the campuses. Thus, the responsibility for the civilian network gradually shifted from the DOD to NSF. (See Box 2.3 for a timeline of the shifting administration of domain names.) In the early 1990s, NSF made another important decision—to withdraw as the primary financial benefactor for the backbone of the Internet and to encourage a commercial market for support of transport facilities. Continuing on this path, in 1993 NSF replaced DOD as the funding agency for domain name management. As the workload increased, NSF contracted with Network Solutions, Inc. (NSI) to manage the registration for most of the gTLDs (.com, .net, .org, .edu, and .gov), through InterNIC. At this time, NSF, preserving the practice that the registration of domain names would be free to registrants, subsidized the costs associated with domain name registration. See Box 2.3. Increasing scale was not the only impetus for administrative evolution. The increasing economic and social value of domain names caused new players to become interested in the realm of domain names. As discussed earlier, holders of highly visible and valuable trademarks developed an active interest in domain names. Many other entities, from national governments and public interest groups to the firms in the emerging domain name industry, also developed a keen interest in all things related to domain names. Thus, the 1990s saw the domain name community expand radically, both in scale and, especially important to understand, in the scope of the interests and backgrounds of participants.104 of the .us domain. He was expected to play a crucial role in the future of Internet administration, which [was] in the process of being transferred to the private sector [the Internet Corporation for Assigned Names and Numbers (ICANN)].” See “In Memoriam, Dr. Jonathan B. Postel, August 3, 1943 – October 16, 1998,” The Domain Name Handbook, available at <http://www.domainhandbook.com/postel.html>, accessed March 31, 2004. 103 A backbone is a network that interconnects other networks. Backbone networks often operate over relatively longer distances than do typical networks. 104 This diversity in the range of participants creates challenges in achieving consensus in the decisions needed to make progress on various problems. Among other things, conflicting goals and varying communication styles and vocabulary contribute to these challenges. Even agreeing on something as basic as defining “DNS” can lead to disputes.
OCR for page 76
Signposts in Cyberspace: The Domain Name System and Internet Navigation BOX 2.3 Administration of the Domain Name System in the 1990s: The Road to ICANN 1991 Responsibility for much of the Network Information Center (NIC) was transferred from SRI International (operating on the behalf of the Department of Defense; DOD) to Government Systems, Inc., which then subcontracted the entire operation to Network Solutions, Inc. (NSI). NSI started operating the NIC in 1992. 1993 The National Science Foundation (NSF) replaced DOD as the funding source for the NIC. NSF completed a service contract with InterNIC, the umbrella organization for the participating contractors AT&T (directory and database services), NSI (registration services), and General Atomics/ CERFnet (information services). Thus, NSF engaged NSI to take over domain name registration services for most of the generic top-level domains (gTLDs) through a 5-year cooperative agreement. 1994 “Domain Name System Structure and Delegation” (RFC 1591), written by Jon Postel, was published and gained general acceptance.1 1995 NSF and NSI amended their cooperative agreement, imposing a $100 fee for 2 years of domain name registration. 1997 The International Ad Hoc Committee (IAHC), a coalition of individuals representing various constituencies established in 1996, released a proposal for the administration and management of gTLDs that included a framework for a governance structure, captured in a document known as the Generic Top Level Domain Memorandum of Understanding (gTLD-MoU).2 The U.S. government created an interagency group to address the domain name issue and assigned lead responsibility to the National Telecommunications and Information Administration (NTIA), Department of Commerce. This interagency group reviewed the IAHC proposal and solicited public comment. As a part of the Clinton Administration’s “Framework for Global Electronic Commerce,”3 the Department of Commerce was directed to privatize the
OCR for page 77
