Towards fair, open, technically sound global Internet policy.




 Coe |

 Bor |

 Names |





Dan Steinberg
Einar Stefferud
Richard Sexton
Brian Reid

This document is a synthesis of various discussions between the authors over the last few centuries (at least it feel like it).

1) This document was originally titled INTERNET DNS GOVERNANCE MODEL. We changed the title and all internal references to read "organizational" in place of "governance". To our minds, governance is something that governments do. Private industry doesn't govern. It organizes. The distinctions are subtle but important. Private industry works by agreements that are transcribed as contracts between parties. Governments enact laws and regulations which are then applied to their subjects with powers of enforcement and how they are implemented.

2) This document is complimentary to the Domain Holders Bill of Rights published by the Association of Internet Registries (AIR). The Domain Holders Bill of Rights is an enunciation of the basic rights of domain holders and is meant as a customer-based statement of principles. No attempt to force any registry or registrar to sign this bill of rights is envisioned. The market will decide how many of these rights are implemented.


  1. Here are our views
  2. we recognize that someone else probably should be coordinate the DNS and we are willing to work towards Internet consensus on defining "who" that is both at a macro and micro level, 3) we know people are getting tired of endless discussion so let's put a time limit on discussion but have a mechanism to extend it should group consensus fail to coalesce or a consensus emerge that demands additional time.
  3. we know there are other viewpoints. we have already lived with and resolved several strongly held divergent views in our discussions. We have found that civil discourse does work, and that things can actually get done.
  4. We don't say that 'this is it', but the alternatives to working together are not pleasant for any parties. So please do consider the alternatives and consider that everyone stands to gain by an orderly cooperative transition.
If you don't agree with these, you will probably not be very interested in the rest. But please give it a healthy try.
  1. "." may or may not be a monopoly by its nature, but the set of all TLDs is only a monopoly by choice. They are not a natural monopoly.
  2. The DNS name-space is not a public trust. The name-space is natural language or a means of expression which as a whole is not owned by anyone.
  3. A combination of market forces and existing national legislation is sufficient to handle the registration abuses such as .COM cloners and re-registration schemes, given an open market for iTLD names.
  4. any top level domain that has a reasonable charter and policies should be seriously and openly considered for inclusion into the DNS root zone. Admission policy should be inclusive rather than exclusive.
  5. despite (1) above, there is always end-user choice in where end users and local name server administrators can point their own ROOT CACHE for DNS TLD Root Resolver Service.

Is name-space a public trust? How can we find out? Here is a programatic exercise to help illuminate issues:

After this exercise, it is clear that the DNS is *not* a public trust. The determination is left as an exercise for the reader. Cutting to the chase, it is readily apparent that DNS is not a public trust as it lacks the common public trust attributes of scarcity and is not susceptible to regulation.

Domain names are only limited by the imagination of the registrant. Despite all the dire claims that all the 'good' names are already taken, registrations in .com are still increasing. Opening up TLDs expands this possibility even more. (need to add some more detail here but everyone will get the message). And when we all get tired of thinking so hard, we can expand DNS beyond ASCII characters to give other tribes something useful to play with. UNICODE DNS: imagine the possibilities (but leave it for later because we have work to do).

Ability to Regulate
Remember that the internet is a collection of private networks. No matter what is legislated or imposed or suggested, there is always end-user choice in where to point for DNS services (or even Do It Yourself with a local "root" as now done by INTRAnets behind firewalls). Something where the end-user has such choice does not look very much like a public trust (e.g. spectrum).

Remember also that the AlterNIC and eDNS movements worked on the premise that individuals would/could point to an 'alternate' source. It is necessary to avoid any mechanism that needs to subvert this choice. This is something we should not forget about as local choice is the true source of bottom-up consensus: people pointing to their preferred root servers because they choose to.

This concept of choice serves not only to define the playing field but to influence the optimal model for whatever kind of organization is necessary. Remember this point for later on.

* entry of new TLDs into the name-space * naming of new TLDs * how the various organizations interact without harming each other.

Now that we know what to do, how does it get done?

One natural organization appears to be the customer cooperative model, although other possibilities do exist. The natural members of the coop. are the collected set of TLD registries (with a few additions). Some reasons that the customer coop. model works best include:


There is a natural division into three separate direct interest groups:

There should be a small treatise about what the root is and means. There should be a worldwide organization of autonomous self-governing organizations that join the confederation by agreeing to the principles in the small treatise, and by paying a membership fee to someplace. (The primary purpose of the membership fee is to prevent the frivolous creation of new members).

