98-4200. Improvement of Technical Management of Internet Names and Addresses  

  • [Federal Register Volume 63, Number 34 (Friday, February 20, 1998)]
    [Proposed Rules]
    [Pages 8826-8833]
    From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
    [FR Doc No: 98-4200]
    
    
    
    [[Page 8825]]
    
    _______________________________________________________________________
    
    Part IV
    
    
    
    
    
    Department of Commerce
    
    
    
    
    
    _______________________________________________________________________
    
    
    
    National Telecommunications and Information Administration
    
    
    
    _______________________________________________________________________
    
    
    
    15 CFR Chapter XXIII
    
    
    
    Improvement of Technical Management of Internet Names and Addresses; 
    Proposed Rule
    
    Federal Register / Vol. 63, No. 34 / Friday, February 20, 1998 / 
    Proposed Rules
    
    [[Page 8826]]
    
    
    
    DEPARTMENT OF COMMERCE
    
    National Telecommunications and Information Administration
    
    15 CFR Chapter XXIII
    
    [Docket No. 980212036-8036-01]
    RIN 0660-AA11
    
    
    Improvement of Technical Management of Internet Names and 
    Addresses
    
    AGENCY: National Telecommunications and Information Administration 
    (NTIA), Commerce.
    
    ACTION: Proposed rule; request for public comment.
    
    -----------------------------------------------------------------------
    
    SUMMARY: This document sets forth ways to improve technical management 
    of the Internet Domain Name System (DNS). Specifically, it describes 
    the process by which the Federal government will transfer management of 
    the Internet DNS to a private not-for-profit corporation. The document 
    also proposes to open up to competition the administration of top level 
    domains and the registration of domain names.
    
    DATES: Comments must be received by March 23, 1998.
    
    ADDRESSES: Comments may be mailed to Karen Rose, Office of 
    International Affairs, National Telecommunications and Information 
    Administration (NTIA), Room 4701, U.S. Department of Commerce, 14th and 
    Constitution Avenue, N.W., Washington, D.C. 20230 or sent via 
    electronic mail to dns@ntia.doc.gov. Messages to that address will 
    receive a reply in acknowledgment. Comments submitted in electronic 
    form should be in ASCII, WordPerfect (please specify version), or 
    Microsoft Word (please specify version) format. Comments received will 
    be posted on the NTIA website at http://www.ntia.doc.gov. Detailed 
    information about electronic filing is available on the NTIA website, 
    http://www.ntia.doc.gov/domainname/domainname130.htm. Paper submissions 
    should include three paper copies and a version on diskette in the 
    formats specified above.
    
    FOR FURTHER INFORMATION CONTACT: Karen Rose, NTIA, (202) 482-0365.
    
    SUPPLEMENTARY INFORMATION:
    
        Authority: 15 U.S.C. 1512; 47 U.S.C. 902(b)(2)(H); 47 U.S.C. 902 
    (b)(2)(I); 47 U.S.C. 902(b)(2)(M); 47 U.S.C. 904(c)(1).
    
    I. Introduction
    
        On July 1, 1997, The President directed the Secretary of Commerce 
    to privatize, increase competition in, and promote international 
    participation in the domain name system. Domain names are the familiar 
    and easy-to-remember names for Internet computers (e.g. 
    ``www.ecommerce.gov''). They map to unique Internet Protocol (IP) 
    numbers (e.g., 98.37.241.30) that serve as routing addresses on the 
    Internet. The domain name system (DNS) translates Internet names into 
    the IP numbers needed for transmission of information across the 
    network. On July 2, 1997, the Department of Commerce issued a Request 
    for Comments (RFC) on DNS administration (62 FR 35896). This proposed 
    rule, shaped by over 430 comments received in response to the RFC, 
    provides notice and seeks public comment on a proposal to transfer 
    control of Internet domain names from government to a private, 
    nonprofit corporation.
    
    II. Background
    
        Today's Internet is an outgrowth of U.S. government investments in 
    packet-switching technology and communications networks carried out 
    under agreements with the Defense Advanced Research Projects Agency 
    (DARPA), the National Science Foundation (NSF) and other U.S. research 
    agencies. The government encouraged bottom-up development of networking 
    technologies through work at NSF, which established the NSFNET as a 
    network for research and education. The NSFNET fostered a wide range of 
    applications, and in 1992 the U.S. Congress gave the National Science 
    Foundation statutory authority to commercialize the NSFNET, which 
    formed the basis for today's Internet.
        As a legacy, major components of the domain name system are still 
    performed by or subject to agreements with agencies of the U.S. 
    government.
    
    A. Assignment of Numerical Addresses to Internet Users
    
        Every Internet computer has a unique IP number. The Internet 
    Assigned Numbers Authority (IANA), headed by Dr. Jon Postel of the 
    Information Sciences Institute (ISI) at the University of Southern 
    California, coordinates this system by allocating blocks of numerical 
    addresses to regional IP registries (ARIN in North America, RIPE in 
    Europe, and APNIC in the Asia/Pacific region), under contract with 
    DARPA. In turn, larger Internet service providers apply to the regional 
    IP registries for blocks of IP addresses. The recipients of those 
    address blocks then reassign addresses to smaller Internet service 
    providers and to end users.
    
    B. Management of the System of Registering Names for Internet Users
    
        The domain name space is constructed as a hierarchy. It is divided 
    into top-level domains (TLDs), with each TLD then divided into second-
    level domains (SLDs), and so on. More than 200 national, or country-
    code, TLDs (ccTLDs) are administered by their corresponding governments 
    or by private entities with the appropriate national government's 
    acquiescence. A small set of generic top-level domains (gTLDs) do not 
    carry any national identifier, but denote the intended function of that 
    portion of the domain space. For example, .com was established for 
    commercial users, .org for not-for-profit organizations, and .net for 
    network service providers. The registration and propagation of these 
    key gTLDs are performed by Network Solutions, Inc. (NSI), a Virginia-
    based company, under a five-year cooperative agreement with NSF. This 
    agreement includes an optional ramp-down period that expires on 
    September 30, 1998.
    
