Featured Blogs

Latest

Making DKIM More Useful with Domain Assurance Email

The IETF DKIM working group has been making considerable progress, and now has a close-to-final draft. DKIM will let domains sign their mail so if you get a message from [email protected], the furble.net mail system can sign it so you can be sure it really truly is from furble.net. But unless you already happen to be familiar with furble.net, this doesn't give you any help deciding whether you want the message. This is where the new Domain Assurance Council (DAC) comes in... more

A Fundamental Look at DNSSEC, Deployment, and DNS Security Extensions

In looking at the general topic of trust and the Internet, one of the more critical parts of the Internet's infrastructure that appears to be a central anchor point of trust is that of the Domain Name Service, or DNS. The mapping of "named" service points to the protocol-level address is a function that every Internet user relies upon, one way or another. The ability to corrupt the operation of the DNS is one of the more effective ways of corrupting the integrity of Internet-based applications and services. If an attacker can in some fashion alter the DNS response then a large set of attack vectors are exposed. ...The more useful question is whether it is possible to strengthen the DNS. The DNS is a query -- response application, and the critical question in terms of strengthening its function is whether it is possible to authenticate the answers provided by the DNS. DNSSEC provides an answer to this question. more

More Top-Level Domain Wildcards

With all of the recent excitement about *.cm, the Cameroonian wildcard that someone is using to collect vast numbers of mistyped .com addresses, I wondered how many other wildcards there were at the DNS top level. There's a total of 13. Half of the wildcards are harmless. The *.museum wildcard leads to a registry page that helps guess what you might have been looking for. ...The .mp page also claims that .mp is for Mobile Phone rather than for the Marianas Islands, but they're hardly the only small poor island to try to cash in on their ccTLD, and they at least run it themselves. more

Nation of Cameroon Typo-Squats the Entire .com Space

The .cm (Cameroon) ccTLD operators have discovered that since their TLD is simply one omitted letter away from .com, that there is a gold mine in the typo traffic that comes their way. Accordingly, Cameroon has now wild-carded its ccTLD and is monetizing the traffic. The upshot is that, if the Neiman Marcus / Dotster lawsuit over 27 domain names was properly characterized as "massive", then the Cameroonians are now going well beyond massive... more

In Rem Domain Name Proceeding: Sometimes “may” Means “must”

Investools, Inc. recently filed an in rem domain name proceeding against a Canadian entity that registered the domain names investtools.com and investtool.com. In rem domain name proceedings are provided for under the Anticybersquatting Consumer Protection Act ("ACPA"), 15 U.S.C. 1125(d), and are a handy way for a trademark owner to acquire a domain name from a cybersquatter when the cybersquatter can't be found e.g., is located outside the U.S. ...The ACPA requires that a plaintiff demonstrate four things to establish in rem jurisdiction over a domain name... more

Another Try at Proof-of-Work e-Postage Email

Another paper from the Fifth Workshop on the Economics of Information Security, (WEIS 2006) is Proof of Work can Work by Debin Liu and L, Jean Camp of Indiana University. Proof of work (p-o-w) systems are a variation on e-postage that uses computation rather than money. A mail sender solves a lengthy computational problem and presents the result with the message. The problem takes long enough that the sender can only do a modest number per time period, and so cannot send a lot of messages, thereby preventing spamming. But on a net full of zombies, proof of work doesn't work. more

The Blurr-Cade Proposal on Root Zone Oversight

Becky Burr (former NTIA official) and lobbyist Marilyn Cade has made a proposal to create a multilateral working group to oversee the root zone file updates. I would characterize the Burr-Cade proposal as a "small step for mankind and a giant step for the US" to paraphrase Neil Armstrong. The main merit of the proposal is that it looks like something the USG might want to follow. Sevaral people suggested there should be no governmental oversight at all but that does not look realistic, in the sense that there can be huge economic and political interests behind ICANN decisions. more

VeriSign Director Charged with Securities Fraud

Bloomberg is reporting that Gregory Reyes is facing criminal and civil charges in relation to securities fraud. Reuters and the Mercury News also have coverage. "Former Brocade Communications Systems Inc. Chief Executive Officer Gregory Reyes became the first CEO charged in the U.S. probe of the backdating of stock option grants to create lucrative employee pay packages." more

The Burr Proposal: Beginning of the End of Unilateral Control of the DNS Root?

The results of the recent NTIA consultation made it clear that there is no real public or industry support for unilateral control of the DNS root by the U.S. government. The latest and most interesting sign of collapsing support for US unilateral control of the DNS root, which the Internet Governance Project learned of today, is a proposal being circulated by G. Beckwith Burr... more

Taking Aim at 8 Myths about ENUM

ENUM has a critical role to play in telephony services convergence. Although many carriers are adopting ENUM there are myths swirling around the confuse newcomers. In data networks, the domain name system (DNS) is responsible for converting Uniform Resource Locators (URL's) to IP addresses in order to route data traffic. The ENUM protocol performs a similar essential function of linking E.164 telephone numbers to Universal Resource Identifiers (URIs) -- enabling communication services to use traditional phone numbers to set up calls over IP networks. Unfortunately, there's a good deal of hype and confusion around ENUM, which might lead carriers to delay ENUM implementations. That delay would be a mistake... more

Why I’m Standing for the ICANN Board and Why I’ve made My Statement Public

The number of applications this year for the seven positions within ICANN has been so low that the NomCom has gone to the trouble of printing up pamphlets, holding a public meeting at Marrakech and extending the deadline by a fortnight. At the two public Board sessions in Marrakech the grand hall that was provided was virtually empty, sparking some debate as to why. Susan Crawford ventured that it was because ICANN was failing to connect with people; Vint Cerf suggested that ICANN was so successful at doing its job that people didn't feel the need to attend. Mouhamet Diop pointed out that we were in a French-speaking Arabic country and no one was going to sit through four hours of discussion if they didn't understand a word of it... more

OpenDNS: It’s Not SiteFinder for Obvious Reasons

The first salvo on NANOG this morning in response to the launch of OpenDNS was a predictable lambasting along the lines of "here comes SiteFinder II". Fortunately the follow-ups were quick to point out that OpenDNS was a far cry from SiteFinder for the obvious reason that people have the choice to use it, nobody had a choice with SiteFinder. ...the real magic here can come from it's use in phishing mitigation. more

Why Senator Stevens is Right on Net Neutrality

Several people emailed me about the actual things the senator said and why he is off-base. I decided to listen to his speech again, and write down the points I believe are critical. Senator Stevens who everyone is dissing on for his speech on Net Neutrality in my book spoke nothing less than brilliant. I will also tell you, in my opinion, exactly why... He nailed down the subject into the point that matters: Business. It's about profit. more

Net Neutrality Is As Silly As So-Called Internet Governance

From the perspective of Internet security operations, here is what Net Neutrality means to me. I am not saying these issues aren't important, I am saying they are basically arguing over the colour of bits and self-marginalizing themselves. For a while now I tried not to comment on the Net Neutrality non-issue, much like I didn't comment much on the whole "owning the Internet by owning the Domain Name System" thingie. Here it goes anyway. Two years ago I strongly advocated that consumer ISP's should block some ports, either as incident response measures or as permanent security measures... more

New WHOIS Definition Survives Marrakech ICANN Meeting

For now, it appears that the new, more technically focused and privacy-friendly definition of the purpose of Whois survived the Marrakech meeting. The U.S. Government and the copyright and law enforcement interests mounted a major onslaught against the Generic Names Supporting Organization (GNSO) action, using the Governmental Advisory Committee (GAC) as their pressure point.  more

Topics

New TLDs

Sponsored byRadix

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days