The key principle here is that there is no central control. There is central agreement on doctrine, and each peer member helps prevent the others from taking over. Anyone who rejects the doctrine is, by definition, not a member. There needs to be a small office that is the holder of the common information, but it is not itself a member, nor does it have decision making powers. We believe that the key concept here is that the central group maintains a coherent set of information, but does not have the authority to change what it maintains, nor to make rulings about who can or cannot join. Membership is open to anybody who agrees to adhere to the rules and who pays the fee.

A fee is crucial to a scheme like this because it prevents frivolous memberships and it is a means of funding ROOT Zone operations.

As stated, this is best done with a customer coop where the customers are the collected set of TLD registries. The following are members:

These naturally form the following organizations:

It should be noted that no one group needs the other two: the RZ ops could run TLDs and serve as registrars if they chose, the TLZ ops could primary the root zone and accept registrations if they chose and the registrars could run all the DNS. Remember that the InterNIC currently performs all three functions. AlterNIC did all three (albeit not very well) but as it is a lot of work. Splitting up the work is probably a good idea just to provide for more scalability.

This structure could easily accommodate stakeholders groups under all three of these organizations. They could either be formally defined here, left to evolve through market forces, or some combination of the two.

The following additional players have all been defined as stakeholders in this process:

  • Secondary Root Server Operators
  • TLD Name Owners
  • TLD Registry Administrators
  • TLD Server Operators, + Secondary TLD Server Operators
  • TLD Registrars
  • SLD Name Owners
  • SLD Registry Administrators
  • SLD Server Operators, + Secondary SLD Server Operators
  • Sub-SLD Names Owners;
  • Sub-SLD Registry Administrators
  • Sub-SLD Server Operators, + Secondary SLD Server Operators
  • End Users of DNS names
  • Name-Server operators
  • Domain Name resellers
  • Domain Name Warehousers
  • ISPs
  • Vendors of internet software
  • etc.

    Some of the above can be folded back into each other. Debate on how to organize everything is an ongoing process. What is important is that all stakeholders have a voice in the process.

    It is also important to recognize that not all aspects of the internet need to be organized by the groups involved with DNS. There are many other issues involved. It is likely that other parallel organizations will emerge with appropriate stakeholds evolving the appropriate organizational structures. In those organizations, RZ Ops, TLD Ops and registries might have only consultative or advisory input. The key is that those groups most involved with an issue have the most voice. Other stakeholders have input.

    It is probable that the one or more of following might emerge:

    Not all of the above groups necessarily needs to be directly involved in the DNS organization. There is room in the model for the concept of various non-governing advisory or lobbying groups, as well as for groups that exist primarily during the transition period. It is hoped/anticipated/etc. that stakeholders who feel they need to be part of the organization will step forward with convincing arguments. That makes the job easier. It will also help if they self organize!

                          Root Zone Operators
                             /  \
                            /    \
                           /      \
                          /        \
                         /          \
                        /            \
                       /              \
                      /                \
         TLD Zone Ops ----------------- Registrars

    This covers the minimum requirements i.e. what is performed today by the InterNIC. But there's more. Splitting up the functions into separate organizations means that we no longer have central control.

    Domain Name Coordination FUNCTION
    There is an obvious need to have some sort of coordination or oversight acting on the three operating groups. See diagram below.

                          Root Zone Operators
                             /  \
                            /    \
                           /      \
                          /        \
                         /  DNCF    \
                        /            \
                       /              \
                      /                \
         TLD Zone Ops ----------------- Registrars

    This puts responsibility for oversight in a Domain Name Coordination function formed by reps. from the three points on the triangle. This works a lot better than the classic top-down pyramid structure but it does get more complicated. In all cases, the coordination function is responsible for ensuring consistency but should only be there on an as-needed basis.

    Here are the players:

    1) There is a General Assembly (GA) of RZ, TLD and Reg operators (GA not shown in the diagram). The GA is for [we will let a few more people decide on what goes here].

    2) There are separate caucuses of the RZ, TLDZ, and REG associations. These elect the members of the group that performs the Domain Name Coordination Function (DNCF). The caucuses function as per the philosophy espoused by Brian Reid. For the moment, any group not explicitly identified in the triangle gets represented by the various vertices. If a better mechanism arises, the triangle is just an object that can be modified. For example, the triangle might become a square, or a 3D triangle with 4 vertices.

    It should be noted that DNCF is just a place-holder at this moment. A better name is sure to be found that accurately represents the actual organization and not merely their function. It is important to distinguish between the people, the group and the function they perform. More on this concept later (or perhaps in a separate draft).

    3) DNCF: Within the function, there is a requirement for some sort of DNCF Director reporting to the DNCF whose delegates in turn report to their own caucuses. Doing so conveys that the Director function is a captive of its "subordinates". This replaces the GP concept (and similar docs) of a CEO that reports to a large board drawn from various political constituencies and creates a top down power structure which then delegates authority and assigns responsibilities. Our organizational structure takes the opposite "bottom up" aggregation of power approach to assure that the stability and coherence of a comprehensive global DNS is achieved.