    C. Operation of the Root Server System
    
        The root server system contains authoritative databases listing the 
    TLDs so that an Internet message can be routed to its destination. 
    Currently, NSI operates the ``A'' root server, which maintains the 
    authoritative root database and replicates changes to the other root 
    servers on a daily basis. Different organizations, including NSI, 
    operate the other 12 root servers. In total, the U.S. government plays 
    a direct role in the operation of half of the world's root servers. 
    Universal connectivity on the Internet cannot be guaranteed without a 
    set of authoritative and consistent roots.
    
    D. Protocol Assignment
    
        The Internet protocol suite, as defined by the Internet Engineering 
    Task Force (IETF), contains many technical parameters, including 
    protocol numbers, port numbers, autonomous system numbers, management 
    information base object identifiers and others. The common use of these 
    protocols by the Internet community requires that the particular values 
    used in these fields be assigned uniquely. Currently, IANA, under 
    contract with DARPA, makes these assignments and maintains a registry 
    of the assigned values.
    
    III. The Need For Change
    
        From its origins as a U.S.-based research vehicle, the Internet is 
    rapidly becoming an international medium for commerce, education and 
    communication. The traditional means
    
    [[Page 8827]]
    
    of organizing its technical functions need to evolve as well. The 
    pressures for change are coming from many different quarters:
         There is widespread dissatisfaction about the absence of 
    competition in domain name registration.
         Mechanisms for resolving conflict between trademark 
    holders and domain name holders are expensive and cumbersome.
         Without changes, a proliferation of lawsuits could lead to 
    chaos as tribunals around the world apply the antitrust law and 
    intellectual property law of their jurisdictions to the Internet.
         Many commercial interests, staking their future on the 
    successful growth of the Internet, are calling for a more formal and 
    robust management structure.
         An increasing percentage of Internet users reside outside 
    of the U.S., and those stakeholders want a larger voice in Internet 
    coordination.
         As Internet names increasingly have commercial value, the 
    decision to add new top-level domains cannot continue to be made on an 
    ad hoc basis by entities or individuals that are not formally 
    accountable to the Internet community.
         As the Internet becomes commercial, it becomes 
    inappropriate for U.S. research agencies (NSF and DARPA) to participate 
    in and fund these functions.
    
    IV. The Future Role of the U.S. Government in the DNS
    
        On July 1, 1997, as part of the Clinton Administration's Framework 
    for Global Electronic Commerce, the President directed the Secretary of 
    Commerce to privatize, increase competition in, and promote 
    international participation in the domain name system.
        Accordingly, on July 2, 1997, the Department of Commerce issued a 
    Request for Comments (RFC) on DNS administration, on behalf of an 
    inter-agency working group previously formed to explore the appropriate 
    future role of the U.S. government in the DNS. The RFC solicited public 
    input on issues relating to the overall framework of the DNS system, 
    the creation of new top-level domains, policies for registrars, and 
    trademark issues. During the comment period, over 430 comments were 
    received, amounting to some 1500 pages.1
    ---------------------------------------------------------------------------
    
        \1\ The RFC and comments received are available on the Internet 
    at the following address: http://www.ntia.doc.gov>.
    ---------------------------------------------------------------------------
    
        This discussion draft, shaped by the public input described above, 
    provides notice and seeks public comment on a proposal to improve the 
    technical management of Internet names and addresses. It does not 
    propose a monolithic structure for Internet governance. We doubt that 
    the Internet should be governed by one plan or one body or even by a 
    series of plans and bodies. Rather, we seek to create mechanisms to 
    solve a few, primarily technical (albeit critical) questions about 
    administration of Internet names and numbers.
        We expect that this proposal will likely spark a lively debate, 
    requiring thoughtful analysis, and appropriate revisions. Nonetheless, 
    we are hopeful that reasonable consensus can be found and that, after 
    appropriate modifications, implementation can begin in April, 1998. 
    Recognizing that no solution will win universal support, the U.S. 
    government seeks as much consensus as possible before acting.
    
    V. Principles for a New System
    
        Our consultations have revealed substantial differences among 
    Internet stakeholders on how the domain name system should evolve. 
    Since the Internet is changing so rapidly, no one entity or individual 
    can claim to know what is best for the Internet. We certainly do not 
    believe that our views are uniquely prescient. Nevertheless, shared 
    principles have emerged from our discussions with Internet 
    stakeholders.
    
    A. Stability
    
        The U.S. government should end its role in the Internet number and 
    name address systems in a responsible manner. This means, above all 
    else, ensuring the stability of the Internet. The Internet functions 
    well today, but its current technical management is probably not viable 
    over the long term. We should not wait for it to break down before 
    acting. Yet, we should not move so quickly, or depart so radically from 
    the existing structures, that we disrupt the functioning of the 
    Internet. The introduction of a new system should not disrupt current 
    operations, or create competing root systems.
    
    B. Competition
    
        The Internet succeeds in great measure because it is a 
    decentralized system that encourages innovation and maximizes 
    individual freedom. Where possible, market mechanisms that support 
    competition and consumer choice should drive the technical management 
    of the Internet because they will promote innovation, preserve 
    diversity, and enhance user choice and satisfaction.
    
    C. Private, Bottom-Up Coordination
    
        Certain technical management functions require coordination. In 
    these cases, responsible, private-sector action is preferable to 
    government control. A private coordinating process is likely to be more 
    flexible than government and to move rapidly enough to meet the 
    changing needs of the Internet and of Internet users. The private 
    process should, as far as possible, reflect the bottom-up governance 
    that has characterized development of the Internet to date.
    
    D. Representation
    
        Technical management of the Internet should reflect the diversity 
    of its users and their needs. Mechanisms should be established to 
    ensure international input in decision making.
        In keeping with these principles, we divide the name and number 
    functions into two groups, those that can be moved to a competitive 
    system and those that should be coordinated. We then suggest the 
    creation of a representative, not-for-profit corporation to manage the 
    coordinated functions according to widely accepted objective criteria. 
    We then suggest the steps necessary to move to competitive markets in 
    those areas that can be market driven. Finally, we suggest a transition 
    plan to ensure that these changes occur in an orderly fashion that 
    preserves the stability of the Internet.
    
