Summary
- The 2019 Address Supporting Organization memorandum gives ICANN, the Number Resource Organization, its Address Council and the Regional Internet Registries substantial coordination duties, but expressly rejects representative and principal relationships among its parties and prevents one party from binding another without prior written consent.
- Global policy, recognition recommendations and IANA-facing administration can alter the common registry environment. Their practical force does not prove a general right to dispose of a non-signatory operator's registrations, contracts, customers or routing decisions.
- Direct holder duties normally require another bridge: a registration or membership agreement, incorporated policy, valid institutional decision and any procedure required by governing law. Downstream users and independent networks may require further contractual or operational links.
- Accountability improves when every consequential act is traced through identity, instrument, condition, decision-maker, procedure, system effect and remedy rather than justified by the prestige of the institutional arrangement as a whole.
- The most credible defence of coordinated number administration is precision. ICANN and the RIRs should publish which powers are collective, which are bilateral, which depend on voluntary reliance and which remain outside the memoranda.
A signed map is not a deed to the territory
The Internet number registry system is easy to picture as a chain of command. ICANN appears near the centre of global coordination. The Internet Assigned Numbers Authority performs top-level numbering functions. Five Regional Internet Registries administer service regions. Local registries, Internet service providers and other organisations receive registrations. Networks announce routes and customers use the resulting connectivity. Draw those relationships vertically and an administrative hierarchy begins to resemble a constitutional one.
That resemblance is misleading. The chain contains several different relationships, each created for a different purpose. Some are institutional arrangements among named organisations. Some are service contracts. Some are corporate membership rules. Some are public technical descriptions. Some are routing choices made by autonomous networks. The fact that they interact does not merge them into one grant of authority.
The current Address Supporting Organization memorandum, executed on 7 November 2019, is a useful test. It is neither empty ceremony nor a global constitution. It defines a serious institutional arrangement. The Number Resource Organization performs the ASO role. The Address Council participates in global policy development and specified appointments. The RIRs participate through their regional processes. ICANN receives recommendations and acts through its own structures.
Yet the same document contains a limiting clause. The arrangement does not create a partnership, joint venture, trust, franchise or representative relationship of the kinds that would ordinarily let one party make commitments for another. A party may not bind another without prior written consent. The clause should not be treated as boilerplate placed far from the real bargain. It tells readers how the bargain must be understood.
The memorandum is therefore a map of coordinated institutional conduct, not a deed to every registration in the territory it describes. It can organise what its parties do together. It can make their outputs globally consequential. It cannot, merely by existing, leap across the legal distance between those parties and every holder, customer or network operator affected by their work.
Why the distinction matters most when consequences are severe
For routine administration, the layers often align. A global policy is developed through regional processes. ICANN approves it through the prescribed route. IANA-facing administration reflects it. RIR procedures and agreements connect it to requests or registrations. Networks continue to rely on the common record. Because the system works, few entities need to ask which document did which part.
Stress breaks that visual unity. Suppose an institution proposes to refuse a request, freeze a service, alter a registration, revoke credentials, transfer records, designate a different service provider or describe a route as unauthorised. Each verb affects a different interest. The institutional memorandum may coordinate policy. A holder agreement may authorise a service consequence. Corporate rules may identify the competent body. A technical system may publish changed data. An independent network may then decide what to route.
If the memorandum is made to answer every question, accountability collapses into circular reasoning. The institutions are said to possess authority because they coordinate the system; the system is said to be legitimate because those institutions coordinate it. The affected party is never shown the clause that reaches its own relationship.
The legal issue is not academic. Registry records influence transfers, reverse DNS, routing-security assertions, due diligence, abuse response and counterparty confidence. A change can be operationally disruptive even when no packet-filtering command is issued. That practical weight demands a clearer authority account, not a broader presumption.
The correct method is act-specific. Name the actor. Name the affected party. Name the instrument connecting them. Identify the condition that permits action, the body authorised to decide, the required notice and review, and the exact registry consequence. Then state separately what other networks may choose to do in response. This method allows coordination to remain effective without pretending that dependence erased consent.
