A Ukraine government official on Monday asked the nonprofit group that oversees the Internet’s Domain Name System (DNS) to shut down DNS root servers in Russia and revoke Russian domains such as .ru, .рф, and .su. The letter to ICANN (Internet Corporation for Assigned Names and Numbers) was posted here, and ICANN has confirmed that it received the letter.
Several Internet experts say that granting Ukraine’s request would be a bad idea. Executive Director Bill Woodcock of Packet Clearing House, an international nonprofit that provides operational support and security to Internet exchange points and the core of the domain name system, wrote a Twitter thread calling it “a heck of an ask on the part of Ukraine. As a critical infrastructure operator, my inclination is to say ‘heck no’ regardless of my sympathies.”
Sent days after Russia’s invasion of Ukraine began, the letter said that Russia’s “atrocious crimes have been made possible mainly due to the Russian propaganda machinery using websites continuously spreading disinformation, hate speech, promoting violence and hiding the truth regarding the war in Ukraine. Ukrainian IT infrastructure has undergone numerous attacks from the Russian side impeding citizens’ and government’s ability to communicate.”
The letter asked ICANN, which is based in California, to “revoke, permanently or temporarily, the domains ‘.ru’, ‘.рф’ and ‘.su’. This list is not exhaustive and may also include other domains issued in the Russian Federation.” Next, the letter asked ICANN to “contribute to the revoking for SSL certificates for the above-mentioned domains” and to “shut down DNS root servers” in Saint Petersburg and Moscow. ICANN has previously explained that “root servers respond to DNS lookup requests made by DNS resolvers generally operated by Internet service providers.”
The letter was sent by Mykhailo Fedorov, Ukraine’s vice prime minister and minister of digital transformation, to ICANN CEO Göran Marby. “Apart from these measures, I will be sending a separate request to RIPE NCC asking to withdraw the right to use all IPv4 and IPv6 addresses by all Russian members of RIPE NCC (LIRs-Local Internet Registries), and to block the DNS root servers that it is operating,” Fedorov wrote. RIPE NCC (Réseaux IP Européens Network Coordination Centre) is the regional Internet registry.
Cutoff would make sites unreachable and reduce security
The text of Fedorov’s letter was also sent in an email by Andrii Nabok, Ukraine’s representative to ICANN’s Governmental Advisory Committee, to Marby and other people at ICANN, the American Registry for Internet Numbers (ARIN), the Number Resource Organization (NRO), and the United Nations. Woodcock posted the email’s full text on Pastebin Monday.
Woodcock wrote that Ukraine’s request to remove Russian top-level domains from the root zone would make Russian websites and email “unreachable from outside Russia, and unreachable for some inside Russia as well, depending [on] how their ISPs and recursive resolvers are configured.” Ukraine’s request to shut down the root name servers inside Russia “would make connectivity spotty for many users inside Russia, but mostly regular folks, not government or military users,” he added. Thirdly, Woodcock wrote that Ukraine’s request to revoke “IP address delegations to Russian networks… would break the RPSL and RPKI security that protects their routing.”
“Taken together, these three actions would have the effect of making Russian civilian Internet users much more vulnerable to man-in-the-middle attacks, such as are used to compromise banking credentials and website passwords,” he wrote. Woodcock explained that the actions “would have little to no effect on the Russian government or military,” pointing out that what Ukraine requests “is exactly the attack the Russians practiced for last July, which means their defenses are probably at optimum readiness right about now.”
Ukraine’s letter to ICANN argued that the requested “measures will help users seek for reliable information in alternative domain zones, preventing propaganda and disinformation.”
But Woodcock contended that Ukraine’s request is a bad plan in the short term “because it would cut the Russian man-on-the-street off from international news and perspectives, leaving them with only what the Russian government chooses to tell them” and that it’s a bad plan in the long term because it “would set the precedent that small industry associations in Los Angeles and Amsterdam would be playing arbiter in international conflicts, and messing with countries’ supposedly sovereign country-code top-level domains. And if that were to happen, a lot more countries than just China and Russia would secede from the common-consensus-Internet that allows us to all talk to each other.”
“It’s very likely ICANN will just say no”
ICANN confirmed the authenticity of the letter to Rolling Stone and to CNBC. An ICANN spokesperson told CNBC, “We can confirm that we’ve received the letter and are reviewing it… We have no further comment at this time.”
Rolling Stone quoted Justin Sherman, a fellow at the Atlantic Council’s Cyber Statecraft Initiative, as saying, “This is a huge request from Ukraine… It’s very likely ICANN will just say no. The Kremlin is spreading tons of propaganda and disinformation about Ukraine, but this is not the way to go about addressing it.”
RIPE NCC already seems ready to reject Ukraine’s request. The group’s executive board approved a resolution Monday saying that it “believes that the means to communicate should not be affected by domestic political disputes, international conflicts, or war. This includes the provision of correctly registered Internet numbering resources.” The resolution further said that it is “crucial that the RIPE NCC remains neutral and does not take positions with regard to domestic political disputes, international conflicts or war,” in order to guarantee “equal treatment for all those responsible for providing Internet services.”
“The Executive Board of the RIPE NCC is committed to taking all lawful steps available to ensure that the RIPE NCC can provide undisrupted services to all members across our service region and the global Internet community,” the resolution said.
Ukraine proposal debated in ICANN email list
Ukraine’s request gained some support in an ICANN email list, as pointed out in an article by The Register. “Nuclear bombing of Ukraine—will it be enough to change your neutral position?” asked Oksana Prykhodko, who said she is a “representative of civil society of Ukraine” and had endured a week of bombings in Kyiv.
Antony Van Couvering, co-founder and former CEO of the now-defunct registry service provider Minds + Machines Group, agreed with Prykhodko in a reply. “Neutrality as a response to murder is not neutral,” he wrote. “What is the use of ‘civil society’ organizations if they won’t even speak up in support [to] protect civil society, much less do anything about it?”
But Erich Schweighofer, a University of Vienna professor who is on leave for a position at the European Commission, wrote in the email thread that “removing Russia from the Internet does not help supporting the civil society in this country for a democratic change. ICANN is a neutral platform, not taking a position in this conflict but allowing States to act accordingly, e.g., blocking all traffic from a particular state.”
Domain registrar Namecheap is taking action on its own. “On Monday, the company sent out an email to Russia-based customers that began, ‘Unfortunately, due to the Russian regime’s war crimes and human rights violations in Ukraine, we will no longer be providing services to users registered in Russia,'” The Register article said. Namecheap later posted a clarification on Hacker News, saying, “We haven’t blocked the domains, we are asking people to move. There are plenty of other choices out there when it comes to infrastructure services so this isn’t ‘deplatforming.'”
“The complete opposite of what we need”
Meanwhile, other researchers joined the chorus of people opposing the Ukraine government’s request. “It’s the complete opposite of what we need. We should make sure that the Russian people are seeing what is happening and what their government is doing,” security researcher Runa Sandvik told CyberScoop.
The Internet Governance Project at Georgia Tech posted an analysis that said Ukraine’s proposal “strikes at the very basis of the neutral administration of naming and numbering registries that is required to make global communications fair and accessible to everyone. The whole point of ICANN’s creation was to distance Internet infrastructure administration from nation-states and their geopolitical conflicts.”