    VI. The Proposal
    
    A. The Coordinated Functions
    
        Management of number addresses is best done on a coordinated basis. 
    As technology evolves, changes may be needed in the number allocation 
    system. These changes should also be undertaken in a coordinated 
    fashion.
        Similarly, coordination of the root server network is necessary if 
    the whole system is to work smoothly. While day-to-day operational 
    tasks, such as the actual operation and maintenance of the Internet 
    root servers, can be contracted out, overall policy guidance and 
    control of the TLDs and the Internet root server system should be 
    vested in a single organization that is representative of Internet 
    users.
        Finally, coordinated maintenance and dissemination of the protocol 
    parameters for Internet addressing will best preserve the stability and 
    interconnectivity of the Internet.
        We propose the creation of a private, not-for-profit corporation 
    (the new corporation) to manage the coordinated functions in a stable 
    and open institutional framework. The new corporation should operate as 
    a private
    
    [[Page 8828]]
    
    entity for the benefit of the Internet as a whole. The new corporation 
    would have the following authority:
        1. To set policy for and direct the allocation of number blocks to 
    regional number registries for the assignment of Internet addresses;
        2. To oversee the operation of an authoritative root server system;
        3. To oversee policy for determining, based on objective criteria 
    clearly established in the new organization's charter, the 
    circumstances under which new top-level domains are added to the root 
    system; and
        4. To coordinate the development of other technical protocol 
    parameters as needed to maintain universal connectivity on the 
    Internet.
        The U.S. government would gradually transfer existing IANA 
    functions, the root system and the appropriate databases to this new 
    not-for-profit corporation. This transition would commence as soon as 
    possible, with operational responsibility moved to the new entity by 
    September 30, 1998. The U.S. government would participate in policy 
    oversight to assure stability until the new corporation is established 
    and stable, phasing out as soon as possible and in no event later than 
    September 30, 2000. The U.S. Department of Commerce will coordinate the 
    U.S. government policy role. In proposing these dates, we are trying to 
    balance concerns about a premature U.S. government exit that turns the 
    domain name system over to a new and untested entity against the 
    concern that the U.S. government will never relinquish its current 
    management role.
        The new corporation will be funded by domain name registries and 
    regional IP registries. Initially, current IANA staff will move to this 
    new organization to provide continuity and expertise throughout the 
    period of time it takes to establish the new corporation. The new 
    corporation should hire a chief executive officer with a background in 
    the corporate sector to bring a more rigorous management to the 
    organization than was possible or necessary when the Internet was 
    primarily a research medium. As these functions are now performed in 
    the United States, the new corporation will be headquartered in the 
    United States, and incorporated under U.S. law as a not-for-profit 
    corporation. It will, however, have and report to a board of directors 
    from around the world.
        It is probably impossible to establish and maintain a perfectly 
    representative board for this new organization. The Internet community 
    is already extraordinarily diverse and likely to become more so over 
    time. Nonetheless, the organization and its board must derive 
    legitimacy from the participation of key stakeholders. Since the 
    organization will be concerned mainly with numbers, names and 
    protocols, its board should represent membership organizations in each 
    of these areas, as well as the direct interests of Internet users.
        The board of directors for the new corporation should be balanced 
    to equitably represent the interests of IP number registries, domain 
    name registries, domain name registrars, the technical community, and 
    Internet users (commercial, not-for-profit, and individuals). Officials 
    of governments or intergovernmental organizations should not serve on 
    the board of the new corporation. Seats on the initial board might be 
    allocated as follows:
         Three directors from a membership association of regional 
    number registries, representing three different regions of the world. 
    Today this would mean one each from ARIN, APNIC and RIPE. As additional 
    regional number registries are added, board members could be designated 
    on a rotating basis or elected by a membership organization made up of 
    regional registries. ARIN, RIPE and APNIC are open membership 
    organizations that represent entities with large blocks of numbers. 
    They have the greatest stake in and knowledge of the number address 
    system. They are also representative internationally.
         Two members designated by the Internet Architecture Board 
    (IAB), an international membership board that represents the technical 
    community of the Internet.
         Two members designated by a membership association (to be 
    created) representing domain name registries and registrars.
        Seven members designated by a membership association (to be 
    created) representing Internet users. At least one of those board seats 
    could be designated for an individual or entity engaged in non-
    commercial, not-for-profit use of the Internet, and one for individual 
    end users. The remaining seats could be filled by commercial users, 
    including trademark holders.
         The CEO of the new corporation would serve on the board of 
    directors.
        The new corporation's processes should be fair, open and pro-
    competitive, protecting against capture by a narrow group of 
    stakeholders. Its decision-making processes should be sound and 
    transparent; the bases for its decisions should be recorded and made 
    publicly available. Super-majority or even consensus requirements may 
    be useful to protect against capture by a self-interested faction. The 
    new corporation's charter should provide a mechanism whereby its 
    governing body will evolve to reflect changes in the constituency of 
    Internet stakeholders. The new corporation should establish an open 
    process for the presentation of petitions to expand board 
    representation.
        In performing the functions listed above, the new corporation will 
    act much like a standard-setting body. To the extent that the new 
    corporation operates in an open and pro-competitive manner, its actions 
    will withstand antitrust scrutiny. Its standards should be reasonably 
    based on, and no broader than necessary to promote its legitimate 
    coordinating objectives. Under U.S. law, a standard-setting body can 
    face antitrust liability if it is dominated by an economically 
    interested entity, or if standards are set in secret by a few leading 
    competitors. But appropriate processes and structure will minimize the 
    possibility that the body's actions will be, or will appear to a court 
    to be, anti-competitive.
    
    B. The Competitive Functions
    
        The system for registering second-level domain names and the 
    management of the TLD registries should become competitive and market-
    driven.
        In this connection, we distinguish between registries and 
    registrars. A ``registry,'' as we use the term, is responsible for 
    maintaining a TLD's zone files, which contain the name of each SLD in 
    that TLD and each SLD's corresponding IP number. Under the current 
    structure of the Internet, a given TLD can have no more than one 
    registry. A ``registrar'' acts as an interface between domain-name 
    holders and the registry, providing registration and value-added 
    services. It submits to the registry zone file information and other 
    data (including contact information) for each of its customers in a 
    single TLD. Currently, NSI acts as both the exclusive registry and as 
    the exclusive registrar for .com, .net, .org, and .edu.
        Both registry and registrar functions could be operated on a 
    competitive basis. Just as NSI acts as the registry for .com, .net, and 
    .org, other companies could manage registries with different TLDs such 
    as .vend or .store. Registrars could provide the service of obtaining 
    domain names for customers in any gTLD. Companies that design Web sites 
    for customers might, for example, provide registration as an adjunct to 
    other services. Other companies may perform this function as a stand-
    alone business.
        There appears to be strong consensus that, at least at this time, 
    domain name
    
