Canada's CRTC isn't as dumb as U.S. regulators who are considering ruling that the law doesn't apply where the telcos oppose it. (Title II deregulation) Canada just decided wireless needs to follow the rules. In turn, the CRTC intends to make sure the rules are reasonable. Rather than saying "never any rules," they instead try to write sensible ones. more
I've written recently about a general purpose method called DNS Response Policy Zones (DNS RPZ) for publishing and consuming DNS reputation data to enable a market between security companies who can do the research necessary to find out where the Internet's bad stuff is and network operators who don't want their users to be victims of that bad stuff... During an extensive walking tour of the US Capitol last week to discuss a technical whitepaper with members of both parties and both houses of the legislature, I was asked several times why the DNS RPZ technology would not work for implementing something like PROTECT-IP. more
In my last blog post I shared some of the general security challenges that come with the Internet of Things (IoT). In this post, I will focus on one particular security risk: distributed denial of service (DDoS) attacks. Even before the age of IoT, DDoS attacks have been turning multitudes of computers into botnets, attacking a single target and causing denial of services for the target's users. By "multitudes" we can be talking about thousands or even millions of victim devices. Now add IoT into the equation... more
You'd be surprised how many people are asking that question at the moment, but you won't be surprised to know that the only thing they agree on is that they either don't know, or that they disagree with the people that believe they do. I am not going to attempt to provide my own answer, but I will point to a paper just released by the Parliamentary Office of Science and Technology (POST). POST, among other things, produces regular, concise briefings for the UK Parliament on whatever are the important topics of the time. And they have now done one on Internet Governance. more
IPv6 is "critical to achieve our net-centric vision", said Kris Strance, DoD Lead for IP Policy, speaking at the Information Assurance Collaboration Forum (IACF) in Laurel, Maryland last week. The Defense Department sees the proliferation of IP-addressable devices as a key driver for IPv6 adoption, and does not believe that IPv4 can satisfy its future requirements. The imminent explosion of non-traditional IP-enabled devices that Defense intends to implement may even threaten the large IPv4 address allocations that the Department holds. more
My book, "The Current State of Domain Name Regulation: Domain Names as Second Class Citizens in a Mark-dominated World" is now available by Routledge. The following is an overview of the book. more
The American Bar Association/International Chamber of Commerce (ABA/ICC) recently released a survey on global Internet jurisdiction. The survey, co-chaired by Professor Michael Geist, involved nearly 300 companies in 45 different countries. It found that U.S. companies were far more concerned and pessimistic about Internet jurisdiction risk than European and Asian companies. The study has also found that an "Internet jurisdiction risk toolkit" is emerging where companies target low risk jurisdictions and take steps to avoid doing business in perceived high risk jurisdictions. more
Four years ago today, thousands of websites, including Facebook, Google and Yahoo, and hundreds of networks permanently enabled IPv6 in what was called "World IPv6 Launch". One year before, on June 6, 2011, there had been a 24-hour test in "World IPv6 Day" but by June 6, 2012, IPv6 was enabled permanently for the participating sites and networks. One of the many IPv6 statistics sites many of us have watched since that time has been Google's statistics. more
My friend Kurtis writes in his blog some points he has been thinking of while discussing "when we run out of IPv4 addresses". In reality, as he points out so well, we will not run out. It will be harder to get addresses. It is also the case that unfortunately people that push for IPv6 claim IPv6 will solve all different kinds of problem. Possibly also the starvation problems in the world... more
This case involves an alleged domain name theft. Solid Host is a web host and initial owner of the domain name solidhost.com, which it registered through eNom in 2004. Solid Host claims that in 2008, a security breach at eNom allowed an unknown interloper (Doe) to steal the domain name and move the registration to NameCheap. Doe also acquired NameCheap's "WhoisGuard" service, a domain name proxy service that masked Doe's contact information in the Whois database. Solid Host contacted Doe and sought the domain name; Doe asked for $12,000, and Solid Host took a pass... more
By this time next year the allocation of the new Internet namespace will be complete. Several hundred contention sets, ranging from likely blockbusters like .WEB to somewhat less obvious money-makers like .UNICORN, will be decided by some method. One way to resolve contention is to form a joint venture... That works well when there are only two competitors and there's a good basis of trust, and it's a great solution because there are no losers. But if there are three or more competitors, or if you don't like and trust your prospective partner-to-be, this really isn't an option. more
You all remember Sitefinder don't you? According to The Register, CentralNic , owner of a number of popular domains including uk.com and us.com, has added wildcard A records to .uk.com. Cue the usual round of sniping about Internet stability (with which, as you will see, I agree). The question is, given the difference in scale (.com and .net are huge; .uk.com is quite small) will anyone notice? And does it matter? Certainly CentralNic seems to think the small scale of their domains excuses or at least mitigates the Internet stability side effects of their ploy. more
I wrote a guest column for ZDNet last month on the importance of IPV6. I fear that the Internet has been devolving into a recreation of the old smart networks with a lot of perverse complexity in the infrastructure. The latest calls for protection from all that bad stuff only adds to my concern since the problems attributed to the "Internet" will encourage people to seek more meddling. Unfettered connectivity has been a necessary precondition for allowing innovation to thrive on the Internet. It worked because the same openness allowed those at the edges to protect themselves against the errors whether malicious or just problematic. In fact, the so-called Internet revolution was triggered by the key concept of the browser -- treating other systems with suspicion but leaving it to the end points to decide how much to trust each other. more
But even if the collateral damage is left out of the picture, the very idea behind SiteFinder is user-unfriendly, and that's the second half of the ALAC's note: SiteFinder is, ultimately, about short-cutting other error handling methods, and redirecting any users that enter non-existing domain names into a web browser to Verisign's own service, for commercial purposes. SiteFinder is designed so it becomes difficult to deploy superior error handling services that would compete with it -- because errors aren't flagged. more
After almost four years, ICANN has announced that they have adopted a new domain name transfer policy that make it much easier for domain name registrants to do business with the ICANN accredited Registrar of their choosing. Highlights from this new policy include; streamlined definition of responsibilities as it relates to the management of the domain name. Under the new policy, only the Administrative Contact or Registrant can authorize a domain name transfer to a new service provider... more
Sponsored byCSC
Sponsored byWhoisXML API
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byRadix
A World-Renowned Source for Internet Developments. Serving Since 2002.