    The whole structure answers to the underlying customers through market relationships with the registrars. If additional representation is required, the triangle can be changed to a quadrilateral or other polygon. What becomes important is not how many sides there are to the polygon but how many votes each stakeholders gets.

    REMEMBER THIS IS A QUESTION OF CHOICE It should be noted that most Internet DNS 'users' either use the "name-server" IP addresses supplied by their ISPs, or by their company's DNS name server admin staff. Thus, there is a responsible marketing infrastructure already in place to collectively determine where the defacto most comprehensive and coherent RZ is, and point their clients to it. The actual choice at the 'user' level is still free, and this does not preclude massive private and commercial intranets from doing what they want as long they don't 'contaminate' the rest of the net.

    Remember way back at the top we said:

    • entry of TLDs into the name-space
    • how the various organizations interact without killing each other.

    Entry of TLDs is managed by the TLD Zone Operators.

    Naming of the TLDs is managed by a process dictated by the minimum doctrine espoused above. We have not discussed how names are chosen but there appears to be no reason why First Come First Served (FCFS) cannot operate here. We propose to add to the FCFS concept the idea of gating new TLD names into the ROOT at an orderly rate facilitates control of DNS ROOT stability.

    How the various organizational interact is covered by the caucus structure with coordination function. So we're done.

    We all appear to agree that there appear to be marketing and business reasons for registrars. However, there is no technical necessity for separate registrars as the only way a domain name can be registered.

    It appears that a separation of function will be mandated during the transition to private industry (primarily for anti-trust considerations). The best ways for them to exist after the GP transition are either:

  • industry-wide or TLD-specific agreements to deny retail transactions by registries or a particular TLD, or
  • as value-added entities at the retail level while the registries operate at the wholesale level.

    Even the wholesale/retail distinction might not be necessary, but this is not a valid reason to disallow them if they naturally fill a gap in the value-added chain from registry to registry customer to DNS user. Registrars already deal with all ISO TLD Registries around the world. Each one of them operates a different set of rules, procedures, fees, languages, requirements, attitudes and processes. While customers could go to each of ISO TLD Registries directly, it is often simply not efficient for them to do so. A registrar provides a single point of entry to deal with as many Registries as needed. of value added. Registries can also offer a range of value added services to their clients, ranging from automated submission systems, form filling assistance (ever filled in a form in Chinese?), DNS server provision, unlimited telephone support, advice and information and backup when things go wrong.

    As separate registrars have no naturally mandatory and/or technical function (except perhaps as part of the transition from govt. to private industry), there is a tendency to question their inclusion in the organizational structure. But the opposite view is also equally valid at this time. We really don't know how best to organize because we haven't lived with an actual organization and found the rough edges. Everything is just conjecture. This brings us to...

    Nothing fancy here. It's just very apparent that we need a mechanism to make changes to the organizational structure as the need arises and a way to detect when such changes are needed (and a way to manage debate on any proposed change such that we don't take 4 years to get things done). Consider this a place-holder for future consensus.

    The end-users of these services are either: * domain name holders, or * netizens at large

    It is possible to make some assumptions as to the rights of domain name holders. These assumptions as to the inalienable rights of domain name holders are contained in The Domain Name Holders Bill of Rights. How these rights might interact with the marketplace is conjecture at this time.

    It is difficult to envision how we might organize for the net. Individual netizen's access to the net is controlled by their contract (either with an ISP or their employer or educational institution) with some provider of connectivity. This is an ideal opportunity for self-organization!

    The requirement that we need to espouse in our draft is that all registries must offer an interface and a price schedule that distinguishes direct sales from retail registrar sales. The difference in registry pricing does not appear to be very significant, just because the value added by the retail registrar is that of hand holding, most likely in connection with selling another service such as an ISP connection. It is common practice for retailers to markup their goods to account for the value added by integrated packaging. All this stuff, including any kind of price control, should be left to the market.

    NOTE: This does not say that our draft should not suggest some guidelines for pricing, but it does frame those suggestions, whatever they might be.

    NOTE: Some guiding principles on this subject are contained in the Domain Name Holders Bill of Rights.

  •  Home 
     Essays |
     About |
     Lists |
     Faq |
     Draft |
     Press |
     Inc |
     Support |
     Issues |
     DNS ORG 
     Coe |
     Bor |
     Names |

    The open-rsc is a project by, of and for the Internet community.

    If you have comments on any aspect of this project, you can either send them to everybody involved by sending mail to, or, if you want to send mail just to the webmaster, send mail to

    Donate: Dian Fossey Gorilla Fund or Save The Rhino