On 01-Apr-14 08:58, Andrew Sullivan wrote:

If there is some other reason that this external party is needed, I
don't understand it, so I'd like to be enlightened.

I support the need for oversight as well and should respond as to why.

First let look at what IANA is in its simplest expression, the one found
at the bottom of IANA pages:

From IANA.org footer

IANA is responsible for coordinating the Internet’s globally unique
identifiers, and is operated by the Internet Corporation for Assigned
Names and Numbers (ICANN).

It is already a separate function operated by ICANN. Or at least it is supposed to be, though the degree to which it is operating as functionally separate has not been analyzed.

It also needs to be remembered that this is a function which ICANN failed in its first attempt to capture the contract when it was last put out for tender. ICANN lost that bid because it did not present a solution for functional separation. I expect that functional separation is still an important concern. To me it seems as necessary, as it is difficult (the reason I advocate the possiblity of structural separation, but that is another topi )

This sort of separation between a primary client of a service and a service's operations for all its clients is a business norm in avoiding various forms of bureaucratic degeneration and corruption.

The requirement for Functional Separation from ICANN is one of my bases for believing that oversight is required post transition. Effective functional separation is impossible when the function becomes just one more department of the company and no longer under outside contract or oversight.

It is the reason I recommend oversight by a multistakeholder board made up of the clients of IANA services as well as the other stakeholders.

I recommend that, at least in the first phase of transition a IANA Stewardship Group , which operates under the ICANN umbrella but is independent in the same way that the IAB is independent of ISOC. I do not see this group as doing 'active oversight' in terms of operations.

Rather I see it as providing:

  • exception oversight when things go wrong, as they have periodically over the years
  • a place for appeals to be taken
  • the responsible party for any re-negotiation of MOUs that may be required.
  • ability to make financial decisions about IANA separate from any single client perspective.

I see its responsibilities as being narrowing focused on making sure that IANA can and does meet its SLAs. And I see it as having the responsibility to determine which if any new clients for registries it should accept in the future.

Giving this oversight function to ICANN confuses the roles and subordinates the functions of IANA to ICANN policy and political imperatives. There are no firewalls between units at ICANN, and its bottom-up architecture makes such firewalls inappropriate. Further ICANN unitary control of IANA is inappropriate as there needs to be separation of powers and responsibilities.

In some sense having one company control IANA is as bad as having one government control IANA.