[Chapter-delegates] ISOC England Chapter Statement regarding direct.uk consultation

Olivier MJ Crepin-Leblond ocl at gih.com
Tue Jan 8 03:38:44 PST 2013 

Dear ISOC Chapter leaders,

Nominet has recently conducted a consultation on a proposal involving
registration of domains directly at the second level, thus changing the
current system of having a limited second level set of domains and
allowing registration at third level.
The proposals go further than this change: they are linked to proposals
for the new second level domains to be somehow certified and certify
content under those domains, which is a big change to the function of a
Registry.
Proposals are found here:
http://www.nominet.org.uk/sites/default/files/Nominet_FINAL_electronic_form3_0.pdf

This might be a landmark proposal since other ccTLD operators might wish
to propose a similar service. Please note the "ccTLD" - Country Code Top
Level Domain, which is different in status and function to the "gTLD" -
Generic TLD.

With the importance of this issue being so high, ISOC England has
encouraged its members to provide input for a consolidated statement
from ISOC England to be submitted to the consultation process. The
member consultation took a month; a final statement was drafted and
finally submitted yesterday. The Web page which holds a copy of the
statement includes a comment box which allows our members to support or
show their disapproval (in some cases) the Statement, in addition to the
statement having been drafted directly from member input.

Please be so kind to find the statement appended in the message below.

I would like to thank the ISOC England Leadership Team for the help in
drafting this with Christian de Larrinaga in particular having been a
very strong co-pen-holder.

I am sharing this with you here since it might be of interest in future
consultations.

Kind regards,

Olivier MJ Crépin-Leblond
ISOC England Chair


-------- Original Message --------
Subject: 	ISOC England Chapter Statement regarding direct.uk consultation
Date: 	Mon, 07 Jan 2013 18:25:09 +0100
From: 	ISOC England <contact at isoc-e.org>
To: 	direct.uk <direct at nominet.org.uk>
CC: 	ISOC England <contact at isoc-e.org>



Dear Sir/Madam,

please be so kind to find below the comments from the English Chapter of
the Internet Society, on the Nominet Consultation for direct.uk .
Publication of this Statement is found on our Web Site:
http://www.isoc-e.org/uk-sld/

Warm regards,

Olivier MJ Crépin-Leblond
ISOC England Chair
contact at isoc-e.org




STATEMENT OF THE INTERNET SOCIETY ENGLAND CHAPTER


The English Chapter of the Internet Society (www.internetsociety.org.uk
<http://www.internetsociety.org.uk>) thanks the members, board and staff
of Nominet UK for the invitation to comment on their important proposal
for substantial changes to the management of the UK domain name system
known as direct.uk.

The Society has conducted a consultation of its own members which is
summarised below.


Summary

In this paper we shall be touching on the following:


  * Double registration of domains
  * Trademark Issues
  * Loss of Hierarchy
  * Is .uk in UK?
  * Lack of justification for proposal
  * Operational Risk
  * DNSSEC Adoption
  * Legality under Digital Economy Act 2010
  * Second level UK Domain Policy



Double-registering of domain name space

Some members think direct.uk has the potential for making domain names
shorter.

However there is considerable concern that current holders of .co.uk and
.xx.uk (where xx is a second level domain) are affected negatively in
two ways:

Legitimate added value of active domains can be affected negatively. For
registrants, this introduces a need to register a second level domain
themselves for an additional fee, should they wish to safeguard their
invested trade.

This is seen very negatively as being motivated by Nominet looking to
sell more domain
names to organisations having already registered under .uk via the
current second level domains.

Secondly, registrants of active .co.uk domains have invested in their
online branding, search engine listings and other directory services.
Some search engines prioritise listings by keywords found in domain
names under higher levels of the domain name system, i.e. second level
before third level.

As commercial entities they are likely to view entries in direct.uk as
potential passing off opportunities and will wish to register themselves
in direct.uk as well. Those who succeed will end up paying twice for no
added benefit compared to prior to introduction of direct .uk
registrations. Those who do not register under direct.uk will end up
risking confusion in their online brand.


Trademark Issues

How will Nominet ensure trademarks are managed for direct.uk, in
particular where there are trademarks across different classes held by
different entities with one holding the mark in .co.uk and others
wishing to register in direct.uk?


Loss of Hierarchy

Concerns are being raised that the UK Namespace which until now is well
ordered with second level domains (such as .org.uk, .gov.uk, .ac.uk,
.co.uk etc. ) representing distinctive communities will lose the ability
to discern whether a domain originated from an educational
establishment, government or a company as the current second level
domain service indicates. This blurring of lines was seen as not
favouring the public interest.

But with proposed direct.uk second level domains looking to have special
security status, the clear hierarchy appears to be reversed - the non-
hierarchical name-space being counter-intuitively marketed as "better"
protected. How will direct.uk distinguish security policies for SLDs
from new direct domains so that the market is not confused in the UK or
internationally?


Is .uk in UK?

While recognising the urgency of the need to give greater confidence
that the use of .uk means that the registrant is subject to UK law, the
status today is that residency of .uk services cannot be determined.
Clearly some work needs to be done in order to clarify this situation.
 ISOC England is willing to work with interested parties into future
consultations to explore and establish potential solutions for this matter.

In the meantime, it is widely believed even by a "security expert" on
the BBC Today Program in late November 2012 that a .uk domain means the
site is in the UK.

The uncertainty this imposes on users suggests there is a need to give
greater confidence of what jurisdiction a service using .uk is
operating. Direct uk does not appear to offer a solution to this issue.

How can Nominet correct this false impression for .uk when it is promoting
direct.uk domains as having a UK physical contact address but with no
guarantee of UK resident Internet services? Can Nominet explain how a
postal mail PIN delivery process adds value for direct.uk domains and
will not continue to confuse the market? Will users really distinguish
between the values of a .co.uk? a .ltd.uk and a direct.uk domain?


Lack of justification for proposal

Nominet has not justified why direct registrations under .uk are needed.
The security mechanisms could just as easily be provided under a new or
existing SLD such as ltd.uk or plc.uk which are both low volume and
limited community managed zones.


Operational Risk

Is it the role of a ccTLD operator to offer such services as malware
scanning on third party networks and so forth?

Nominet has not shown why as a ccTLD operator it should be both
delegated authority for domain of .uk AND the regulator of the .uk
Register AND now add further roles in regulating content and services of
devices on other networks which may resolve for direct.uk domains as
well as others.

DNS resolution is a best effort service on the Internet. However malware
scanning of third party devices implies quality of service metrics and
so could be open to substantial risk of damages. Such damages could
arise from any part of the world, from users, from registrars, from
network operators, from registrants or service providers. It could arise
from faulty scans, damage caused by scans or where scans were
legitimately blocked by local providers and expectations of users of
"security" were falsely raised.

Risk of legal action from non best effort services would be a
substantial change in the business model and Risk for .uk.

We should note that the increase in risk from litigation for damages
from anywhere in the world could be so substantial as to weaken the
robustness of the .uk Domain Name System as a whole including existing SLDs.

How can Nominet justify adding such unquantifiable risks within the
operations of a private sector entity operating as a ccTLD registry for
the UK?


DNSSEC Adoption

Security of the .uk domain space and its reputation can be improved
substantially through the adoption of DNSSEC. In 2010 the Nominet board
signed .uk on behalf of all .uk but into 2013 take up by service
providers, registrars, and users remains low.

More work and investment is needed in the UK to seed research and
services to improve awareness, tools, training and infrastructure
support for DNSSEC for all .uk domains.

The opportunity exists to expand security for all .uk domains using
DNSSEC and it is questionable policy to restrict emphasis for security
to direct.uk domains.

How will the direct.uk project avoid being a distraction to a key
priority of promoting DNSSEC security services for all .uk domains?


Compatibility with Digital Economy Act 2010

Would Nominet's proposed move to make registrations directly under .uk
make implementation of the Digital Economy Act 2010 Sections 19, 20 and
21 by the Government more complicated and costly?

http://www.legislation.gov.uk/ukpga/2010/24/crossheading/powers-in-relation-to-internet-domain-registries


Second level UK Domain Policy

direct.uk has put current SLD policy as of March 2004 in disarray
irrespective of outcome of consultation.
http://www.uksld.org.uk/page/procedure.html


It is not clear following direct.uk proposal how community-led SLDs are
intended to be established and function under .uk going forward.

As a reminder:

.co.uk, .ltd.uk, .me.uk, .net.uk, .nic.uk, .org.uk, .plc.uk and .sch.uk
are managed by Nominet UK.
.gov.uk, .mil.uk, .ac.uk, .mod.uk, .nhs.uk, .parliament.uk, .police.uk,
.bl.uk, .british-library.uk, .jet.uk and .nls.uk are not.


Implementation Phase

Some contributions from ISOC England members make suggestions about
implementation phase - and these may be premature. One example is for
the direct.uk proposal to preserve the rights of the current .co.uk
users by providing the second level domain registration at a discounted
cost-recovery basis fee to current holders of the third level
registrations. Alternatively, current third level registrations could be
kept in a "reserved" list so as for second level registrations to  avoid
clashing.

Should direct .uk move towards implementation, the complexity and
uncertainties so far raised indicate that a fresh outreach consultation
will be needed.


Conclusion

In conclusion, the English chapter of the Internet Society urges caution
regarding the direct.uk proposals. In the absence of  consensus for
direct .uk and in view of the risk to stability of uk domain name system
the conclusion is NOT to implement direct .uk plans to shorten domains
as proposed.

Should the proposed security mechanisms be justified they could just as
easily be provided under a new or existing SLD such as ltd.uk or plc.uk
which are both low volume and limited community managed zones.This would
be more consistent with the well established management of the UK domain
name space.

Stability and Security of Internet services is an important priority for
users. The chapter would prefer enhanced support for the deployment of
core Internet protocols that can provide users across the whole of .uk
with improved security such as DNSSEC. The benefits of malware scanning
as proposed do not appear to be core to ccTLD operations nor likely to
be dependable for users.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20130108/ebad9598/attachment.htm>

More information about the Chapter-delegates mailing list