You are here: Home > Publications > RIPE Labs > Karim Farhat > The Handle System: IoT-Express or Digital Putsch?

The Handle System: IoT-Express or Digital Putsch?

Karim Farhat — 06 Sep 2017
Please read this guest post by Karim Farhat, PhD student at the School of Public Policy at the Georgia Institute of Technology: The promise of vast new markets has created an array of alliances and consortia to develop competing standards and protocols for the Internet of Things (IoT). The ITU - DONA Foundation alliance is one such example.


Please note that this article is a summary of the longer working paper Digital Object Architecture and the Internet of Things: Getting a 'Handle' on Techno-Political Competition.

DONA’s Digital Object Architecture (DOA), a name-attribute binding service for managing distributed databases, presents itself as a potential solution for IoT challenges. But this proposed solution has been greeted with intense political opposition. Some of the alarmist outcries depict the resurgence of DOA’s Handle System as threatening “to kill off the diverse ecosystem of coexisting or competing identifiers.” (see The Problem With the United Nations Setting Tech Standards for Your Internet Devices by Dominique Lazanski). Others have even called it an “Authoritarian Internet Power Grab.” Proponents of DOA however, tout the “security and scalability properties” of a “highly efficient infrastructure” that is capable of addressing looming IoT problems see Scalable ID/Locator Resolution for the IoT by George Roussos and Paul Chartier). So why has a 1990s-vintage technical proposal regarding naming and addressing generated such polarisation? Although part of a broader debate on critical IoT considerations, deconstructing the politics of the DOA debate will help uncover whether it is a viable competing technology for the IoT or, as its critics argue, a threat to multistakeholder Internet governance.

Given that policy for DOA is now shared between the DONA board and the ITU, some observers see a danger that 'special' stakeholders or nation states gain leverage on a system of governance shrouded behind a veil of politics (for more details please refer to the ITU-SG CL contribution to the proposals regarding the master framework agreement (MoU) between ITU and the DONA Foundation). But does the Handle System constitute a threat to the open Internet through potential applications in the (IoT)? In our opinion, this is not a severe threat. IoT standards are a complex space with many moving parts. Given how high the commercial stakes are and how many different interests are involved with Standards Development Organisations (SDOs), the ITU/DONA Foundation marriage is only one amongst many alliances, and DOA is only one amongst many technologies. The alarmist arguments have the DONA Foundation achieving a highly improbable trifecta: centralising power through MPAs/governments which cherry-pick online content; bypassing existing governance processes and transferring decision-making to an inter-governmental rather than multi-stakeholder process. It’s not clear how they could ever pull this off. Despite being an intergovernmental treaty-based organisation, the ITU has no dictatorial powers when it comes to enforcing standards on the hundreds of equipment manufacturers, software developers and users across the board. As I argue in the longer version of this article, there are three essential takeaways to note from the recent reemergence of DOA.

First, the ITU/DONA alliance is just one of many competing approaches to the IoT. Although clearly in competition with the DNS and ICANN, this competition seems to be more about generating revenue for the Handle System developers than controlling the identifier system. The Handle System was part of the original URN discussions in the mid-90s but was never standardised at the IETF (see DOI and the non-IETF tree). Based on the current direction of the Handle System’s governance structure, it should come as no surprise to find out that CNRI repeatedly refused to register the Handle System as a URN namespace within IETF standards.[1] Handle System backers seem to have opted out of the mainstream IETF standards process in order to develop and control their own URN technology for business purposes. Exiled from the IETF and ISOC circles, they turned towards the ITU. The ITU has a congruent interest in generating revenue and in maintaining its relevance. Thus, ITU and DONA’s need for a sandbox outside of the ISOC/ICANN regime to compete is understandable. But the fact is, both DOA and ITU are relatively isolated in the overall Internet governance regime and the IoT business.

Second, when it comes to applying DOA to Industrial IoT, there are few if any signs of DOA adoption by the private sector outside the original usage-context i.e. DOI. The IoT standardisation process is extremely complex and diverse at the moment. It faces the same challenges as many other standards which combine aspects of both public and private goods. If history serves, companies will strive for market dominance by focusing on tightly guarded proprietary technology that is developed in-house. Technical considerations of efficiency are secondary to having an exclusionary competitive edge when it comes to, say, interoperability across supply chains. However, proprietary standards have trouble realising network externalities, and as development matures, innovative products become more standardised through alliances, consortia, and SDOs. As for open standards developed by the IETF, public benefit is always produced but those standards mostly give an edge for private firms (such as Cisco, Huawei, Ericsson Nokia or Juniper Systems) whose engineers moonlight at the IETF. In that sense, IoT development will likely face a variety of competing alternatives that coexist serving different applications and jurisdictions.

Lastly, the U.S. Department of State through its Bureau of Economic and Business Affairs’ Office of International Communications and Information Policy (EB/CIP) has a distinct position when it comes to the ITU and Internet governance. For example, the U.S. was unequivocal in wanting to remove any mention of DOA from the outline report of the WTSA October 2016 conference. Moreover, I have it on good authority that after an MoU was signed between the ITU and Georgia Tech’s Center for Development and Application of Internet of Things Technologies (CDAIT), the State Department asked Cisco (who are on the board of CDAIT) to clarify their position and refrain from encouraging DOA-related activity. The U.S. has a vested interest in keeping the status quo when it comes to Internet governance and U.S. companies feel the pressure to stay in-line with that agenda. The implication is not only that western private companies have an additional incentive to stay away from DOA, but also that the U.S. government shares as much responsibility for politicising the DOA vs. DNS choice as the ITU does.

There are many IoT considerations still open for debate. The National Telecommunications and Information Administration (NTIA) process on Fostering the Advancement of the Internet of Things is one of those fora where the conversation is ongoing and the mainstream U.S. government/private sector view is being synthesised in an authoritative albeit non-binding process.

It should be noted that although anyone can get involved in the open meetings, none of the alarmists or anyone from the Handle System ecosystem raised any arguments for or against DOA (during an IoT workshop organised by the NTIA in September 2016). In fact, none of the workshop members even brought the issue up despite alluding to the need for open and scalable architectures. As we wait for the dust to settle on the IoT standards war, we can at least hope for some progress to emerge based on the results of those deliberations. In the meantime, we can encourage people with strong feelings about DOA to discuss its merits or flaws in the NTIA process or other fora.


[1] (M. Mealling 2017, personal communication, 13 May).



Add comment

You can add a comment by filling out the form below. Comments are moderated so they won't appear immediately. If you have a RIPE NCC Access account, we would like you to log in.