For those who've been living in an e-mail free cave for the past year, phishing has become a huge problem for banks. Every day I get dozens of urgent messages from a wide variety of banks telling me that I'd better confirm my account info pronto. ...Several people have been floating proposals to extend authentication schemes to the URLs in a mail message. A sender might declare that all of links in it are to its own domain, e.g., if the sender is bigbank.com, all of the links have to be to bigbank.com or maybe www.bigbank.com. Current path authentication schemes don't handle this, but it wouldn't be too hard to retrofit into SPF. ...So the question is, is it worth the effort to make all of the senders and URLs match up? more
A recent study conducted by Blue Security reports how Internet users can unknowingly expose their contacts' emails addresses to Spammers while sharing files, music, games and DVDs over Peer-to-Peer (P2P) networks. The study has uncovered hundreds of incidents where files containing email addresses were made accessible in P2P networks. more
Larry Seltzer wrote an interesting article for eWeek, on port 25 blocking, the reasons why it was being advocated, and how it would stop spam. This quoted an excellent paper by Joe St.Sauver, that raised several technically valid and true corollaries that have to be kept in mind when blocking port 25 -- "cough syrup for lung cancer" would be a key phrase... Now, George Ou has just posted an article on ZDNET that disagrees with Larry's article, makes several points that are commonly cited when criticizing port 25 blocking, but then puts forward the astonishing, and completely wrong, suggestion, that worldwide SPF records are going to be a cure all for this problem. Here is my reply to him... more
James Seng, my good colleague in APEET, said: "...Chiao called .ASIA 'more or less like a joint venture among APxx organizations'. I say nonsense!" When I say more or less, I mean more or less... On this .ASIA entry, I've intended to use the language carefully at this moment 'cos I know someone will be watching... more
There have been several posts over the last 48 hours in response to the new dot jobs domain on both sides of the argument. John Sumser from The Electronic Recruiting News provides a balanced view of the new domain and in the end determines that then new domain will not help job seekers. Gerry Crispin has a slightly different view on The CareerXroads, which is not surprising as Gerry was a advocate of the new domain from the beginning. Joel Cheesman provides a fantastic top 10 thoughts on the new domain as well... more
After releasing .travel and .jobs (hey, steve.jobs up for bidding!), ICANN said they will look at .xxx and .asia next. (via Chiao) "Vint Cerf: ...of those, we have had fairly extensive discussion about .asia and .xxx. We continue to evaluate those. The others will be attended to as we can get to them. But i want to say for the record that we will attempt within the next 30 days to come to a conclusion one way or the other about .asia and .xxx so these will be on a board call sometime within that period." Chiao called .ASIA "more or less like a joint venture among APxx organizations". I say nonsense! Don't let appearance fool you. more
Many of the problems of IDNs come from trying to do multiple languages at the same time or languages one can't read. The biggest difficulty is implementing them in gTLDs like .com or .org. I think that if we focus on helping the country level TLDs (ccTLDs) get going with IDNs in their own native languages, we would be solving the problem for 80% or so of the people. My concern is holding up the ability for these people to use IDNs because we can find the perfect solution for the edge cases. more
The Congressional Research Service (CRS) recently released a major new study examining cybersecurity. The report, "Creating a National Framework for Cybersecurity: An Analysis of Issues and Options" discusses a variety of significant public and private cybersecurity concerns. The CRS analysis lists several broad options for addressing cybersecurity weaknesses ranging from adopting standards and certification to promulgating best practices and guidelines and use of audits among other measures. more
Controversies over ICANN led to the creation of the Working Group on Internet Governance, but so far there have been few specific proposals for change. The Internet Governance Project has entered that breach with a new policy paper: "What to Do About ICANN: A Proposal for Structural Reform." The proposal, by Hans Klein and myself, proposes three clean, clear but probably controversial solutions to the criticisms that have been made of ICANN. more
We, members of the JET (Joint Engineering Team), send this open letter to request Microsoft Corporation to implement IDN (Internationalized Domain Names) standards[1] in the next version of Internet Explorer. ...IDN is a critical enabling technology that will make the Internet more useable and attractive to the majority of the Chinese, Japanese and Korean population who do not use English in their daily life. In fact, IDN is mentioned as one of the Declaration of Action of the World Summit of Information Society (WSIS). To date, IDN registration has been launched in .cn, .jp, .kr, .tw and many other European country code top level domain as well as other generic top level domain names. More than 1 million IDNs have been registered since 2000. Most of the web browsers, such as Safari, Firefox and Opera have implemented IDN standards. This means that users can use IDN in these web browsers without additional applications or plug-ins... more
India is one of the world's fastest growing economies, the global leader in outsourcing and the service computing, and home to over a billion people. But when I first met officials from the Indian government to discuss their plans for .IN, India had a total of just about 7,000 .IN registrations, fewer than most small countries have. ...(Compare to 100,000 names registered last month alone) This is one of the most rapid starts of any domain worldwide. In my conversations with senior officials of the Indian Government and the National Internet Exchange of India (NIXI) which manages the .IN Registry, they credited three key decisions that proved critical to the success of the domain's re-launch... more
This post will explain why ICANN and the domain industry should foster and encourage the use of third-level domain name spaces to benefit the domain name industry and as a way to meet the growing demand for easy-to-remember URLs. ...The Internet was originally envisioned to be hierarchical in nature. The Domain Name System came into being out of a need for easy-to-remember network addresses. ...Although benefits have come out of the creation of the new TLDs, a simple, obvious, important, existing solution is largely being overlooked by the domain name industry... more
In recent weeks, thousands of what ICANN describes as "questionable" registrations have been activated... Let me illustrate: Mr. ICANN decides to hold a party. He has decided that he only wants to ask some of his professional friends to come, so they are asked to bring their party invites with them to prove they've been invited, because poor Mr. ICANN has had trouble before with people gatecrashing his parties. At a sunrise party he'd held a few years ago, all kinds of people had gatecrashed and no-one had asked to see their invites and it was dreadful. So Mr. ICANN hires a bouncer to stand guard at the front door of his house. The bouncer, Johnny Registry, assures Mr. ICANN that no-one will get in without an invite... more
With much awaited fanfare, .EU is inching ever closer to becoming real! I am a bit reluctant to say it is actually here until the gates are actually open, but I can imagine that there are many who are grateful as I am that the process has gotten as far as it has. On March 23rd, 2005, ICANN announced that they had approved an agreement earlier that week with EURid to have .eu added to the root zone... more
On March 2, EnCirca launched its ProForwarding leasing service for .pro domains. When we launched the service, we were sure that the ProForwarding service would appeal to a segment of the internet community not being served well by other extensions: self-employed professionals and other small businesses. Based on the response we've received, it appears we were right. It also caught the attention of ICANN and others, who accused us of "violating the spirit of .pro". Does .pro even have a spirit? And if it does, who gets to decide what it is? more
Sponsored byVerisign
Sponsored byRadix
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byCSC