    [[Page 8829]]
    
    registration--the registrar function--should be competitive. There is 
    disagreement, however, over the wisdom of promoting competition at the 
    registry level.
        Some have made a strong case for establishing a market-driven 
    registry system. Competition among registries would allow registrants 
    to choose among TLDs rather than face a single option. Competing TLDs 
    would seek to heighten their efficiency, lower their prices, and 
    provide additional value-added services. Investments in registries 
    could be recouped through branding and marketing. The efficiency, 
    convenience, and service levels associated with the assignment of names 
    could ultimately differ from one TLD registry to another. Without these 
    types of market pressures, they argue, registries will have very little 
    incentive to innovate.
        Others feel strongly, however, that if multiple registries are to 
    exist, they should be undertaken on a not-for-profit basis. They argue 
    that lack of portability among registries (that is, the fact that users 
    cannot change registries without adjusting at least part of their 
    domain name string) could create lock-in problems and harm consumers. 
    For example, a registry could induce users to register in a top-level 
    domain by charging very low prices initially and then raise prices 
    dramatically, knowing that name holders will be reluctant to risk 
    established business by moving to a different top-level domain.
        We concede that switching costs and lock-in could produce the 
    scenario described above. On the other hand, we believe that market 
    mechanisms may well discourage this type of behavior. On balance, we 
    believe that consumers will benefit from competition among market 
    oriented registries, and we thus support limited experimentation with 
    competing registries during the transition to private sector 
    administration of the domain name system.
    
    C. The Creation of New gTLDs
    
        Internet stakeholders disagree about who should decide when a new 
    top-level domain can be added and how that decision should be made. 
    Some believe that anyone should be allowed to create a top-level domain 
    registry. They argue that the market will decide which will succeed and 
    which will not. Others believe that such a system would be too chaotic 
    and would dramatically increase customer confusion. They argue that it 
    would be far more complex technically, because the root server system 
    would have to point to a large number of top-level domains that were 
    changing with great frequency. They also point out that it would be 
    much more difficult for trademark holders to protect their trademarks 
    if they had to police a large number of top-level domains.
        All these arguments have merit, but they all depend on facts that 
    only further experience will reveal. At least in the short run, a 
    prudent concern for the stability of the system requires that expansion 
    of gTLDs proceed at a deliberate and controlled pace to allow for 
    evaluation of the impact of the new gTLDs and well-reasoned evolution 
    of the domain space. The number of new top-level domains should be 
    large enough to create competition among registries and to enable the 
    new corporation to evaluate the functioning, in the new environment, of 
    the root server system and the software systems that enable shared 
    registration. At the same time, it should not be so large as to 
    destabilize the Internet.
        We believe that during the transition to private management of the 
    DNS, the addition of up to five new registries would be consistent with 
    these goals. At the outset, we propose that each new registry be 
    limited to a single top-level domain. During this period, the new 
    corporation should evaluate the effects that the addition of new gTLDs 
    have on the operation of the Internet, on users, and on trademark 
    holders. After this transition, the new corporation will be in a better 
    position to decide whether or when the introduction of additional gTLDs 
    is desirable.
        Individual companies and consortia alike may seek to operate 
    specific generic top-level domains. Competition will take place on two 
    levels. First, there will be competition among different generic top-
    level domains. Second, registrars will compete to register clients into 
    these generic top-level domains. By contrast, existing national 
    registries will continue to administer country-code top-level domains 
    if these national government seek to assert those rights. Changes in 
    the registration process for these domains are up to the registries 
    administering them and their respective national governments.
        Some have called for the creation of a more descriptive system of 
    top-level domains based on industrial classifications or some other 
    easy to understand schema. They suggest that having multiple top-level 
    domains is already confusing and that the addition of new generic TLDs 
    will make it more difficult for users to find the companies they are 
    seeking.
        Market driven systems result in innovation and greater consumer 
    choice and satisfaction in the long run. We expect that in the future, 
    directory services of various sorts will make it easy for users to find 
    the sites they seek regardless of the number of top-level domains. 
    Attempts to impose too much central order risk stifling a medium like 
    the Internet that is decentralized by nature and thrives on freedom and 
    innovation.
    
    D. The Trademark Dilemma
    
        It is important to keep in mind that trademark/domain name disputes 
    arise very rarely on the Internet today. NSI, for example, has 
    registered millions of domain names, only a tiny fraction of which have 
    been challenged by a trademark owner. But where a trademark is 
    unlawfully used as a domain name, consumers may be misled about the 
    source of the product or service offered on the Internet, and trademark 
    owners may not be able to protect their rights without very expensive 
    litigation.
        For cyberspace to function as an effective commercial market, 
    businesses must have confidence that their trademarks can be protected. 
    On the other hand, management of the Internet must respond to the needs 
    of the Internet community as a whole, and not trademark owners 
    exclusively. The balance we strike is to provide trademark holders with 
    the same rights they have in the physical world, to ensure 
    transparency, to guarantee a dispute resolution mechanism with resort 
    to a court system, and to add new top-level domains carefully during 
    the transition to private sector coordination of the domain name 
    system.
        There are certain steps that could be taken in the application 
    process that would not be difficult for an applicant, but that would 
    make the trademark owner's job easier. For instance, gTLD registrants 
    could supply basic information--including the applicant's name and 
    sufficient contact information to be able to locate the applicant or 
    its representative. To deter the pirating of domain names, the registry 
    could also require applicants to certify that it knows of no entity 
    with superior rights in the domain name it seeks to register.
        The job of policing trademarks could be considerably easier if 
    domain name databases were readily searchable through a common 
    interface to determine what names are registered, who holds those 
    domain names, and how to contact a domain name holder. Many trademark 
    holders find the current registration search tool, who is, too limited 
    in its functioning to be effective for this purpose. A more robust and 
    flexible search tool, which features multiple field or string searching 
    and retrieves similar names, could be
    