What the 2019 arrangement actually establishes
The official ASO memoranda page identifies the 2019 instrument as the current executed version and preserves earlier versions as history. Version control matters because institutional practice evolves. A claim about the ASO should be fixed to the text operative at the relevant time rather than inferred from a retired document or a general description.
The current arrangement gives the NRO a defined place within ICANN's supporting-organisation structure. It describes the Address Council and the movement of global number policy proposals. It provides a route for recommendations concerning the recognition of new RIRs. It addresses appointments, service regions, review and dispute handling between the institutional parties. These are consequential functions.
The global policy process is especially significant. A number policy that satisfies the agreed criteria can move from regional policy processes to the Address Council and then to the ICANN Board. Once approved, it can guide top-level implementation. This creates a means of coordinating unique number administration across regions without placing every operational detail in one organisation.
Recognition advice is also meaningful. A proposed new RIR cannot become an effective peer merely by announcing itself. It needs demonstrated community support, technical competence, financial viability, neutral practice and reliable record keeping. The ASO arrangement connects regional expertise to ICANN's recognition role.
Institutional appointments matter because they place number-community entities within wider ICANN governance. Review provisions matter because long-running arrangements need a method for adaptation. Arbitration between the named institutional parties matters because cooperation can produce disputes.
None of this is trivial. Calling the memorandum non-constitutional does not mean calling it ceremonial. The point is narrower: each power has a defined institutional entity. Global policy procedure is not a holder termination clause. Recognition advice is not a transfer of a customer's rights. Appointment power is not control over routes. Arbitration between signatories is not a remedy automatically available to every downstream user.
Precision strengthens the memorandum. It lets readers see the real value of coordination without burdening the instrument with powers it does not claim.
The limiting clause is part of the architecture
Section 12 of the 2019 text deserves more attention than it usually receives. By rejecting the listed representative and principal relationships, the parties denied a simple theory under which one institution automatically speaks or contracts for another. By requiring prior written consent before one party can bind another, they preserved separate legal identity and decision-making competence.
That is sensible institutional design. ICANN and each RIR are distinct legal persons with different governing documents, boards, memberships, contracts, assets and host-law obligations. The NRO is a coordinating vehicle, not a solvent that dissolves those distinctions. A regional institution cannot casually impose a contractual commitment on another region. ICANN cannot be assumed to have accepted any statement made in the name of the number community. Collective action needs the route the parties agreed.
The same caution applies beyond the signatories with greater force. If the memorandum does not let one named party bind another named party without consent, it is difficult to read it as silently letting the collective bind an unnamed operator that never signed it. Such a reading would invert the clause. The parties would have protected themselves from implied commitments while imposing open-ended commitments on outsiders.
This does not make third-party effects impossible. A contract can incorporate external rules. A holder may agree that certain global policies will become applicable through a defined process. A downstream agreement may pass duties onward. Applicable law can impose obligations independent of contract. A network may choose to rely on registry state. But every bridge needs to be identified.
Nor does the limiting clause decide every dispute. Governing law may recognise doctrines concerning incorporation, reliance, estoppel, third-party rights or corporate competence. Particular facts matter. The clause does, however, defeat a lazy starting assumption that institutional proximity equals unlimited mutual authority.
The memorandum should therefore be read as a federation of bounded commitments. The parties coordinated precisely because they remained distinct. Their legal separateness is not a defect accidentally left outside the technical design; it is one of the design's premises.
Global policy is coordinated authority, not universal assent
Global number policy occupies an intermediate position. It is more than advice. When developed and approved through the agreed process, it can direct top-level number administration and shape regional implementation. It is less than a universal contract because the affected population has not signed one common instrument.
The policy's legitimacy comes from several sources: open regional discussion, technical expertise, convergence across multiple communities, formal review and the need for globally consistent administration of unique resources. Those features can justify strong institutional reliance. They also reduce the risk that one centre imposes a rule without regional scrutiny.
But participation has denominators. A mailing list subscriber is not every holder. A meeting attendee is not every network. A consensus call is not necessarily a vote of all organisations affected by implementation. Some holders participate through staff; others lack resources or language access. Downstream customers may not know that a proposal exists. Autonomous networks can rely on registry data without joining the policy process.
