ICANN's current plan for a Continued Operations Instrument (COI) is a self-insurance scheme that asks domain name registries to tie up a massive amount of cash, when much cheaper and more sensible options are available. The COI is a massive barrier to entry for all applicants, and one that hits smaller registries and those from developing countries with disproportionate weight. The COI requires massive amounts of cash to be set aside in case of business failure. It is so punitive that it will certainly encourage falsely conservative sales volume estimates by applicants, and likely to lead to higher prices for registrants. Combined with the Emergency Backend Registry Operator (EBERO) RFI, it will rob developing registries of much-needed funding during their critical first few years, and use the funds from the resulting failures to reward large incumbent registries. This is not a conspiracy theory — several incumbent registries, notably Afilias, also recognize this plan as dumb and have been working actively to make it more sensible: all boats float on a rising tide, and sink together too.
While registrants do need to be protected against registry failure, the ICANN formula for the COI seems much better calculated to cause registry failures than to prevent them.
The requirements for the COI are given in Question 50 of the Application Guidebook. Basically, the applicant has to set aside funds (or get a letter of credit) to assure "core registry functions" for 3 years. Core registry functions are: access to the shared registry system; Whois, DNS resolution; data escrow; and DNSSEC. That sounds reasonable enough until you start to get into the details — and the difference between what this would actually cost and what ICANN wants set aside.
At a recent session at the ICANN Dakar meeting dedicated to the COI, no-one spoke in favor of the current COI requirement. A registry stakeholder group proposal that would pool the risk was shot down by intellectual property interests, who predictably were not in favor of a mandatory payment to protect others (large companies will have no problem coming up with the COI). Others insisted that the pool was a form of insurance, and ICANN should not be in the insurance business. But some preliminary ideas toward the solution proposed in this post did receive some support. The way forward is provide estimates of actual likely costs, instead of the "sky is falling" scenario that the current plan envisages. Several groups are working to gather such data to present to ICANN. This post critiques the current system and provides an outline for a way forward.
About Minds + Machines
Minds + Machines provides registry services for new top-level domains. (Learn More)
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Neustar DDoS Protection
Minds + Machines
Neustar DNS Services