    [[Page 8830]]
    
    employed or developed to meet the needs of trademark holders. The 
    databases also could be kept up to date by a requirement that domain 
    name registrants maintain up-to-date contact information.
        Mechanisms that allow for on-line dispute resolution could provide 
    an inexpensive and efficient alternative to litigation for resolving 
    disputes between trademark owners and domain name registrants. A swift 
    dispute resolution process could provide for the temporary suspension 
    of a domain name registration if an adversely affected trademark holder 
    objects within a short time, e.g. 30 days, of the initial registration. 
    We seek comment on whether registries should be required to resolve 
    disputes within a specified period of time after an opposition is 
    filed, and if so, how long that period should be.
        Trademark holders have expressed concern that domain name 
    registrants in faraway places may be able to infringe their rights with 
    no convenient jurisdiction available in which the trademark owner could 
    file suit to protect those rights. At the time of registration, 
    registrants could agree that, in the event of a trademark dispute 
    involving the name registered, jurisdiction would lie where the 
    registry is domiciled, where the registry database in maintained, or 
    where the ``A'' root server is maintained. We seek comment on this 
    proposal, as well as suggestions for how such jurisdictional provisions 
    could be implemented.
        Trademark holders have also called for the creation of some 
    mechanism for ``clearing'' trademarks, especially famous marks, across 
    a range of gTLDs. Such mechanisms could reduce trademark conflict 
    associated with the addition of new gTLDs. Again, we seek comment on 
    this proposal, and suggested mechanisms for trademark clearance 
    processes.
        We stop short of proposals that could significantly limit the 
    flexibility of the Internet, such as waiting periods or not allowing 
    any new top-level domains.
        We also do not propose to establish a monolithic trademark dispute 
    resolution process at this time, because it is unclear what system 
    would work best. Even trademark holders we have consulted are divided 
    on this question. Therefore, we propose that each name registry must 
    establish minimum dispute resolution and other procedures related to 
    trademark considerations. Those minimum procedures are spelled out in 
    Appendix 2. Beyond those minimums, registries would be permitted to 
    establish additional trademark protection and trademark dispute 
    resolution mechanisms.
        We also propose that shortly after their introduction into the 
    root, a study be undertaken on the effects of adding new gTLDs and 
    related dispute resolution procedures on trademark and intellectual 
    property right holders. This study should be conducted under the 
    auspices of a body that is internationally recognized in the area of 
    dispute resolution procedures, with input from trademark and domain 
    name holders and registries. The findings of this study should be 
    submitted to the board of the new corporation and considered when it 
    makes decisions on the creation and introduction of new gTLDs. 
    Information on the strengths and weaknesses of different dispute 
    resolution procedures should also give the new corporation guidance for 
    deciding whether the established minimum criteria for dispute 
    resolution should be amended or maintained. Such a study could also 
    provide valuable input with respect to trademark harmonization 
    generally.
        U.S. trademark law imposes no general duty on a registrar to 
    investigate the propriety of any given registration.2 Under 
    existing law, a trademark holder can properly file a lawsuit against a 
    domain name holder that is infringing or diluting the trademark 
    holder's mark. But the law provides no basis for holding that a 
    registrar's mere registration of a domain name, at the behest of an 
    applicant with which it has an arm's-length relationship, should expose 
    it to liability.3 Infringers, rather than registrars, 
    registries, and technical management bodies, should be liable for 
    trademark infringement. Until case law is fully settled, however, 
    registries can expect to incur legal expenses in connection with 
    trademark disputes as a cost of doing business. These costs should not 
    be borne by the new not-for-profit corporation, and therefore 
    registries should be required to indemnify the new corporation for 
    costs incurred in connection with trademark disputes. The evolution of 
    litigation will be one of the factors to be studied by the group tasked 
    to review Internet trademark issues as the new structure evolves.
    ---------------------------------------------------------------------------
    
        \2\ See generally MDT Corp. v. New York Stock Exchange, 858 F. 
    Supp. 1028 (C.D. Calif. 1994).
        \3\ See Lockheed Martin Corp. v. Network Solutions, Inc., 1997 
    WL 721899 (C.D. Calif. 11/17/97); Panavision International v. 
    Toeppen, 1996 U.S. Dist. LEXIS 20744, 41 U.S.P.Q.2d 1310 (C.D. 
    Calif. 1996).
    ---------------------------------------------------------------------------
    
    E. The Intellectual Infrastructure Fund
    
        In 1995, NSF authorized NSI to assess new domain name registrants a 
    $50 fee per year for the first two years, 30 percent of which was to be 
    deposited in a fund for the preservation and enhancement of the 
    intellectual infrastructure of the Internet (the ``Intellectual 
    Infrastructure Fund'').
        In excess of $46 Million has been collected to date. In 1997, 
    Congress authorized the crediting of $23 Million of the funds collected 
    to the Research and Related Activities Appropriation of the National 
    Science Foundation to support the development of the Next Generation 
    Internet. The establishment of the Intellectual Infrastructure Fund 
    currently is the subject of litigation in the U.S. District Court for 
    the District of Columbia.
        As the U.S. government is seeking to end its role in the domain 
    name system, we believe the provision in the cooperative agreement 
    regarding allocation of a portion of the registration fee to the 
    Internet Intellectual Infrastructure Fund should terminate on April 1, 
    1998, the beginning of the ramp-down period of the cooperative 
    agreement.
    
    VII. The Transition
    
        A number of steps must be taken to create the system envisioned in 
    this paper.
        1. The new not-for-profit organization must be established and its 
    board chosen.
        2. The membership associations representing (1) registries and 
    registrars, and (2) Internet users, must be formed.
        3. An agreement must be reached between the U.S. government and the 
    current IANA on the transfer of IANA functions to the new organization.
        4. NSI and the U.S. government must reach agreement on the terms 
    and conditions of NSI's evolution into one competitor among many in the 
    registrar and registry marketplaces. A level playing field for 
    competition must be established.
        5. The new corporation must establish processes for determining 
    whether an organization meets the transition period criteria for 
    prospective registries and registrars.
        6. A process must be laid out for making the management of the root 
    server system more robust and secure, and, for transitioning that 
    management from U.S. government auspices to those of the new 
    corporation.
    
    A. The NSI Agreement
    
        The U.S. government will ramp down the NSI cooperative agreement 
    and phase it out by the end of September 1998. The ramp down agreement 
    with NSI should reflect the following terms and conditions designed to 
    promote competition in the domain name space.
    
