In one of the email conversations with my expert colleagues from around the globe, an interesting article was discussed written by Bruce Scheier in Wired: When it comes to security, we're back to feudalism. An interesting aspect of the discussion was the conclusion that Google's and Facebook's consumers are not their customers. The distinction is important, because consumers are the product being sold to their actual customers who are their advertisers. more
After a quick break to catch our breath (and read all those IPv6 Security Resources), it's now time to look at our tenth and final IPv6 Security Myth. In many ways this myth is the most important myth to bust. Let's take a look at why... Myth: Deploying IPv6 Makes My Network Less Secure... I can hear you asking "But what about all those security challenges we identified in the other myths?" more
What do people perceive to be the top issues facing the Internet today? How can stakeholders work more effectively together to strengthen the governance mechanisms meant to address these issues? And when it comes to the Internet Society, what should our role be and where should we focus our attention? To help inform our work in Internet governance, we posed these and other questions to our community in February. We had an overwhelming response with over 800 people taking a few minutes of their time to answer our survey. more
This Sunday, March 22, 2015, the second Registration Operations Workshop (ROW) will be taking place at the Fairmont Dallas hotel from 12:30 -- 4:30 pm CDT. Discussion will include extensions to EPP, new encryption initiatives and also suggestions for ways to further automate DNS interactions between registries, registrars and DNS operators, including a need to do this for DNSSEC. more
More and more governments are now looking at electronic ways to deliver services to their citizens. With the enormous growth in mobile penetration this infrastructure is now becoming a viable alternative in the delivery of services. But personal authentication is required to make this happen. This is recognised throughout the industry for a range of services and the GSMA has launched a project 'Mobile Contact' aimed at developing a standardised mobile ID. more
.US is the top-level domain for the United States of America. As stakeholders in the .US ccTLD, we all share a vested interest in making sure that .US continues to be a vibrant namespace that reflects the diversity, creativity and success of our people. As the Internet continues to grow and evolve, it's important that the .US domain does too. To meet these needs, Neustar and the usTLD Stakeholder Council plan to hold a virtual .US Public Stakeholder Town Hall Meeting. more
The introduction of unlimited numbers of new generic Top-Level Domains (gTLDs) has increased customer and company confusion about the role of brand names and their product labels, as noted in an earlier post. This essay outlines the various possible scenarios for coupling TLD branding and labeling, and it explains why duplicating the benefits of branding under.com may be difficult. more
A blog post has created some attention online through its extremely negative attitude to DNSSEC. Through the years, I have come in contact with many arguments against DNSSEC that suggest that anyone who is critical has not managed to or wanted to familiarize themselves with what DNSSEC is and does. We have received many questions concerning the article, so I feel it's appropriate to respond to the criticism. more
Everyone has heard of the cyber security attacks on Target (2013), Home Depot (2014), Neiman Marcus (2014), Sony Pictures (2014), and the United States' second-largest health insurer, Anthem (reported February 2015), but have you heard of the security breaches for Aaron Brothers, Evernote (denial of service attack), P.F. Chang's China Bistro, Community Health Services, Goodwill Industries, SuperValu, Bartell Hotels, Dairy Queen, U.S. Transportation Command contractors, and more. more
Phil Zimmerman's Pretty Good Privacy (PGP) and its offspring have been encrypting and decrypting email for almost 25 years -- but require enough knowledge and determination to use them that adoption has never taken off outside the technoscenti. Now initiatives from several quarters aim to fix that -- but will it all "just work," and will end users adopt it even if it does? more
On February 2nd ICANN staff announced the release of a Draft Report: Rights Protection Mechanisms Review that is open for public comment until May 1st. This Draft Report is preliminary to an Issues Report requested by the GNSO Council that is due to be delivered by September 30th, and that may set the stage for a Policy Development Process (PDP) on Rights Protection Mechanisms (RPMs) that could commence in 2016. Such a PDP could consider comprehensive reform of these RPMs as well as of the Uniform Dispute Resolution Policy (UDRP). more
ICANN should reconsider its decision to quarantine .DOCTOR, given that it's not even sick. In an utterly surprising move, ICANN staff and the Board's New gTLD Program Committee ("NGPC") recently informed the applicants for .DOCTOR that it has singled out the gTLD as a test case for controlling content and limiting speech on the Internet. In the epitome of top-down policy making, ICANN issued an edict that it will implement nearly year-old advice from the Government Advisory Committee ("GAC") differently from all other similarly situated gTLDs and in contravention of subsequent GAC advice. more
We are approaching the end of this 10 part series on the most common IPv6 security myths. Now it's time to turn our eyes away from security risks to focus a bit more on security resources. Today's myth is actually one of the most harmful to those who hold it. If you believe that there is no good information out there, it's nearly impossible to find that information. So let's get down to it and dispel our 9th myth. more
How do we help coordinate responses to attacks against Internet infrastructure and users? Internet technology has to scale or it won't survive for long as the network of networks grows ever larger. But it's not just the technology, it's also the people, processes and organisations involved in developing, operating and evolving the Internet that need ways to scale up to the challenges that a growing global network can create. more
Are you interested in sharing lessons you've learned in deploying DNSSEC or DANE with the wider community? Have you performed new measurements related to DNSSEC deployment that you want to share publicly? Do you have a new tool or service that you think people in the DNSSEC community would find interesting? Are you seeking feedback on some ideas you have to make DNSSEC better or easier to deploy? more
Sponsored byCSC
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byIPv4.Global