The absence of universal assent does not invalidate collaborative policy. Most standards and shared infrastructures could not operate if every indirect beneficiary had a veto. It means only that the kind of authority being claimed must match the basis offered for it. An open process can justify technical coordination and create procedural legitimacy. It cannot be described as a signed mandate from every person affected.
Where a global policy reaches a direct holder duty, the regional bridge should be visible. Which agreement incorporates the policy? Which version applies? What notice was given? Which regional act put the global rule into effect? What remedy exists if staff misapply it? Those questions do not obstruct global policy. They show how a shared rule becomes a particular obligation.
A mature system can hold both ideas at once. Global consistency is necessary, and consent remains relational. Institutional coordination supplies the former. Contracts, rules and law must still explain the latter.
Recognition criteria govern entry, not every later power
The ICP-2 criteria, accepted on 4 June 2001, set a demanding standard for establishing a new RIR. A candidate needs a service region of sufficient scale, broad community support, bottom-up policy development, neutrality and impartiality, technical skill, a credible activity plan, funding, accurate records and confidentiality protections.
These criteria answer an institutional entry question: when should a new regional registry be recognised as capable of joining the system? That is a necessary governance function. Unique number administration cannot safely admit a new operator without evidence of competence, support and continuity.
Entry criteria can also shape expectations after recognition. An incumbent that abandons neutrality, record quality or financial viability raises a legitimate concern because those qualities supported recognition. Yet an expectation is not automatically a complete enforcement mechanism. A rule for admission does not necessarily identify who may withdraw recognition, by what vote, after which evidentiary process, with what appeal and through which record-transfer plan.
The distinction bears directly on non-signatories. ICP-2 assesses an institution. It does not make every holder in the proposed service region a party to the ASO memorandum. Community support is evidence of viability and legitimacy; it is not a conveyance from each operator. Regional policy commitments can become part of later holder arrangements, but the path needs documentation.
Recognition has powerful practical effects. IANA can treat the recognised body as the regional counterparty. Other RIRs can coordinate with it. Registrations and referrals can flow through it. Networks can accept its published data. That operational position deserves accountability proportional to its consequences.
The answer is not to pretend recognition carries no weight. It is to avoid making the recognition instrument perform tasks it does not specify. Entry, continuing standards, derecognition, succession and individual holder enforcement are related but separate questions. A complete governance architecture should answer each one expressly.
RFC 7020 describes the system without making everyone a party
RFC 7020, published in August 2013, offers a clear account of the Internet Numbers Registry System. It describes a hierarchy in which IANA allocates to RIRs, RIRs serve local registries and others, and records support unique administration. It also separates the registry system from the routing system.
That separation is central. A registry records administrative information about number resources. Routing protocols and operator policies determine whether and how routes are announced and accepted. Registry accuracy can influence routing decisions, especially through security and validation services, but the registry does not mechanically command every router.
RFC 7020 is evidence of an accepted technical and administrative structure. It explains why hierarchy is useful and why accurate records matter. It does not purport to be a contract signed by all networks. Describing IANA as a role at the top of a registry hierarchy does not turn that role into an owner of every address or an adjudicator of every private dispute.
The distinction between description and delegation is familiar in other infrastructures. A technical document can accurately describe how certificate authorities, clearing systems or standards registries operate without creating the private agreements on which individual entities rely. The description is valuable because it makes dependencies visible. Its accuracy does not change its legal character.
RFC 7020 therefore supports two conclusions that must not be confused. First, registry coordination has real operational significance. Duplicate or inconsistent registrations would damage the system. Second, routing remains outside the registry's direct scope. A changed registration may prompt networks to alter treatment, but their decisions need to be analysed as their decisions.
This boundary guards against exaggerated claims on both sides. A holder cannot insist that registry data are inconsequential merely because routers remain autonomous. An institution cannot insist that every routing consequence proves it had direct authority over the operator that made the routing choice.