    [[Page 8831]]
    
        1. NSI will effectively separate and maintain a clear division 
    between its current registry business and its current registrar 
    business. NSI will continue to operate .com, .net and .org but on a 
    fully shared-registry basis; it will shift operation of .edu to a not-
    for-profit entity. The registry will treat all registrars on a 
    nondiscriminatory basis and will price registry services according to 
    an agreed upon formula for a period of time.
        2. As part of the transition to a fully shared-registry system, NSI 
    will develop (or license) and implement the technical capability to 
    share the registration of its top-level domains with any registrar so 
    that any registrar can register domain names there in as soon as 
    possible, by a date certain to be agreed upon.
        3. NSI will give the U.S. government a copy and documentation of 
    all the data, software, and appropriate licenses to other intellectual 
    property generated under the cooperative agreement, for use by the new 
    corporation for the benefit of the Internet.
        4. NSI will turn over control of the ``A'' root server and the 
    management of the root server system when instructed to do so by the 
    U.S. government.
        5. NSI will agree to meet the requirements for registries and 
    registrars set out in Appendix 1.
    
    B. Competitive Registries, Registrars, and the Addition of New gTLDs
    
        Over the past few years, several groups have expressed a desire to 
    enter the registry or registrar business. Ideally, the U.S. government 
    would stay its hand, deferring the creation of a specific plan to 
    introduce competition into the domain name system until such time as 
    the new corporation has been organized and given an opportunity to 
    study the questions that such proposals raise. Should the transition 
    plan outlined below, or some other proposal, fail to achieve 
    substantial consensus, that course may well need to be taken.
        Realistically, however, the new corporation cannot be established 
    overnight. Before operating procedures can be established, a board of 
    directors and a CEO must be selected. Under a best case scenario, it is 
    unlikely that the new corporation can be fully operational before 
    September 30, 1998. It is our view, based on widespread public input, 
    that competition should be introduced into the DNS system more quickly.
        We therefore set out below a proposal to introduce competition into 
    the domain name system during the transition from the existing U.S. 
    government authority to a fully functioning coordinating body. This 
    proposal is designed only for the transition period. Once the new 
    corporation is formed, it will assume authority over the terms and 
    conditions for the admission of new top-level domains.
    Registries and New gTLDs
        This proposal calls for the creation of up to five new registries, 
    each of which would be initially permitted to operate one new gTLD. As 
    discussed above, that number is large enough to provide valuable 
    information about the effects of adding new gTLDs and introducing 
    competition at the registry level, but not so large as to threaten the 
    stability of the Internet during this transition period. In order to 
    designate the new registries and gTLDs, IANA must establish equitable, 
    objective criteria and processes for selecting among a large number of 
    individuals and entities that want to provide registry services. 
    Unsuccessful applicants will be disappointed.
        We have examined a number of options for recognizing the 
    development work already underway in the private sector. For example, 
    some argue for the provision of a ``pioneer preference'' or other grand 
    fathering mechanism to limit the pool of would-be registrants to those 
    who, in response to previous IANA requests, have already invested in 
    developing registry businesses. While this has significant appeal and 
    we do not rule it out, it is not an easy matter to determine who should 
    be in that pool. IANA would be exposed to considerable liability for 
    such determinations, and required to defend against charges that it 
    acted in an arbitrary or inequitable manner. We welcome suggestions as 
    to whether the pool of applicants should be limited, and if so, on what 
    basis.
        We propose, that during the transition, the first five entities 
    (whether from a limited or unlimited pool) to meet the technical, 
    managerial, and site requirements described in Appendix 1 will be 
    allowed to establish a domain name registry. The IANA will engage 
    neutral accounting and technical consultancy firms to evaluate a 
    proposed registry under these criteria and certify an applicant as 
    qualified. These registries may either select, in order of their 
    qualification, from a list of available gTLDs or propose another gTLD 
    to IANA. (We welcome suggestions on the gTLDs that should be 
    immediately available and would propose a list based on that input, as 
    well as any market data currently available that indicates consumer 
    interest in particular gTLDs.)
        The registry will be permitted to provide and charge for value-
    added services, over and above the basic services provided to 
    registrars. At least at this time, the registry must, however, operate 
    on a shared registry basis, treating all registrars on a 
    nondiscriminatory basis, with respect to pricing, access and rules. 
    Each TLD's registry should be equally accessible to any qualified 
    registrar, so that registrants may choose their registrars 
    competitively on the basis of price and service. The registry will also 
    have to agree to modify its technical capabilities based on protocol 
    changes that occur in Internet technology so that interoperability can 
    be preserved. At some point in the future, the new organization may 
    consider the desirability of allowing the introduction of non-shared 
    registries.
    Registrars
        Any entity will be permitted to provide registrar services as long 
    as it meets the basic technical, managerial, and site requirements as 
    described in Appendix 1 of this paper. Registrars will be allowed to 
    register clients into any top-level domain for which the client 
    satisfies the eligibility rules, if any.
    
    C. The Root Server System
    
        IANA and the U.S. government, in cooperation with NSI, the IAB, and 
    other relevant organizations will undertake a review of the root server 
    system to recommend means to increase the security and professional 
    management of the system. The recommendations of the study should be 
    implemented as part of the transition process to the new corporation.
    
    D. The .us Domain
    
        At present, the IANA administers .us as a locality based hierarchy 
    in which second-level domain space is allocated to states and US 
    territories.4 This name space is further subdivided into 
    localities. General registration under localities is performed on an 
    exclusive basis by private firms that have requested delegation from 
    IANA. The .us name space has typically been used by branches of state 
    and local governments, although some commercial names have been 
    assigned. Where registration for a locality has not been delegated, the 
    IANA itself serves as the registrar.
    ---------------------------------------------------------------------------
    
        \4\ Management principles for the .us domain space are set forth 
    in Internet RFC 1480, (http://www.isi.edu/in-notes/rfc1480.txt)
    ---------------------------------------------------------------------------
    
        Some in the Internet community have suggested that the pressure for 
    unique identifiers in the .com gTLD could be relieved if commercial use 
    of the .us space was encouraged. Commercial
    
    [[Page 8832]]
    
    users and trademark holders, however, find the current locality-based 
    system too cumbersome and complicated for commercial use. Expanded use 
    of the .us TLD could alleviate some of the pressure for new generic 
    TLDs and reduce conflicts between American companies and others vying 
    for the same domain name.
        Clearly, there is much opportunity for enhancing the .us domain 
    space, and the .us domain could be expanded in many ways without 
    displacing the current geopolitical structure. Over the next few 
    months, the U.S. government will work with the private sector and state 
    and local governments to determine how best to make the .us domain more 
    attractive to commercial users. It may also be appropriate to move the 
    gTLDs traditionally reserved for U.S. government use (i.e. .gov and 
    .mil), into a reformulated .us ccTLD.
        The U.S. government will further explore and seek public input on 
    these issues through a separate Request for Comment on the evolution of 
    the .us name space. However, we welcome any preliminary comments at 
    this time.
    
