The National Science Foundation awarded a small contract to the IEEE to host a small two-day meeting on 30 Sept 1994 of selected invitees at the IEEE’s Washington DC 18th Street offices on “Name Registration For The ‘.COM’ Domain.” Being part of the InterNIC contract oversight committee, I was one of the eight invitees. It turned out in many ways to be the single most important meeting in the long, checkered history of what is today referred to as “the internet,” that made an extraordinarily bad decision.
What is today commonly referred to as “the internet,” traces its origins back to a 1972 project undertaken by Bob Kahn shortly after he took over the Information Processing Techniques Office (IPTO) within DARPA from the legendary Larry Roberts, to build on the datagram internet ideas of France’s eminent researcher Louis Pouzin undertaken previous year. DARPA Director Stephen Lukasik approved and funded the effort, and the TCP/IP technique was first published in 1974 at the “host-to-host” protocol. (Twenty years later, Director Emeritus Lukasik would come to regret that approval and led the first efforts to deal head-on with the profound national infrastructure protection and cybersecurity threats that were already emerging in the mid-90s. Ten years after then, for similar reasons, Larry Roberts would attempt to introduce a secure internet datagram protocol in the ITU-T.) Sometime around 1980, Kahn’s protocol began to be called the “DARPA internet” and generated minor interest within the U.S. DOD and research communities – even as the banking community amusingly trademarked the term for their global ATM network internet.
Pouzin’s datagram internet ideas captivated and drove research establishments around the world to develop many diverse datagram internet protocols. It resulted in the U.S. chief national security networking office, NCS, to declare in 1976 that the protocols should form the backbone for critical national infrastructure in the U.S. The result was a widespread effort undertaken among all the major companies, research establishments, and national governments to cooperate internationally through the ITU and ISO to establish a broad array of formal standards to implement all the elements for trusted, secure, national and global datagram internet infrastructures for public use. This included transport and network security, trusted eMail, PKI encryption, directory, IoT, and identity management services to support an array of offerings including “web-like” services. The specifications are still all there in the X-Series Recommendations. This was collectively known as the OSI internet.
The U.S. commitment to the OSI internet also extended to joining with most of the world’s nations to cooperate in a 1988 treaty conference in Melbourne to enable datagram internet services to be publicly deployable globally, as they’re use for public access was unlawful — especially because of cybersecurity concerns. The potentially dire consequences of datagram internets were underscored by the release of the first large-scale attack known as the Morris Worm in the weeks preceding the Melbourne Conference on the DARPA internet. This resulted in negotiations instantiating an array of cybersecurity provisions in the treaty as a quid pro quo for legalizing global public internets.
The DARPA internet platform, however, continued to have ardent followers within the academic networking research communities — especially those funded by the National Science Foundation plus some counterparts in other countries. The platform was especially attractive because it was a kind of completely open, free, anarchy among a small research community unfettered with any of the constraints required for widespread public use. Because of these enormous liabilities, as well as the global commitment to the OSI internet, the DARPA internet would have died had not Senator Al Gore and his staff in 1986, allocated $5 billion over several years to scaling the DARPA internet — providing free connectivity and funding the development of application and server software. That enormous amount of money started to tip the protocol scales.
Unfolding history of the 1990s
A series of events ensued in the early 90s that would profoundly alter the datagram internet world — including policy, politics, and institutions. It began with DARPA recompeting the contract for the Network Information Center (NIC) that was held by SRI International in Menlo Park since 1970. It was awarded to an almost unknown, small Washington area contractor, Network Solutions. The DOD also told NSF that because they were promoting the use of the DARPA internet platform and had a huge influx of Gore money, it should take control and fund all non-DOD NIC support services. NSF then published the InterNIC RFP. The largest portion was devoted to an OSI internet directory service which was awarded to AT&T who viewed it as a safe strategic bet – which was subsequently proven wrong. A lesser portion was awarded also to Network Solutions for managing DARPA internet identifiers and its DNS root which no major company at the time really wanted as potentially doomed — which subsequently worked out nicely for them.
