Until the launch of the New gTLD Program, TLD launches were relatively straightforward. They generally consisted of a Sunrise Period, a Landrush Phase, and then General Availability. We would see the occasional Grandfather Phase or "Founders" program, but all in all, launches were pretty standard and straightforward. Things started to change with the launch of the new gTLD program. more
I previously provided a brief overview of how Verisign iDefense characterizes threat actors and their motivations through adversarial analysis. Not only do security professionals need to be aware of the kinds of actors they are up against, but they should also be aware of the tactical data fundamentals associated with cyber-attacks most commonly referred to as indicators of compromise (IOCs). Understanding the different types of tactical IOCs can allow for quick detection of a breach... more
The next Registration Operations Workshop will take place at the start of IETF 93 on Sunday, July 19th, 2015. The focus of this workshop is on the Registration Data Access Protocol, the successor of Whois. RDAP is a combined protocol for IP addresses and names registration data. Therefore, we are expecting both domain names and RIR communities to attend the workshop. more
We, domain name and Trademark professionals, think end-users know about domain names. The truth is that few of them have ever heard of what a domain name is and worth; very few have heard about new descriptive domain names so I asked a Club manager my questions... Representatives of a famous French sports club were there and I bumped into them to ask my question: "any plan to change to a .club domain name?" more
Where has DNSSEC been successful? What are some current statistics about DNSSEC deployment? What are examples of innovations that are happening with DNSSEC and DANE? All of these questions will be discussed at the DNSSEC Workshop at ICANN 53 in Buenos Aires happening on Wednesday, June 24, 2015, from 09:00 – 15:15 Argentina time (UTC-3). You can watch and listen to the session live. more
DNSSEC is a mechanism where clients can verify the authenticity of the answers they receive from servers. There are two sides here. The server must supply signed answers, and the client must verify the signatures on those answers. The validation/verification side is widely implemented, but there are very few signed zones... However, if no one signs their zones, those validating resolvers don't have many signatures to check. more
More than six hundred brands have applied for their own dotBrand (a new top level domain associated with a trademarked brand). These represent every segment of our economy: banks, tech companies, media, food, luxury goods, etc. Quite a few dotbrands have already gone live. The current application period is closed, but the next round will likely begin in 24 months or so. more
In the coming weeks another Regional Internet Registry will reach into its inventory of available IPv4 addresses to hand out and it will find that there is nothing left. This is by no means a surprise, and the depletion of IPv4 addresses in the Internet could be seen as one of the longest slow motion train wrecks in history. The IANA exhausted its remaining pool of unallocated IPv4 addresses over four years ago in early 2011, and since then we've seen the exhaustion of the address pools in the Asia Pacific region in April 2011, in the European and the Middle Eastern region in September 2012, in Latin America and the Caribbean in May 2014 and now it's ARIN's turn... more
RHEL6/Centos6 (and presumably RHEL7/Centos7) machines with the latest openssl packages now refuse SSL connections with DH keys shorter than 768 bits. Consider RHEL6 sendmail operating as a client, sending mail out to a target server. If the target server advertises STARTTLS, sendmail will try to negotiate a secure connection. This negotiation uses openssl, which will now refuse to connect to mail servers that have 512 bit DH keys. The maillog will contain entries with "reject=403 4.7.0 TLS handshake failed". more
The 30-day .BANK Sunrise Period just concluded this week and is notable for several reasons. The .BANK TLD is highly restricted to members of the banking industry. The .BANK Registry (which also has rights to .INSURANCE, launching this fall), was founded by 24 companies and organizations from the banking and insurance industries, The Registry's founders include industry leaders such as the American Banking Association, Citigroup, Dollar Bank, Independent Community Bankers of America, JPMorgan, Visa and Wells Fargo. more
Recently there have been a number of news reports/articles that are incorrect or misleading in interpreting China's domain name management policy. James has posted an article aiming to clarify what is going to in China's domain name market. Considering the potential negative impact of those reports on the participants of this market, I supplement James's post by pointing out three things, which I believe critical for any TLD registries that hope to have a better understand of China's domain name regulation and the special action based on it. more
The U.S. Government's decision to transition its legacy role as the administrator of the IANA functions contract to the global multi-stakeholder community is an important step in the continued evolution of the Internet. While the Motion Picture Association of America (MPAA) supports this transition, we strongly believe that a comprehensive accountability framework, developed, agreed to and approved by the multi-stakeholder community must be in place in advance of finalizing any IANA transition recommendations. more
Not so long ago, the notion of introducing laws and other regulatory responses to address cyber security issues was regarded with significant hesitation by governments and policy makers. To some extent, this hesitation may well have stemmed from a general perception by those who do not work directly in the field that the world of cyber security is somewhat of a 'dark art'. More recently, however, there has been a substantial shift in this attitude, with proposals to regulate a range of cyber security related matters becoming increasingly numerous. more
The threat landscape has rapidly expanded over the past few years, and shows no signs of contracting. With major establishments in both the public and private sectors falling victim to cyber-attacks, it is critical for organizations to identify the motivations, modus operandi (MO) and objectives of adversaries in order to adequately and effectively defend their networks. Understanding the taxonomy of cyber-attacks is the first step in preparing an organization against exposure to them. more
In opening up for the .BRAND top level domain, ICANN has artificially created a scarce resource of great commercial value. Indeed, the values of the .BRAND TLDs may be astronomical due to the investments made by the companies that own the trademarks represented in the .BRAND TLD. While the above is interesting in its own right, I will here focus specifically on how we deal with situations where more than one company has a legitimate trademark interest in a particular .BRAND TLD. more
Sponsored byWhoisXML API
Sponsored byCSC
Sponsored byVerisign
Sponsored byRadix
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byIPv4.Global