    E. The Process
    
        The U.S. government recognizes that its unique role in the Internet 
    domain name system should end as soon as is practical. We also 
    recognize an obligation to end this involvement in a responsible manner 
    that preserves the stability of the Internet. We cannot cede authority 
    to any particular commercial interest or any specific coalition of 
    interest groups. We also have a responsibility to oppose any efforts to 
    fragment the Internet, as this would destroy one of the key factors--
    interoperability--that has made the Internet so successful.
        Our goal is to seek as strong a consensus as possible so that a 
    new, open, and accountable system can emerge that is legitimate in the 
    eyes of all Internet stakeholders. It is in this spirit that we present 
    this paper for discussion.
    
    VIII. Other Information
    
    Executive Order 12866
    
        This proposal has been determined not to be significant under 
    section 3(f) of Executive Order 12866.
    
    Executive Order 12612
    
        This rule does not contain policies with Federalism implications 
    sufficient to warrant preparation of a Federalism assessment under 
    Executive Order 12612.
    
    Regulatory Flexibility Act
    
        The Assistant General Counsel for Legislation and Regulation of the 
    Department of Commerce certified to the Chief Counsel for Advocacy, the 
    Small Business Administration that this proposed rule, if adopted, 
    would not have a significant economic impact on a substantial number of 
    small entities as follows:
        We believe that the overall effect of the proposal will be highly 
    beneficial. No negative effects are envisioned at this time. In fact, 
    businesses will enjoy a reduction in the cost of registering domain 
    names as a result of this proposal. In 1995, the National Science 
    Foundation authorized a registration fee of $50 per year for the first 
    two years, 30 percent of which was to be deposited in a fund for the 
    preservation and enhancement of the intellectual infrastructure of the 
    Internet (the ``Intellectual Infrastructure Fund''). The proposal seeks 
    to terminate the agreement to earmark a portion of the registration fee 
    to the Intellectual Infrastructure Fund. We also believe that a 
    competitive registration system will lead to reduced fees in 
    registering domain names.
        The proposal is pro-competitive because it transfers the current 
    system of domain name registration to a market-driven registry system. 
    Moreover, as the Internet becomes more important to commerce, 
    particularly small businesses, it is crucial that a more formal and 
    robust management structure be implemented. As the commercial value of 
    Internet names increases, decisions regarding the addition of new top-
    level domains should be formal, certain, and accountable to the 
    Internet community. For example, presently, mechanisms for resolving 
    disputes between trademark holders and domain name holders are 
    expensive and cumbersome. The proposal requires each name registry to 
    establish an inexpensive and efficient dispute resolution system as 
    well as other procedures related to trademark consideration.
        The U.S. government would gradually transfer existing Internet 
    Assigned Numbers Authority (IANA) functions, the root system and the 
    appropriate databases to a new not-for-profit corporation by September 
    30, 1998. The U.S. government would, however, participate in policy 
    oversight to assure stability until the new corporation is established 
    and stable, phasing out completely no later than September 30, 2000. 
    Accordingly, the transition period would afford the U.S. government an 
    opportunity to determine if the structure of the new corporation 
    negatively impacts small entities. Moreover, the corporation would be 
    headquartered in the U.S. and incorporated under U.S. law. Accordingly, 
    the corporation would be subject to antitrust scrutiny if dominated by 
    economically interested entities, or if its standards are established 
    by a few leading competitors.
        As a result, no initial regulatory flexibility analysis has been 
    prepared.
    
    Paperwork Reduction Act
    
        This rule does not contain information collection requirements 
    subject to the provisions of the Paperwork Reduction Act.
    Kathy Smith,
    Acting Deputy Assistant Secretary for Communications and Information.
    
    Appendix 1--Recommended Registry and Registrar Requirements
    
        In order to ensure the stability of the Internet's domain name 
    system, protect consumers, and preserve the intellectual property 
    rights of trademark owners, all registries of generic top-level 
    domain names must meet the set of technical, managerial, and site 
    requirements outlined below. Only prospective registries that meet 
    these criteria will be allowed by IANA to register their gTLD in the 
    ``A'' server. If, after it begins operations, a registry no longer 
    meets these requirements, IANA may transfer management of the domain 
    names under that registry's gTLD to another organization.
        Independent testing, reviewing, and inspection called for in the 
    requirements for registries should be done by appropriate certifying 
    organizations or testing laboratories rather than IANA itself, 
    although IANA will define the requirements and the procedures for 
    tests and audits.
        These requirements apply only to generic TLDs. They will apply 
    to both existing gTLDs (e.g., .com, .edu., .net, .org) and new 
    gTLDs. Although they are not required to, we expect many ccTLD 
    registries and registrars may wish to assure their customers that 
    they meet these requirements or similar ones.
        Registries will be separate from registrars and have only 
    registrars as their customers. If a registry wishes to act both as 
    registry and registrar for the same TLD, it must do so through 
    separate subsidiaries. Appropriate accounting and confidentiality 
    safeguards shall be used to ensure that the registry subsidiary's 
    business is not utilized in any manner to benefit the registrar 
    subsidiary to the detriment of any other registrar.
        Each top-level domain (TLD) database will be maintained by only 
    one registry and, at least initially, each new registry can host 
    only one TLD.
    
    Registry Requirements
    
        1. An independently-tested, functioning Database and 
    Communications System that:
        a. Allows multiple competing registrars to have secure access 
    (with encryption and authentication) to the database on an equal 
    (first-come, first-served) basis.
    