The problems began at the outset because the registration of DARPA internet domain names was scaling rapidly, as were IP address allocations because they were all free. The small $5 million award to Network Solutions was supposed to last for five years, including operating a master root server. The scaling problem was significantly exacerbated when Gore became Vice President in 1992 and immediately started shifting the U.S. policy toward supporting the DARPA internet platform as an “information superhighway,” and some commercial providers began offering connectivity services. The White House scaled up its role as PR agent for the DARPA internet and began eliminating U.S. government support for the OSI internet and the obligations of the 1988 Melbourne treaty.
The ability of Network Solutions to perform its functions on its small allocation became impossible, and in September 1994, the paradigm changing workshop on the .COM domain among eight people on 18th street was held. There were two possible choices posed — 1) adopt the OSI domain name model where registrants obtained a permanent domain for a fixed fee that included identity proofing and IPR checks, or 2) adopt a near zero overhead model that allowed anyone to register for a domain name for $40 a year. In what was arguably the worst, most ill-considered decision in the history of networking, the latter view prevailed.
After the meeting, spreadsheets became quietly distributed that showed how the exponential increase in COM domain names would within 2-3 years produce more than a billion dollars a year in revenue at near 100 % margins. It was a license to print money. Within a few months, SAIC bought Network Solutions. The legendary late SAIC founder and CEO, Bob Beyster, would subsequently describe it as the best financial decision the company ever made.
Unleashing political, legal, and cybersecurity hell
What the decision also created was a kind of political, legal, and cybersecurity hell that endures to this day, as the “licence to print money” generated problem after problem. To add to the firestorm, COM domains were also allowed for purchase by anyone in the world on a first-come, first-served basis by anyone willing to pay the registration and annual fees. They had previously been de facto restricted to U.S. domestic use. In the process, it created an ever more exponential market and revenue stream for SAIC and those feeding off the business and entering the bogus “internet governance” activities around Washington. The domain market became the equivalent of bitcoins today.
One of the most immediate problems these developments unleashed was a torrent of complaints about the U.S. government unilaterally ignoring its obligations under the 1988 treaty, and a single U.S. private corporation being given a monopoly for network identifiers that extended into the network management jurisdiction of other sovereign nations.
The FCC should have helped resolve that matter through the U.S. State Department. Instead, because of an old Brown University friendship, the matter was handed over to a senior Clinton Administration official who was available because their healthcare proposal failed — Ira Magaziner. The negotiated outcome was blessed through a superficial NTIA proceeding which gave NTIA a purported “internet governance” role, resulted in the Network Solutions monopoly being broken into a registry-registrar bifurcation, and yet another bad decision – the creation of the Internet Corporation for Assigned Names and Numbers (ICANN) as a kind of virtual Roomba hoovering up global policy complaints while not really doing much of anything substantive. Modelled after Magaziner’s healthcare governance ideas, ICANN replaced a role undertaken by two people at the Information Sciences Institute and replaced it with a vast and ever-expanding bureaucracy that feathered its own nest. By taxing the allocation of DARPA internet domains and addresses, it has enabled a rich political lobbying institution fuelled by revenues of over a hundred million dollars a year.
Retrospect and future
In retrospect, it is easy to see how the euphoria of the 1990s emerged as a diverse set of players in quests for revenues, riding an illusory internet revenue bubble, self-asserted fame and fatherhood, institutional roles, and foreign regime change strategic visions. These quests drove decisions and created policies, organizations, and directions — largely within the U.S.. However, some twenty years later, the U.S. infrastructure, societal stability, and national viability in a global economy are at risk. A young generation today — many of whom were still children in the 1990s – needs to understand that the provisions crafted in those years were frequently serendipitous expressions of personalities and circumstances of the time that are counterproductive going forward.
Today, an entirely new generation of virtualized network technologies and services with radio access are rapidly emerging. Some of the most significant innovations and cybersecurity protections are now orchestrated “in the networks,” from data centers, and not only at the edges; and it is a global phenomenon. NFV-SDNs instantiated as 5G and MEC have engendered a virtual tidal wave of industry and market activity. China clearly has assumed the strategic leadership role once enjoyed by the U.S. in facilitating this new generation — in part because of its adaptability, willingness to learn and work globally. Meanwhile, the U.S. continues to rely on solutions and institutions vicariously spawned during another era, and the rest of the world is aware that the fast disappearing old DARPA internet emperor has no clothes.
[From a historical treatise on How the Internet Really Happened.]