RFC 2860 shows how sharply scope can be drawn
The IETF-ICANN memorandum published as RFC 2860 provides a useful comparison. Signed and ratified in March 2000, it concerns the technical work of IANA for Internet protocol parameters. It identifies roles, technical direction and a cancellation mechanism on six months' notice.
The instrument is notable for what it excludes. Policy questions concerning assignments of Internet Protocol address blocks are placed outside its scope. That exclusion prevents a memorandum about one set of IANA functions from becoming an all-purpose foundation for number-resource policy.
Scope clauses are governance controls. They tell institutions and affected communities which question was settled and which remains elsewhere. Without them, the prestige of IANA can blur very different arrangements concerning protocol parameters, domain names and numbers. The same brand and operator may perform several functions under distinct sources of authority.
RFC 2860 also demonstrates that a memorandum can contain a clear direction-and-exit relationship when the parties intend one. Technical direction is assigned. Designation is addressed. Cancellation is express. Readers do not need to infer those powers from general operational dependence.
That clarity cannot simply be borrowed for address policy. The document itself prevents the move. Nor can its cancellation clause be treated as though it gives ICANN a power to terminate a holder agreement or replace an RIR. Each arrangement has its own parties and subject.
The comparison yields a practical drafting lesson. Where the system needs direction, removal or succession authority, the adopted text should identify it. Silence should not be filled by analogy to a different IANA function whose memorandum expressly limits its reach.
The IANA numbering agreement contains real replacement machinery
The 2016 Service Level Agreement for IANA Numbering Services is the strongest evidence that the number community knows how to draft operational accountability when it chooses to do so. ICANN is the numbering-services operator; the five RIRs are the counterparties. The agreement separates policy development from service delivery and establishes performance, review, escalation and continuity provisions.
Most strikingly, it contains non-renewal, termination and successor-operator machinery. The RIRs must exercise specified rights collectively and unanimously. This high threshold protects a globally shared function from fragmented intervention. At the same time, the existence of an exit route rejects the idea that operational indispensability makes the current provider permanent.
The agreement's direction of authority matters. The RIRs collectively can act in relation to the IANA numbering-services operator under the terms they signed. The instrument does not make ICANN the superior of each RIR. It does not make the collective the contracting representative of every holder. It does not establish a procedure for one RIR to terminate another RIR's member agreement.
Nor does replacement of the top-level operator answer regional succession. IANA numbering services concern top-level pools and related registries. An RIR holds regional databases, contract histories, reverse-DNS operations, routing-security materials, staff expertise and relationships with thousands of organisations. Switching the IANA service provider does not by itself migrate those assets and duties.
The agreement is therefore both evidence of strong governance and evidence of the remaining boundary. It proves that service continuity, termination and succession can be written. It also makes the absence of equivalent wording elsewhere easier to see.
A credible authority claim should follow this model. Identify the parties. Separate policy from operations. State service standards. Define failure. Provide escalation. Require an explicit decision threshold. Preserve continuity. Name the successor route. Avoid relying on institutional aura where clauses can do the work.
Holder agreements create the missing bilateral bridge
The public ARIN Registration Services Agreement illustrates a different layer. It connects a named registration-services provider to a named holder. It can define covered resources, holder representations, payment, records, compliance, service consequences, dispute provisions and remedies. The exact rights depend on the version and execution history, but the relationship is direct.
The RIPE NCC Standard Service Agreement performs a comparable connecting function in its own legal and membership setting. It links a member to services and incorporates defined procedures. It is not the ASO memorandum, and that is precisely why it matters. Regional service authority is built through a regional instrument with an identifiable counterparty.
These agreements do not prove that every holder in every region signed the current public form. Legacy registrations, sponsorship, historical transitions and special arrangements can create different positions. A standard form on a website is not evidence of execution in a particular case. The institution must preserve the applicable version and the record connecting it to the resources at issue.
Nor does a holder's signature automatically bind everyone downstream. A customer using addresses through a provider may be governed by its contract with that provider. A peer accepting a route may act under network policy. A cloud tenant may have no direct relationship with the RIR. If duties pass through a contractual chain, each link should be identified rather than assumed.