Signposts in Cyberspace: The Domain Name System and Internet Navigation Domain Name System in a manner that would increase competition and facilitate international participation in its management. The department issued a call for public input relating to the overall framework of the DNS. 1998 The NTIA released “A Proposal to Improve Technical Management of Internet Names and Addresses,” also known as the Green Paper. This proposal called for a private, non-profit corporation, headquartered in the United States, to manage domain names and IP addresses, and for “the addition of up to five new registries.”4 A final statement of policy, the “Management of Internet Names and Addresses,” also known as the White Paper, was issued by NTIA. The White Paper reaffirmed the goals of the Green Paper, while having the U.S. government take a more hands-off approach, and urged the creation of a new not-for-profit corporation to oversee the management and assignment of domain names and IP addresses. Goals for the new corporation included ensuring stability, competition, private and bottom-up coordination, and fair representation of the Internet community.5 NSF transferred authority to the U.S. Department of Commerce to administer the cooperative agreement under which domain name registration services are provided.6 Internet constituencies (e.g., those that attended the workshops held under the auspices of the International Forum on the White Paper) discussed how the new entity (the New Corporation, or “NewCo”) might be constituted and structured. A group led by Jon Postel (and under his name) proposed a set of bylaws and articles for the incorporation of NewCo. The final version of NewCo’s (then named as the Internet Corporation for Assigned Names and Numbers; ICANN) bylaws and articles of incorporation were submitted to NTIA in October. On November 25, NTIA and ICANN signed an official memorandum of understanding (MoU), with an initial termination date of September 30, 2000. In October, NTIA and NSI extended their cooperative agreement through September 2000. NSI committed to a timetable for the development of a shared registration system (SRS) that permitted multiple registrars to provide registration services within the .com, .net, and .org gTLDs. Also, NSI agreed to separate its registrar and registry operations into separate divisions, to recognize NewCo, and to make no changes to the root without written approval from the U.S. government. 1 Available at <http://www.rfc-editor.org>. 2 For further information, see <http://www.gtld-mou.org/draft-iahc-recommend-00.html>. 3 See <http://www.ta.doc.gov/digeconomy/framewrk.htm>. 4 See <http://www.ntia.doc.gov/ntiahome/domainname/dnsdrft.htm>. 5 For the text of the white paper, see <http://www.ntia.doc.gov/ntiahome/domainname/6_5_98dns.htm>. 6 See <http://www.nsf.gov/od/lpa/news/media/ma9822.htm>.
OCR for page 78
Signposts in Cyberspace: The Domain Name System and Internet Navigation By 1996, the belief by some (e.g., Jon Postel) that additional TLDs were needed led to the establishment of the International Ad Hoc Committee (IAHC) to develop a framework for the administration of domain names, which became known as the Generic Top Level Domain Memorandum of Understanding (gTLD-MoU). The IAHC’s proposal for an institutional framework prompted a strong reaction from a few key constituencies and “sent ripples through the international system,” as characterized by Milton Mueller.105 Although the gTLD-MoU was not implemented, its creation did motivate the discussions leading to the development of the Green and White Papers (see Box 2.3) and the eventual creation of the Internet Corporation for Assigned Names and Numbers (ICANN) in late 1998. NSI exclusively operated the .com, .net, and .org TLDs through 1998. The registry operations (associated with the management of the TLD databases themselves) and registrar operations (associated with the retail functions of dealing with customers) were integrated. NTIA’s agreement with NSI in late 1998 required NSI to separate its registry and registrar functions so that other registrars could enter the market. To facilitate the entry of other firms, NSI also agreed to establish a shared registration system to enable all registrars (including NSI’s registrar unit) to interact with the registry database. The vibrant market for domain name registration services in the .com TLD that developed in the late 1990s also spurred interest in the creation of new TLDs. Thus, the DNS has experienced an extraordinary evolution since its birth in the early 1980s. Initially intended to address specific technical and operational problems of concern to a small, relatively homogeneous group of computer scientists and engineers, the DNS came to involve individuals from many different sectors such as law, business, government, and the public interest. The issues surrounding the DNS became increasingly non-technical in nature and increasingly complex and controversial, and so the founding of ICANN did not end the conflict among constituents, but rather provided the forum for their often intense discussion. Chapters 3 and 5 further explore these conflicts and the alternatives for their possible resolution. 105 From Milton Mueller, “Internet Domain Names: Property Rights and Institutional Innovation,” in Gary Libecap, editor, Entrepreneurship and Growth in the American Economy 12:93-131, Elsevier, Amsterdam, 2000, p. 111.
Representative terms from entire chapter: