Interested in working on an open standard for "secure Caller ID" for voice-over-IP (VoIP)? If so, the new "Secure Telephone Identity Revisited (STIR)" working group was just officially chartered within the IETF and the mailing list is open for all to subscribe. more
Many generic, community and other geographic new domain name extensions (also called "gTLDs" or "generic Top Level Domains") will soon become a focal point for the industry or sector they represent. These simple denominators which define a vertical sector, profession, geographic, ethnic or other delineated group on the Internet have not existed on the Internet until now. These new domain name extensions are moving from the realm of science fiction to science fact: in fact a domain name ending in ".science" will soon exist on the Internet and will clearly contain web sites with a relationship to science. more
Since Verisign published its second SSR report a few weeks back, recently updated with revision 1.1, we've been taking a deeper look at queries to the root servers that elicit "Name Error," or NXDomain responses and figured we'd share some preliminary results. Not surprisingly, promptly after publication of the Interisle Consulting Group's Name Collision in the DNS [PDF] report, a small number of the many who are impacted are aiming to discredit the report. more
My first day back at the office after a summer of working remotely featured a traffic jam of the sort that reminds me why I hate commuting: one car crash, a key highway closed, and no reasonable surface road alternative routes. There's just nothing to do but suffer the consequences when that road backs up. I had an early team meeting and was already scrambling to leave the house with a buffer of half the regular commute time. It wasn't going to be enough. I dropped a note to my team, who'd all be participating from their locations (in other cities and countries), and warned them. more
The ICANN board has passed a resolution approving the renewal of .INFO, .ORG and .BIZ Registry agreements with the clause on cross -- ownership (aka Vertical Integration) removed. What this means is that these Registries will now be allowed to own, part or whole, of a Registrar business. This will enable them to sell their TLD directly to end customers and also establish a reseller chain thus allowing much greater control and flexibility over sales channels. more
Ever want to know where all the submarine cables are that provide part of the physical infrastructure of the Internet? Or which cities in the world have the most connectivity via submarine cables? (or which regions might be single points of failure?) In doing some research I stumbled across this excellent site from the folks at TeleGeography... It is a very well done and captivating (to me, anyway) view into where all the current and planned submarine cables are located. more
Built for the most part during the Cold War, surveillance systems on a global scale were considered a vital necessity with the onset of nuclear weapons, if only to keep Mutually Assured Destruction at bay. Today, these systems are also used for domestic surveillance and universal data harvesting, including on one's own citizens. Should we still consider these systems with the same reverence as if we were, say, in the midst of some Cuban Missile Crisis? more
In these competitive times and with the holiday's looming, your Website experience needs to give customers a "warm and fuzzy" feeling. That is, it should be available and fast, with no major hiccups. Website monitoring is essential in delivering just that. How do you find a monitoring tool? Just set the monitoring budget, find a vendor, call the sales department and buy yourself some monitoring, right? Whoa, not so fast. more
Geoff Huston's recent post about the rise of DNS amplification attacks offers excellent perspective on the issue. Major incidents like the Spamhaus attack Geoff mentions at the beginning of his post make headlines, but even small attacks create noticeable floods of traffic. These attacks are easy to launch and effective even with relatively modest resources and we see evidence they're occurring regularly. Although DNS servers are not usually the target of these attacks the increase in traffic and larger response sizes typically stress DNS infrastructure and require attention from operation teams. more
One of the most prominent denial of service attacks in recent months was one that occurred in March 2013 between Cloudflare and Spamhaus... How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time of the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack? more
Yesterday, a decision on a string confusion objection was reached by a dispute resolution provider that resulted in a scenario that ICANN and the Applicant Guidebook had not addressed - conflicting opinions have been rendered by expert panelists ruling on the exact same pair of strings. One of our applications now hangs in the balance. The expert panelist for the International Centre for Dispute Resolution (ICDR) assigned to decide the string confusion objection filed by VeriSign against United TLD's .CAM application, issued a decision sustaining VeriSign's objection that .CAM and .COM are confusingly similar. more
When the domain name system (DNS) was first designed, security was an afterthought. Threats simply weren't a consideration at a time when merely carrying out a function - routing Internet users to websites - was the core objective. As the weaknesses of the protocol became evident, engineers began to apply a patchwork of fixes. After several decades, it is now apparent that this reactive approach to DNS security has caused some unintended consequences and challenges. more
In 1992, Theo Irmer who had served as the organization's director for the previous eight years during its glory days, wrote that if there was any hope of saving what was left of the body, it must be privatised. That never occurred. Everyone pretty much left and migrated to dozens of other venues where all the world's information and communication technology standards have long been created and evolved. Essentially every major nation moved to competitive, private, marketplace-driven provisioning of communication products and services. more
If only I had been able to predict the new gTLD future, but alas my crystal ball (well, really it's a Magic 8 Ball ®) did little to help me. And I really doubt that 5+ years ago, when this new gTLD journey began, that anyone could have predicted where we are now. All that said, back in 2008, I wish I could have known that... more
Any new top level domain approved for the Internet will have to be more than just a single label. ICANN's new gTLD program committee (NGPC) has decided to ban the use of "dotless domains". TLD operators that had planned to use their new suffix as a keyword, i.e. just the string and nothing else, will now have to reconsider. more
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byRadix