The bilateral agreement nevertheless answers the privity problem far better than an institutional memorandum. It shows who promised what. It can explain how later policy enters the relationship. It can specify notice, cure, termination and dispute handling. Those are the elements required when a general policy becomes an individual consequence.
Institutional coordination and bilateral agreement should not compete for status. They perform complementary work. The first makes common administration possible; the second connects that administration to a particular legal relationship.
Operational dependence is real power, but a different kind
It would be naive to conclude that a non-signatory is unaffected. Registry systems produce focal records used by many parties. A route origin authorisation can influence validation. A reverse-DNS delegation can affect services. Registration data can shape transfers, abuse handling and due diligence. Counterparties may refuse to proceed when the common record conflicts with a claim.
This is infrastructural power. It arises because many independent actors rely on the same records and services. No one needs to issue a universal command if reliance produces coordinated response. The effect can be faster and wider than a conventional contractual remedy.
Infrastructural power deserves governance even when it is not equivalent to direct legal authority. The institution should publish reasons, preserve evidence, stage risky changes, provide review and design restoration. Operators should know whether a signal is definitive, provisional, contested or limited to one service. High-consequence systems should avoid turning an unresolved private dispute into an irreversible ecosystem-wide event.
Yet practical dependence should not be used as retroactive proof of mandate. If every reliance effect validates the institution that produced it, any entrenched intermediary becomes self-authorising. Market dominance would become delegation. Technical centrality would become consent. That principle would make accountability weakest where dependence is greatest.
The better rule is inverse: greater dependence requires clearer limits. Institutions should distinguish the power to alter their own records from the power to determine another party's legal rights. They should distinguish a validation result from a routing prohibition. They should identify which actors remain free to reach a different operational judgment.
Networks also carry responsibility. An operator that treats one data point as conclusive should be able to explain that policy. Registry institutions should not claim exclusive credit for beneficial reliance while denying responsibility for foreseeable harmful reliance. Shared infrastructure is governed through both publication and consumption choices.
Community legitimacy is not the same as a principal's instruction
The RIR model relies heavily on open community processes. That is a genuine strength. Technical and operational entities can propose policy, identify unintended effects and examine implementation. Multiple regions provide a check against one institutional centre. Public archives make deliberation more reviewable than private vendor rulemaking.
Community legitimacy, however, is a quality of process and acceptance. A principal's instruction is a relationship in which an identified person has granted another a defined power. The two can overlap, but they are not synonyms.
A policy may command broad support without unanimous assent. It may be legitimate because objections were heard, reasons were given and the resulting rule is technically necessary. That does not mean every absent party appointed the policy body to contract on its behalf. Conversely, a signed agreement may bind a party even when the wider community dislikes it.
The distinction matters for remedies. A entity dissatisfied with general policy can seek amendment through the public process. A holder facing a specific service action needs case reasons, notice and a route to challenge application. Sending that holder back to a future policy meeting may be useful for reform but does not resolve the present dispute.
It matters for representation claims too. Institutions should report eligible members, voters, meeting entities, policy contributors, organisations represented and regional distribution separately. A large mailing list cannot be used as the denominator for member control. A member vote cannot be used as the denominator for all route operators. Each metric answers a different question.
Legitimacy is strongest when institutions state the narrower claim they can prove. The policy was openly developed. The Board acted under its rules. The holder signed this agreement. The operator chose this routing policy. Those statements can combine into a defensible system without inventing a single universal principal.
Seven questions for every claimed memorandum-based act
The first question is identity. Which legal person acted? “The number community,” “the RIR system” and “ICANN” can conceal separate corporations, councils and staff bodies. The decision record should name the entity and authorised organ.
The second is the exact instrument. Is the act grounded in the 2019 ASO memorandum, a global policy, an ICANN Board resolution, an RIR bylaw, a holder agreement, a service term or applicable law? A chain of documents may be necessary, but each link should be named.
The third is scope. What subject does the instrument cover? Protocol parameters, top-level numbering services, recognition, regional registration and routing are distinct. A clause from one function should not migrate into another merely because IANA or ICANN appears in both.
The fourth is the affected party's connection. Did it sign? Is it a member? Did its agreement incorporate the rule? Is it governed by legislation? Is it merely a downstream user or an independent operator reacting to public data?
