

Icann bids to stop Iran web domain seizure - ca98am79
http://www.bbc.com/news/technology-28582478

======
jacquesm
So, all holders of subdomains of those ccTLDs should pay collectively for the
deeds of their country?

That's a pretty warped view of justice. ccTLDs are not 'assets' that you
should be able to seize but registries. Imagine trying to seize the land
registry of Iran or their registry of vehicles because Iran refuses to pay
some foreign entity.

This is an excellent illustration of why ICANN should be replaced by a system
that is distributed enough that nobody would ever think of even attempting to
do something like this ever again.

What a tremendously misguided lawsuit, even if we're not getting into the 'x
supported y and y did harm' part of the argument, which makes this even more
tenuous.

If everybody that suffered from the meddling of some country through indirect
sponsorship had a legitimate grievance and was given the power to shut down
some large chunk of the internet as a remedy in order to extract some amount
of money then that would open up a huge can of worms, .COM would be the first
to go.

~~~
M2Ys4U
>This is an excellent illustration of why ICANN should be replaced by a system
that is distributed enough that nobody would ever think of even attempting to
do something like this ever again.

Such as?

DNS is useful because it is authoritative. What would happen if two parts of
this 'distributed' ICANN disagreed on something? Different parts of the
internet would see a completely different state (e.g. who owns gov.uk?), Thus
rendering DNS effectively useless.

The only alternative I could see to ICANN being a US organisation is for it to
be given authority by treaty. And that would open up a whole other can of
worms. ICANN run like the ITU?

~~~
pantaril
>DNS is useful because it is authoritative. What would happen if two parts of
this 'distributed' ICANN disagreed on something? Different parts of the
internet would see a completely different state (e.g. who owns gov.uk?), Thus
rendering DNS effectively useless.

This problem can be solved in distributed system using bitcoin-like proof of
work scheme. If two parts of the network disagree, the bigger part is
considered right. Namecoin project is trying to implement distributed DNS
using this technique - [http://namecoin.info/](http://namecoin.info/) .

~~~
EGreg
Namecoin is one way. But why do you really need an authoritative registry?
Think about Google's Real Names policy. Who does it benefit? If I don't want
you to see my real name, why would I want you to find me by my real name? You
should be able to find me only through existing connections you already have
established in internet space.

If you want some authoritative distributed hash map, you can use namecoin like
you said. But think about why you actually need an authoritative registry.

Hyperlinks? The document embedding the hyperlink can also embed the IP number.
In fact, that's how the underlying IP routing system works. BGP isan
interesting target for spoofing as of late.

At the very least, a website wishing for others to find it by its domain name
should tell more than one registry, so there isn't a single point of failure.
In the trade-off between consistency and having no single point of failure,
you can think of the latter as failover or backup plan.

------
EthanHeilman
It is not just ccTLD, the writ of attachment applies to IP prefixes allocated
for Islamic Republic of Iran as well.

>But there are other possibilities, Darshan-Leitner said. “ICANN may decide
that it just isn’t worth their while to do business with Iran anymore, because
all the money coming in will go to the terror victims.” In that case, Darshan-
Leitner said, ICANN could “pull the plug” on Iran’s Internet, suspending use
of the .ir domain and disconnecting Iranian IP addresses from the web. Even if
ICANN decided not to do that, Shurat Hadin could demand an auction of the
Iranian Internet assets, arguing that it could realize more compensation money
that way – meaning that Iran would no longer be in control of its own
websites. [http://www.timesofisrael.com/israeli-us-terror-victims-
now-o...](http://www.timesofisrael.com/israeli-us-terror-victims-now-own-
irans-internet/)

>Plaintiffs hold several money judgments against the governments of Iran,
Syria and North Korea (collectively, the “defendants”). Plaintiffs endeavor,
with the Writs of Attachment, to attach the .IR, .SY and .KP country code top-
level domains (“ccTLDs”), related non-ASCII ccTLDs, and supporting IP
addresses (collectively, the “.IR, .SY and .KP ccTLDs”), all of whichrepresent
a space on the Internet for use by the citizens of Iran, Syria and North
Korea. - [https://www.icann.org/en/system/files/files/ben-haim-
motion-...](https://www.icann.org/en/system/files/files/ben-haim-motion-to-
quash-writs-1-29jul14-en.pdf)

~~~
kornholi
well, they can't really take away their IP space.

~~~
EthanHeilman
The could seize IP space using a security system, which began deployment three
years ago, called the RPKI[1].

If you use the RPKI to protect the internet against BGP attacks, you provide a
technical mechanism which governments, or other actors, could use to seize
addresses. I just presented a paper on this[2].

IP takedowns are a risk, the Iranian case is not the only example, for
instance RIPE was ordered to seize IP Space by a dutch court[3].

[1]:
[http://en.wikipedia.org/wiki/Resource_Public_Key_Infrastruct...](http://en.wikipedia.org/wiki/Resource_Public_Key_Infrastructure)

[2]: See paper "From the Consent of the Routed"
[http://www.cs.bu.edu/~goldbe/papers/RPKImanip.html](http://www.cs.bu.edu/~goldbe/papers/RPKImanip.html)

[3]: [http://www.internetgovernance.org/2013/08/09/court-says-
ripe...](http://www.internetgovernance.org/2013/08/09/court-says-ripe-ncc-has-
no-standing-in-ghostclick-case/)

------
beedogs
What an absolutely idiotic lawsuit. Why are they also asking for Syria and
North Korea? Have they been reading tired old G. W. Bush speeches about the
"Axis of Evil"?

------
anigbrowl
This sort of things is why countries traditionally have sovereign immunity.
Can't say I support the plaintiffs in this case.

~~~
tobltobs
"countries have sovereign immunity.", somebody should explain this concept to
the US.

------
BorisMelnik
In case anyone is wondering here is a good list of domains/servers based in
North Korea:

[http://www.northkoreatech.org/the-north-korean-website-
list/](http://www.northkoreatech.org/the-north-korean-website-list/)

------
nraynaud
It would be quite interesting to go after the .us in the name of the 100.000
victims in Iraq.

~~~
kghose
Nope, you have to go after Iran again, which is funding the terrorist groups
who did the bulk of the killing in Iraq (and still are).

~~~
nraynaud
The ones that Saddam was keeping at bay?

------
witty_username
This doesn't make any sense. Seizing top-level domains of a country because of
terrorism happening in it? Or is it because of state-sponsored terrorism?

~~~
nraynaud
It's part of a concerted push to go legally after everything with a link to
Palestine. There are lawyers going after every Arab owned house in Israel too,
looking for every mean to expel them legally: a typo in the property act, a
construction code problem, any detail is good. They are also going after the
arabic banks that provide assistance to victims of Israeli retaliations. If
someone in the family does anything against Israel, they destroy the family
houses without any legal process, and some arabic States are providing welfare
to those newly homeless families.

~~~
ars
Wrong country.

~~~
nraynaud
which one did I get wrong? they were injured in Jerusalem, and they are trying
to reach Iran through a connection with Hamas.

~~~
lclarkmichalek
They're trying to seize US based assets of Iran. That doesn't have much to do
with evictions in Jerusalem.

------
DominikR
What are they really trying to achieve? The creation of a "Western Block
Internet" by forcing all the others to create independent parallel structures?

That's what will happen, if they succeed in seizing these TLDs.

In effect, this would create a new Iron Curtain, but this time it'll be
initiated by our governments.

~~~
theandrewbailey
Unless I'm remembering history completely wrong, wasn't the other Iron Curtain
also initiated by governments?

~~~
DominikR
It wasn't initiated by our western governments, but by the Soviets.

This time it might be initiated by western governments, because the Chinese,
Russians and others wont accept TLD seizures at will by the US.

------
kijeda
Here is ICANN's actual filing:
[https://www.icann.org/en/system/files/files/ben-haim-
motion-...](https://www.icann.org/en/system/files/files/ben-haim-motion-to-
quash-writs-1-29jul14-en.pdf)

------
fpgeek
I wonder if Argentina and the hedge funds suing them are watching this case.
If ICANN loses here, the consequences of that loss for their legal battle
might be very interesting.

~~~
jacquesm
If ICANN loses this then Argentina is the least of our problems, the whole DNS
system will be overhauled and severely broken until a solution is put in
place.

Essentially this would break the internet as we know it.

~~~
fpgeek
You're suggesting that there is some sort of technical workaround that can be
deployed to solve this possible legal (and, ultimately, political) problem.

I'm not that optimistic. As far as I can tell, the argument being made in this
case is: According to US law, country X owes me money and hasn't paid. You,
ICANN, a US entity, provide thing-of-value to country X. You should give
thing-of-value to me instead (as compensation and/or increased leverage
towards getting my debt paid).

While the precise contours of the problem would depend on exactly how ICANN
hypothetically loses, I see no reason why that template wouldn't also apply to
OpenDNS, Google, Comcast, AT&T or Level 3. If too many pieces of the
Internet's infrastructure are "within legal reach", it doesn't matter what
technical wizardry someone comes up with - it couldn't be deployed.

------
AlyssaRowan
If ICANN loses this, they must immediately lose control of the root domain
space and need to be suspended until they can be replaced - as the meeting is
already convened to discuss - with either some kind of international
organisation by treaty (iana.int?) or something related to the IETF.

