Getting to the Root of the Internet

In the beginning there was the “root”.

For anyone attempting to understand how exactly the Internet works, they will quickly find themselves coming face-to-face with this strange precept. Here at OWNI, being your humble servants, we’ve long been reading through articles with headlines such as “US Authorities Divided Over Internet Root” and “China Wants its Own Internet Root”, and are still circumspect. Just what exactly is this magic Internet-generating bulb? And why is everyone trying to control it? Time to ask the experts.

(South Park, "Over Logging", Season 12, Episode 6)

The magic bulb

Lesson one: the root of the Internet is not an onion. Nor is it a giant modem hidden in the depths of Silicon Valley by the US government. In a cruel disappointment for fans of South Park, the reality is far more mundane: the root is, first and foremost, a file. One of the fathers of the Internet in France, Louis Pouzin, explains it thus:

It’s a data file. We can see it on a screen or print it out. It’s the contents table of TLD directories.

Here’s where things start to get complicated. TLD’s are “top level domains”. They’re the .something part of the domain name (.com, .net, .info, or for countries .fr, .de, .ie, etc). There are now over 300 extensions. All websites are grouped in a directory named after their extension. “For example, there is a .com directory,” explains Louis Pouzin. “There are as many directories as there are TLD’s.”

So where does the root come into all of this? The root remembers the list of all the TLD’s, and points users towards the different directories. “It’s a referral system,” says Stéphane Bortzmeyer, an engineer at AFNIC, the body which manages the French .fr domain name. “When someone requests to access to a .fr site, the request gets sent to AFNIC.” It’s the same process for sites around the world. The root is the guidance counsellor of the net.

The root is dead, long live the Internet!

Obviously, the root file can’t do all that by itself – it’s only got little arms. When we talk about roots we’re also talking about “root servers”. These machines are scattered around the world, and each one contains a copy of this “Internet directory”. It’s sometimes said there are 13 root servers, but the reality is a little more complex. “There are hundreds of physical sites that manage the root servers,” says Stéphane Bortzmeyer.

Contrary to another popular belief, these servers do not resemble ultra-secure bunkers. Much like conventional data centres, “they simply consist of racks of computer equipment,” explains Bortzmeyer. “Physical security is not the problem.”

The concern is more at the software level. But if the root were to disappear from the Earth’s surface, there would be no devastating cataclysm as a result. No shutdown, no blackout, no tsunami of vengeance. Nothing but a few malfunctions.

“There would be a loss of functionality, but it would be neither sudden nor total nor catastrophic,” wrote American academic Milton Mueller, one of the first to become interested in the root and its geopolitical implications, in his book Ruling the Root. “The network would deteriorate little by little, but we could survive it,” agrees Stéphane Bortzmeyer. The reason for this are certain servers, the “name servers”, and their ability to retain the information provided by the root, as Louis Pouzin explains.

There are thousands of copies of the root stored in the name servers and the computers of users. The Internet could continue to function for a week at the least, which would provide some time to get organised and fix the problem.

Some of these name servers are operated by Internet service providers (ISP’s – Orange, AOL, BT and the like). Usually the name servers only contact the root servers when they are first set up. The rest of the time, they remember at least temporarily (cached) traces of the root. Some ISP’s have even opted for a more permanent solution: they copy the root file to their servers, to avoid having to pass through the root, as Milton Mueller explains in his book.

The root is America

That said, they cannot completely bypass the root. They’re still only copying the root file, and that file can undergo changes over time. To stay on top of those changes, and continue to direct Internet users correctly, updates are required. Which means the problem remains the same: ultimately, they need to go back to the root.

All of which makes for a hyper-concentrated system which doesn’t quite match up to the romantic picture of a rhizomatic Internet – fully decentralised, with neither head nor tail. This poses some problems, because behind the root there are men. For good or ill, the root is not an autonomous intelligent form come from another world, tiny servers in its luggage, to offer us the Internet. The root is America.

According to Stéphane Bortzmeyer:

No change in the root file is made without first being signed off on by a US official.

Two institutions, the Internet Corporation for Assigned Names and Numbers (ICANN) and VeriSign, are responsible for updating the list of TLD’s. “ICANN accepts or rejects the registration of TLD’s, and transmits its decision to the US Department of Commerce (DOC). VeriSign carries out the registration or cancellation of TLD’s in the root according to the orders of the DOC, and sometimes the FBI,” explains Louis Pouzin. The operation is 100% ‘Made in USA’.

ICANN presents itself as an independent organisation, but it is part of a wider “community” made up of ISP’s, “commercial and non-profit interests” and  “representatives of more than 100 governments”. But the bottom line remains that if ICANN manages the root, it’s only because the US state allows it to do so.

“It’s a triangular relationship,” Milton Mueller tells OWNI. “ICANN, just like VeriSign, is controlled by means of contracts binding them to the US Department of Commerce.” ICANN recently renewed its agreement with the US government, meaning it will continue its stewardship of the root for the next five to seven years.