The fifth is the trigger and consequence. What fact permits action, and what exactly may be done? Failure to pay, inaccurate records, technical risk, policy noncompliance and institutional failure are different conditions. Refusal, suspension, record change, termination and route filtering are different consequences.
The sixth is procedure and remedy. Which notice, evidence disclosure, cure, recusal, approval, review, arbitration or court route applies? The larger the practical effect, the stronger the case for staged action and restoration planning.
The seventh is external reliance. Which parties are expected to react to the changed registry state? Is their reaction mandatory, recommended or voluntary? Can an institution correct the signal quickly if the underlying decision is reversed?
These questions do not require every technical choice to become a legal proceeding. They require the institution to preserve the authority chain before consequences become hard to reverse.
The case for broad institutional discretion
The strongest case for the existing arrangement starts with scarcity and uniqueness. Number resources cannot be administered coherently if multiple bodies create conflicting entries without coordination. Regional institutions need room to protect registry accuracy, respond to fraud, manage depleted pools and implement shared policy. Endless bilateral negotiation over every technical rule would make the common system unusable.
The signatories also possess specialised knowledge. RIR staff understand allocation history, transfer evidence, registry security and operational dependencies. The Address Council brings regional processes together. ICANN supplies a wider institutional frame. IANA operations maintain top-level continuity. Courts and legislatures rarely possess comparable day-to-day expertise.
Open regional processes reduce the risk of arbitrary central command. Global policy requires convergence rather than unilateral action. The IANA numbering agreement provides measurable service oversight and a successor route. Recognition criteria require competence and support. This is a substantial accountability architecture.
Non-signatories often benefit from it. They receive globally unique administration, predictable records and coordination without negotiating individually with every other network. Requiring express assent from every downstream user before any registry update would create holdout problems and favour the least accountable actors.
These considerations justify practical discretion within defined functions. They do not justify a blank cheque. Expertise supports deference on technical judgment, not invention of jurisdiction. Operational necessity supports timely action, not concealment of the authorising term. Community process supports legitimacy, not fictional unanimity.
The best defence is therefore documentary. The institution should show that the common policy was validly developed, the regional rule was competently adopted, the affected holder's instrument connected it to the rule, the facts satisfied the trigger, the consequence was proportionate and review remained available. This account is more resilient than saying the system has always worked that way.
The case against treating privity as the whole story
There is an opposite error: assuming that only direct contract matters. Number administration is a shared infrastructure, not a collection of isolated private bargains. A holder agreement depends on a common registry. Global uniqueness depends on coordinated policy. Downstream parties rely on records even without signing the documents that govern their production.
Some duties arise from law rather than consent. Corporate bodies must comply with host law. Courts can issue orders. Data and sanctions rules can affect service. Fraud and property disputes can produce claims that no standard agreement fully anticipates. A purely contractual lens would miss those powers and constraints.
Reliance can also create legitimate expectations. If an institution publicly commits to neutrality, stable procedures and accurate records, affected parties may reasonably organise their conduct around those commitments. The precise legal effect varies, but governance should not deny the reliance merely because the party lacks a direct signature.
Technical coordination sometimes requires collective decisions whose benefit cannot be confined to signatories. Preventing duplicate allocation protects everyone. Maintaining top-level registries supports the ecosystem. Emergency security action may need to occur before each affected party can be consulted.
The answer is a layered account, not contract absolutism. Memoranda can authorise institutional coordination. Public procedures can create process commitments. Holder agreements can create bilateral obligations. Law can impose external duties. Reliance can justify transparency and care. Operators retain routing choices.
What must be resisted is category collapse. The existence of several valid bases does not permit an institution to choose whichever sounds broadest after the event. A decision should identify the basis actually used and accept the limits and remedy attached to that basis.
What a transparent authority register should show
ICANN, the NRO and the RIRs could make this architecture more intelligible through a shared authority register. It would not need confidential case files. It would map recurring acts to public instruments and decision bodies.
