Home / Blogs

Unclear on the Concept, Sanctions Edition

Don't miss a thing – sign up for CircleID Weekly Wrap newsletter delivered to your inbox once a week.
John Levine

United Against Nuclear Iran (UANI) is an advocacy group that, among other things, tries to isolate Iran by pressuring businesses and organizations to stop doing business with Iran. This week they turned their attention to ICANN and RIPE to try to cut off Internet access to Iranian organizations. Regardless of one's opinion about the wisdom of isolating Iran (and opinions are far from uniform), this effort was a bad idea in an impressive number of both technical and political ways.

Their letter to ICANN demanding that they:

1. Terminate its relationship with and deny any Iranian entity or person that has been sanction-designated by the United States, the European Union and the United Nations access to and revoke previously assigned Domain Name System ("DNS"), Internet Protocol ("IP") addresses, space allocation, protocol identifier assignment, generic ("gTLD") and country code ("ccTLD") Top-Level Domain name system management, and root server system management functions;
It lists a variety of web sites of sanctioned organizations, including http://www.mut.ac.ir/ http://www.cbi.ir, http://www.bankmaskan.ir, http://www.bmi.ir, http://www.banksepah.ir, and http://www.khatam.com that they want ICANN and IANA to cut off.

Technically, this is ridiculous. Even if IANA wanted to block or disable individual domain names, they can't, because the DNS doesn't work that way. They manage the top level delegation to .IR and .COM, but the internal structure of those domains are managed by the Institute for Studies in Theoretical Physics and Mathematics in Teheran (which is not on the sanctions list) and Verisign, respectively. Politically, cutting off a top-level domain from the root is a complete non-starter. Even though the US government has had its thumb on the root zone since the day the DNS first went live, it has never interfered with countries' management of their ccTLDs, even countries like Cuba and North Korea that the US really doesn't like. Were the US to try to disable .IR, it would provoke a huge international outcry, and not just from countries sympathetic to Iran.

Their letter to RIPE is no better. It demands that RIPE:

1. Terminate its relationship with and deny any Iranian entity or person that has been sanction-designated by the United States, the European Union and/or the United Nations access to and revoke previously assigned internet number resources, including Internet Protocol ("IP") addresses, domain names, and Autonomous System Numbers ("ASNs");

They go on to cite the same web sites they do in the ICANN letter.

Again this is ridiculous for both technical and political reasons. The technical problem is that a web site is not a network, and all the web sites they list are on networks shared with other entities not on the sanctious list. Furthermore, a registry like RIPE just does bookkeeping, and doesn't control anyone else's network. Even if RIPE hypothetically revoked the allocations, the Iranian networks could just keep using them, because each network decides what IP addresses they use, and the only way to keep a rogue network from using someone else's addresses is for other networks that connect to the rest of the net to refuse to route traffic to those addresses. (Of course, if the connecting networks were so inclined, they could block traffic regardless of what RIPE did.)

Politically, RIPE has allocation rules, and again, if they didn't follow them, an international incident would ensue. While it would probably be fine with UANI to cut off all the other entities that share the IP and other allocations used by their target organizations, it would not be fine with RIPE or RIPE's other members and clients.

UANI appears not to have done even the most rudimentary research to find out whether their demands to ICANN and RIPE were reasonable. One theory was that it was deliberate, they're PR hounds, and it worked since the letters got them a mention in the New York Times (see the last three paragraphs.) Another is that it just didn't occur to them that they didn't understand what they were asking for. Personally, I think the second explanation seems a lot more likely.

By John Levine, Author, Consultant & Speaker. More blog posts from John Levine can also be read here.

Related topics: ICANN, Internet Governance

 
   

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

Verisign

Cybersecurity

Sponsored by Verisign
Afilias Mobile & Web Services

Mobile Internet

Sponsored by Afilias Mobile & Web Services
Afilias

DNS Security

Sponsored by Afilias

Promoted Posts

Now Is the Time for .eco

.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»

Industry Updates – Sponsored Posts

Leading Internet Associations Strengthen Cooperation

i2Coalition to Present Tucows CEO Elliot Noss With Internet Community Leadership Award

Michele Neylon Appointed Chair Elect of i2Coalition

2016 U.S. Election: An Internet Forecast

Afilias Chairman Jonathan Robinson Wins ICANN's 2016 Leadership Award at ICANN 57

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Domain Management Handbook from MarkMonitor

US Court Grants DCA Trust's Motion for Preliminary Injunction on .Africa gTLD

United States Court Has Granted an Interim Relief for DCA Trust on .Africa gTLD

Dyn Weighs In On Whois

Season's Greetings - 2015 End of Year Message from DotConnectAfrica

"The Market Has No Morality" Sophia Bekele Speaks on Business Ethics and Accountability

Dyn Comments on ICG Proposal for IANA Transition

Independent Review Panel Favored DotConnectAfrica Trust Against ICANN Ruling Over .Africa Domain

TLD Security, Spec 11 and Business Implications

ICANN Business Constituency Elects Elisa Cooper of MarkMonitor as Chair

ICANN's Registry Audits Begin Next Week. Are You Prepared?

DotConnectAfrica on "CONNECTing the Dots: Options for Future Action" at UNESCO, Paris

IBCA Presentation to ICANN GAC on Protection of Geographic Names in New gTLDs

Season's Greetings - 2014 End of Year Message from DotConnectAfrica