One root to rule them all

A potential weapon of mass destruction, the root is the latest frightening big red button, and one that only the US has access to. If they so wished, they could remove a extension like .com. More likely, they might decide to nuke a domain name. Just ask Megaupload, which last January was erased from the Internet.

They can also block the introduction of a new .something, or expand the list to include more extensions. ICANN has already begun a program to add extensions such as .lol, .meme, .viking and many others to the root file. Behind the exercise is the motivation of cold hard cash: $185,000 to request a new extension, $25,000 a year to renew existing ones. For today’s Internet brands, it’s a case of be there or be square.

“So far, fortunately, the US has not engaged in any scandalous management of the root,” Stéphane Bortzmeyer says, before conceding:

With the Internet, it’s a bit of a balance of terror.

China has often threatened the US with building its own root. It recently published a draft with the IETF (Internet Engineering Task Force, the body responsible for Internet standards), which was widely publicised in the media. On his blog, Stéphane Bortzmeyer sought to temper the speculation. These drafts “can be written by anyone and are published almost automatically“. Over the phone to OWNI he adds:

The Chinese are threatening, but nothing has been done yet. Chinese networks are connected to the Internet. The only difference with other countries is that their filtering system is much more aggressive.

For Bortzmeyer, it is virtually impossible to build an alternative root. Not from a technical point of view – “there are many students who have done it to impress their friends!“. The problem is more on a practical level.

There is a strong motivation to keep the same root. Otherwise, Owni.eu could give different results depending on the root being used!

Not massively convenient for a network with international pretensions. That goes some way to explaining the inertia that surrounds ICANN, VeriSign and the original root. If everyone wants to control the root, there’s not much interest in going it alone. Furthermore, nobody has means and influence significant enough to spark a migration to another root, whoever it may ‘belong’ to. “The problem is as follows: ensuring that people switch en masse to another root, by reconfiguring all the name servers,” explains Stéphane Bortzmeyer. “That would require tremendous moral authority, to propose (a system) with better governance, that’s better technically…” In short:

To get a new root, one must prove that one is better than the United States of America.

It’s a bit like the challenge facing new social networks. First of all, they must demonstrate that they’re better than Facebook.

Root versus Rhizome

For Stéphane Bortzmeyer, only some unacceptable behaviour by the US would open the way for a shake-up. Others, however, are refusing to accept the status quo, and believe that the fact that the US has a stranglehold on the root is reason enough alone to propose an alternative. This is particularly true of Louis Pouzin, and his “Open Root” project. For this pioneer of the network, “the legend of the single root is a dogma enforced by ICANN since 1998“. And those who protect them are “advocates of the monopoly“. “They cannot conceive of its ending,” he says.

Others are going even further, planning a peer-to-peer root distributed across multiple locations in the network. At the end of 2010, the iconic founder of The Pirate Bay and Flattr, Peter Sunde, suggested on Twitter that such a project interested him.

Hello all #isp of the world. We’re going to add a new competing root-server since we’re tired of #ICANN. Please contact me to help.

— Peter Sunde (@brokep)

Since then, and despite much media interest, there’s been little news of progress. By email, he told OWNI that he had “entrusted the reins” of this project to others, due to a lack of free time. But he still believes in the need for an alternative.

Either we take control [of the root], in a distributed and democratic manner, or we replace it in the near future.

He continued:

It is ironic to believe in a decentralised Internet when EVERYTHING that we build is based ultimately on a system placed in the hands of one organization, which is tied to a jurisdiction, in a country that has particular interests in how other countries behave.

The Swedish engineer dreams of a distributed alternative, “with local caches.” An unattainable utopia, according to Stéphane Bortzmeyer. “The main problem is the unity,” he argues. Clearly, a domain name refers only to content stored on machines identified by IP addresses. In France, Germany or Timbuktu, Owni.eu refers only to Owni.eu. This is called the DNS (Domain Name System). And it’s this that the root (or more correctly the “DNS root” or “Internet root”), maintains through a cascading system of responsibility. The root holds the list of extensions (.com, .eu, and so on), assigns them to websites (wikipedia.org, google.com), who then manage the way they want their domain name (for example by creating fr.wikipedia.org). No mess, no duplication, and the Internet will be well safeguarded.

“There have been some attempts to create a peer-to-peer system, which remain mostly at the basic research stage today,” Bortzmeyer continued. “But all of them destroy the unity! The guy who figures out how to do that without a root gets the Nobel Prize, immediately!”

Peter Sunde disagrees. “Alternative root projects exist and are meeting with some occasional success,” he says. “It all depends what you mean by success.” But in their capacity as “testing grounds”, Peter Sunde gives them full support. And Louis Pouzin recalls.

A certain number of projects, or concepts, have already begun, but have failed to penetrate. In fact, what powers have an interest in supporting a fully decentralised root?