Imagine my surprise upon reading a BBC article which identified ISC BIND as the top security vulnerability to UNIX systems. At ISC, we have striven for a decade to repair BIND's reputation, and by all accounts we have made great progress. "What could this be about," I wondered, as I scanned the BBC article for more details. It turns out that BBC was merely parroting what it had been told by SANS. OK, let's see what SANS has to say... more
I am writing this note in order to express my concern about an impending change in the root of the Domain Name System (DNS) and two of the largest Top Level Domains (TLDs). I am concerned that there is a risk of disruption to the net that has not been adequately evaluated and I am concerned that this change is being deployed without adequate monitoring or safeguards. more
TLD registrations in the Internet's root-zone file currently are divided into two broad classifications: generic and country-code top-level domains. With respect to the latter classification, no new "strategy" is required to add further ccTLDs as a relatively well-working process is already in place to integrate the occasional new country-code top-level domain. With one of these two classifications under reasonably sound management, it is therefore perfectly understandable to see that the ICANN organization consequently views its obligation to "Define and implement a predictable strategy for selecting new TLDs" as a mandate "to begin the process of allocating and implementing new gTLDs"... the flaw in this conclusion, however, stems from the presumption that the Internet's taxonomy must necessarily contain only the two above-so-mentioned broad classifications. I am proposing a third TLD classification -- based on languages. more
The MOU between the Department of Commerce and ICANN includes a series of specific milestones that the corporation is required to accomplish by certain specified dates. One of the specific requirements placed on ICANN by the agency is to define "a predictable strategy for selecting new TLDs using straightforward, transparent, and objective procedures that preserve the stability of the Internet...." The MOU goes on to state that "(strategy development to be completed by September 30, 2004 and implementation to commence by December 31, 2004)." more
The following is the introductory excerpt from the United Nations ICT Task Force's recently published "Internet Governance: A Grand Collaboration". This publication offers a collection of works from the March 2004 meeting. more
It's funny, but I recall the battle cry that the WWW was "free" back in its early days. When contributing game concept to the early and great gaming pioneers like Infocom, there was such a great esprit-du-corps amongst our team regarding the fun as well as utility that the WWW offerred. In retrospect, we were so naive. I recall the days when guys like Bill Gates prided themselves on being such a great "hackers" - it was a noble term back then. more
As long suspected by some, the IETF is going to be closing up the Mail Transfer Agent Authentication in DNS (MARID) Working Group according to today's post by Ted Hardie, co-AD for Applications. Larry Seltzer of eWeek was right on target about this: "The rest of the SID standards process will now be a waste of time thanks to Microsoft, and the other participants will afterwards pick up the pieces and get the job done with another spec." more
The IETF MARID working group has been slogging away all summer trying to produce a draft standard about e-mail sender verification. They started with Meng Wong's SPF and Microsoft's Caller ID for E-mail, which got stirred together into a hybrid called Sender ID. One of the issues hanging over the MARID process has been Microsoft's Intellectual Property Rights (IPR) in Caller ID and Sender ID. The IETF has a process described in RFC 3668 that requires contributors to disclose IPR claims related to their contributions. more
The following article is an excerpt from the recently released Internet Analysis Report 2004 - Protocols and Governance. Full details of the argument for protocol reform can be found at 'Internet Mark 2 Project' website, where a copy of the Executive Summary can be downloaded free of charge. ..."In releasing this section for comment, I would like to point out that the report's conclusions are based on a cumulative examination of various protocols and systems. We are at a point of time where other protocols and systems are equally problematic -- the report points to some significant problems with DNS structure and scalability, and also points out that, to all intents and purposes, the basic email protocol, SMTP, is broken and needs immediate replacement." more
The Noncommercial Users Constituency (NCUC) is the constituency group representing civil society organizations in the formation of domain name policy. In August 2004 it initiated a process to nominate people to serve on the UN Secretary-General's Working Group on Internet Governance, as representatives of civil society. Our purpose was to assist the Secretary-General to identify qualified and widely-supported individuals capable of serving on the WGIG on behalf of civil society. more
Recent attention to the Eighth Circuit decision in Coca-Cola v. Purdy brings to mind the class of sometimes difficult cases involving the use of another's trademark as a domain name for criticism. An ICANN UDRP decision, Full Sail Inc. v. Ryan Spevack, Case No. D2003-0502 (WIPO October 3, 2003), by Mark VB Partridge, presiding panelist, with Frederick M. Abbott and G. Gervaise Davis III, included a review and analysis of the "your trademark sucks.com" cases that remains a useful reference worthy (I hope) of the lengthy quote below. more
The Internet Governance Project (IGP) issued a set of reports analyzing the current "state of play" in Internet governance. The reports were commissioned by the United Nations ICT Task Force as an input into the deliberations of the UN Secretary-General's Working Group on Internet Governance (WGIG). The report identifies the international organizations and agreements affecting the Internet, and points out where there are conflicts and gaps. more
While several news stories are reporting that Sender-ID has been killed, that is not entirely true. While Sender-ID in its current form is dead because of Purported Responsible Address (PRA), the compromise version with MAILFROM and PRA scopes is not. Also, the co-chairs want to stay away from any other alternative algorithms that do RFC2822 checking because of possible Intellectual Property Rights (IPR) claims by Microsoft on that as well. Andrew Newton, one of two co-chairs of the working group, wrote in an email today to the group's discussion forum... more
Those of you familiar with the American comic series "Peanuts" by the late Charles Schultz may be familiar with the recurring theme of Lucy's football. Lucy holds a football on her toe for Charlie Brown to practice a field goal kick. Charlie Brown realizes that the last 25 times Lucy has held the ball for him to kick, she pulled the ball out of the way at the last minute, causing him to trip and fall. Charlie Brown knows full well that Lucy may not keep the ball in place for him to kick, yet his determination gets him running towards that unlikely opportunity each and every time. more
Last month Wired News, the online service that grew out of Wired Magazine, decided that it was going stop using an upper-case 'I' when it talked about the internet. At the same time Web became web and Net became net. According to Tony Long, the man responsible for their style guide, the change was made because 'there is no earthly reason to capitalize any of these words'. In fact, he claims, 'there never was.' ...Forgive me for saying, but those who choose 'internet' over 'Internet' are as wrong as those who would visit london, meet the queen or go for a boat trip down the river thames. more
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byRadix