For global policy, the register should identify the defining clauses, proposal criteria, regional approvals, Address Council review, Board action, implementation responsibility and reconsideration route. For recognition, it should show the criteria, recommending body, ICANN decision, continuing obligations and any adopted withdrawal route.
For IANA numbering services, it should show operator duties, performance measures, escalation, review, non-renewal, termination threshold, continuity obligations and successor selection. The 2016 agreement already provides much of this material.
For regional holder actions, each RIR should map request refusal, audit, service suspension, agreement termination, registration change, transfer block, reverse-DNS action and routing-security consequence to the applicable agreement or policy. Version histories and notice requirements should be preserved.
The register should state explicitly what lies outside each power. An RIR record change is not itself a routing command. A global policy is not automatically a downstream customer term. ICANN recognition does not make ICANN a party to every regional contract. The ASO arrangement does not let one signatory bind another without consent.
Outcome reporting should accompany the map. Counts of consequential actions, disputes, reversals, restoration times and affected agreement categories would show how written authority behaves in practice. Participation figures should preserve separate denominators for members, voters, policy entities, holders and operators.
Such disclosure would not weaken institutions. It would reduce the incentive to challenge their entire existence when the real disagreement concerns one act and one missing link.
What remains unknown
The public record supports a firm conclusion about scope. The 2019 memorandum coordinates identified institutions and expressly preserves their separate capacity. RFC 7020 describes a hierarchy while separating routing. RFC 2860 excludes address-block policy from its protocol-parameter arrangement. The 2016 numbering agreement gives the RIRs a collective route to replace the IANA operator. Public holder agreements demonstrate a separate bilateral layer.
The record does not provide a global inventory connecting every registration to the exact agreement that governs it. Legacy histories, sponsorship, acquisitions, public-sector modifications and downstream use complicate the denominator. A public standard form cannot fill that gap.
There is also no complete public series showing when an institution relied primarily on the ASO memorandum in a contested holder action. Decision letters, internal advice, arbitral outcomes and court judgments would be needed to determine whether broad memorandum-based claims have actually been decisive.
Operator participation remains difficult to measure. Public meetings and lists show activity, but not the population of all networks affected, their awareness, dissent or non-participation. Community legitimacy can be assessed only imperfectly without those denominators.
No source reviewed here decides a particular dispute under the governing law of an RIR or holder. Doctrines concerning contract incorporation, corporate competence, public policy and reliance vary. The architecture supplies a method, not a universal verdict.
These limits cut both ways. It would be unsound to claim that coordinated institutions never possess authority over a non-signatory; law or another contract may provide it. It would be equally unsound to assume that operational dependence supplies the missing grant. The burden is to identify the real bridge in the real case.
Coordination earns trust by respecting its boundaries
The RIR-ICANN memoranda solve a genuine problem. Global number administration needs institutions that can coordinate policy, recognise capable peers, connect regional processes to ICANN and oversee IANA-facing services. The current arrangement gives that work a durable form.
Its limit is not a drafting embarrassment. Separate legal identity, written consent and defined subject matter protect the institutions as well as outsiders. They prevent one entity from casually committing another. They preserve regional competence. They make disputes traceable to an agreed process.
The same discipline should govern claims against holders and operators. A memorandum can coordinate the signatories. A global policy can direct shared administration. A holder agreement can create resource-specific duties. A downstream contract can connect customers. Applicable law can impose obligations. Registry state can influence independent routing choices. No layer should be made to impersonate all the others.
This layered conclusion is less dramatic than calling ICANN either a global regulator or a powerless convener. It is also more accurate. ICANN and the RIRs possess substantial, bounded powers. Their coordination can reshape the conditions under which networks operate. Those consequences deserve close scrutiny precisely because they arise through several relationships rather than one sovereign command.
Institutional legitimacy does not require pretending every affected person signed the same social contract. It requires candour about who agreed, who participated, who relies, who decides and who can obtain correction. The 2019 memorandum already points toward that candour by refusing to invent a representative relationship among its own parties.
Mandate by memorandum is therefore possible only within the memorandum's actual field. Beyond that field, authority needs another instrument, another decision or another lawful basis. Operational dependence can magnify a decision. It cannot write the missing clause.