    [[Page 8833]]
    
        b. Is both robust (24 hours per day, 365 days per year) and 
    scalable (i.e., capable of handling high volumes of entries and 
    inquiries).
        c. Has multiple high-throughput (i.e., at least T1) connections 
    to the Internet via at least two separate Internet Service 
    Providers.
        d. Includes a daily data backup and archiving system.
        e. Incorporates a record management system that maintains copies 
    of all transactions, correspondence, and communications with 
    registrars for at least the length of a registration contract.
        f. Features a searchable, on-line database meeting the 
    requirements of Appendix 2.
        g. Provides free access to the software and customer interface 
    that a registrar would need to register new second-level domain 
    names.
        h. An adequate number (perhaps two or three) of globally-
    positioned zone-file servers connected to the Internet for each TLD.
        2. Independently-reviewed Management Policies, Procedures, and 
    Personnel including:
        a. Alternate (i.e., non-litigation) dispute resolution providing 
    a timely and inexpensive forum for trademark-related complaints. 
    (These procedures should be consistent with applicable national laws 
    and compatible with any available judicial or administrative 
    remedies.)
        b. A plan to ensure that the registry's obligations to its 
    customers will be fulfilled in the event that the registry goes out 
    of business. This plan must indicate how the registry would ensure 
    that domain name holders will continue to have use of their domain 
    name and that operation of the Internet will not be adversely 
    affected.
        c. Procedures for assuring and maintaining the expertise and 
    experience of technical staff.
        d. Commonly-accepted procedures for information systems security 
    to prevent malicious hackers and others from disrupting operations 
    of the registry.
        3. Independently inspected Physical Sites that feature:
        a. A backup power system including a multi-day power source.
        b. A high level of security due to twenty-four-hour guards and 
    appropriate physical safeguards against intruders.
        c. A remotely-located, fully redundant and staffed twin facility 
    with ``hot switchover'' capability in the event of a main facility 
    failure caused by either a natural disaster (e.g., earthquake or 
    tornado) or an accidental (fire, burst pipe) or deliberate (arson, 
    bomb) man-made event. (This might be provided at, or jointly 
    supported with, another registry, which would encourage 
    compatibility of hardware and commonality of interfaces.)
    
    Registrar Requirements
    
        Registries will set standards for registrars with which they 
    wish to do business. The following are the minimal qualifications 
    that IANA should mandate that each registry impose and test or 
    inspect before allowing a registrar to access its database(s). Any 
    additional requirements imposed by registries on registrars must be 
    approved by IANA and should not affect the stability of the Internet 
    or substantially reduce competition in the registrar business. 
    Registries may refuse to accept registrations from registrars that 
    fail to meet these requirements and may remove domain names from the 
    registries if at a later time the registrar which registered them no 
    longer meets the requirements for registrars.
        1. A functioning Database and Communications System that 
    supports:
        a. Secure access (with encryption and authentication) to the 
    registry.
        b. Robust and scalable operations capable of handling moderate 
    volumes.
        c. Multiple connections to the Internet via at least two 
    Internet Service Providers.
        d. A daily data backup and archival system.
        e. A record management system that maintains copies of all 
    transactions, correspondence, and communications with all registries 
    for at least the length of a registration contract.
        2. Management Policies, Procedures, and Personnel including:
        a. A plan to ensure that the registrar's obligations to its 
    customers and to the registries will be fulfilled in the event that 
    the registrar goes out of business. This plan must indicate how the 
    registrar would ensure that domain name holders will continue to 
    have use of their domain name and that operation of the Internet 
    will not be adversely affected.
        b. Commonly-accepted procedures for information systems security 
    to prevent malicious hackers and others from disrupting operations.
        3. Independently inspected Physical Sites that features:
        a. A backup power system.
        b. A high level of security due to twenty-four-hour guards and 
    appropriate physical safeguards against intruders.
        c. Remotely-stored backup files to permit recreation of customer 
    records.
    
    Appendix 2--Minimum Dispute Resolution and Other Procedures Related to 
    Trademarks
    
        1. Minimum Application Requirements.
        a. Sufficient owner and contact information (e.g., names, mail 
    address for service of process, e-mail address, telephone and fax 
    numbers, etc.) to enable an interested party to contact either the 
    owner/applicant or its designated representative; and a
        b. Certification statement by the applicant that:
    
    --It is entitled to register the domain name for which it is 
    applying and knows of no entity with superior rights in the domain 
    name; and
    --It intends to use the domain name.
    
        2. Searchable Database Requirements.
        a. Utilizing a simple, easy-to-use, standardized search 
    interface that features multiple field or string searching and the 
    retrieval of similar names, the following information must be 
    included in all registry databases, and available to anyone with 
    access to the Internet:
    
    --Up-to-date ownership and contact information;
    --Up-to-date and historical chain of title information for the 
    domain name;
    --A mail address for service of process;
    --The date of the domain name registration; and
    --The date an objection to registration of the domain name was 
    filed.
    
        3. Updated Ownership, Contact and Use Information.
        a. At any time there is a change in ownership, the domain name 
    owner must submit the following information:
    
    --Up-to-date contact and ownership information; and
    --A description of how the owner is using the domain name, or, if 
    the domain name is not in use, a statement to that effect.
    
        4. Alternative Dispute Resolution of Domain Name Conflicts.
        a. There must be a readily available and convenient dispute 
    resolution process that requires no involvement by registrars.
        b. Registries/Registrars will abide by the decisions resulting 
    from an agreed upon dispute resolution process or by the decision of 
    a court of competent jurisdiction.
        If an objection to registration is raised within 30 days after 
    registration of the domain name, a brief period of suspension during 
    the pendency of the dispute will be provided by the registries.
    
    [FR Doc. 98-4200 Filed 2-19-98; 8:45 am]
    BILLING CODE 3510-60-P
    
    
    

Document Information

Published:
02/20/1998
Department:
National Telecommunications and Information Administration
Entry Type:
Proposed Rule
Action:
Proposed rule; request for public comment.
Document Number:
98-4200
Dates:
Comments must be received by March 23, 1998.
Pages:
8826-8833 (8 pages)
Docket Numbers:
Docket No. 980212036-8036-01
RINs:
0660-AA11: Improvement of Technical Management of Internet Names and Addresses
RIN Links:
https://www.federalregister.gov/regulations/0660-AA11/improvement-of-technical-management-of-internet-names-and-addresses
PDF File:
98-4200.pdf
CFR: (1)
15 CFR None