Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In Tony Li's article on path MTU discovery we see this text: "The next attempt to solve the MTU problem has been Packetization Layer Path MTU Discovery (PLPMTUD). Rather than depending on ICMP messaging, in this approach, the transport layer depends on packet loss to determine that the packet was too big for the network. Heuristics are used to differentiate between MTU problems and congestion. Obviously, this technique is only practical for protocols where the source can determine that there has been packet loss. Unidirectional, unacknowledged transfers, typically using UDP, would not be able to use this mechanism. To date, PLPMTUD hasn't demonstrated a significant improvement in the situation." Tony's article is (as usual) quite readable and useful, but my specific concern here is DNS... more
ICANN's new gTLD expansion is really quite an ingenious ploy to grow the once small California non-profit into an unstoppable machine, worth hundreds of millions of dollars, which soon plans to finally be free from any external oversight. I have no doubt that ICANN pats itself on the back for pulling the wool over so many eyes, including stakeholders, new gTLD applicants, politicians, and the global general public. more
Three vectors were exploited in the recent DDoS attack against Spamhaus: 1) Amplification of DNS queries through the use of DNSSEC signed data; 2) Spoofed source addresses due to lack of ingress filtering (BCP-38) on originating networks; 3) Utilisation of multiple open DNS resolvers While. 1) is unavoidable simply due to the additional data that DNSSEC produces, and 2) "should" be practised as part of any provider's network configuration, it is 3) that requires "you and I" ensure that systems are adequately configured. more
The experience of interviewing a data scientist is like none other. Over the past year, we've interviewed more than 100 data scientists, and most, if not all, of them are brilliant. After all, they are a data scientist and have spent many years mastering their craft. The purpose of this post is to potentially assist technology leaders who are considering hiring a data scientist or a data science team. There are five items of consideration. more
Too many techies still don't understand the concept of due process, and opportunistic law enforcement agencies, who tend to view due process constraints as an inconvenience, are very happy to take advantage of that. That's the lesson to draw from Verisign's proposal and sudden withdrawal of a new "domain name anti-abuse policy" yesterday. The proposal, which seems to have been intended as a new service to registrars, would have allowed Verisign to perform malware scans on all .com, .net, and .name domain names quarterly when registrars agreed to let them do it. more
One of the obvious drivers of broadband usage is online video, and a study earlier this year by the Leichtman Research Group provides insight into the continuing role of video growth in broadband usage. The company conducted a nationwide poll in the US looking at how people watch video, and the results show that Americans have embraced online for-pay video services. more
In 2020 a group of book publishers sued the Internet Archive over their Controlled Digital Lending program, which made PDF scans of books and lent them out from the Archive's website. For books still in copyright, the Archive usually limited the number of copies of a book lent to the number of physical copies of the book they had in storage. Several publishers sued with an argument that can be summarized as "that's not how it works." more
How to properly balance the commercial rights of a complainant with the free speech rights of a respondent has challenged a generation of Uniform Domain Name Dispute Resolution Policy (UDRP) panelists. Panelists have adopted a variety of approaches and consensus has been elusive. Paragraph 4(c)(iii) of the Policy provides that a respondent may have a right or legitimate interest in a disputed domain name... more
What occurred in Dubai on 14 December was unprecedented in the history of the ITU. It was unprecedented in the history of international telecommunication law. Most of the major nations of the telecommunication world rejected a profoundly broken treaty instrument that had no reason to even exist. A large number of "minor" networking nations accepted the obligations of the treaty instrument, although almost all of them entered significant reservations. In the long history of telecommunication law and intergovernmental organizations since 1850, this has never occurred. more
In its informal background paper "Applying the Highest Standard of Corporate Governance" (August 2011) the European Commission proposes to revise the procedures of ICANNs Nominating Committee (NomCom). Instead of the confidential treatment of applicants the EU calls for an open publication of "a full list of candidates". Is this a good idea? I don't think so. The rationale behind the EU proposal is "to improve confidence on the selection procedure" and "to avoid conflict of interests". But the proposed improvement is based on a wrong assumption... more
The deployment of Domain Security Extensions (DNSSEC) has crossed another milestone this month with the publication of DURZ (deliberately unvalidatable root zone) in all DNS root servers on 5 May 2010. While this change was virtually invisible to most Internet users, this event and the remaining testing that will occur over these next two months will dictate the ultimate success of DNSSEC deployment across the Internet. more
The number one concern cited for avoiding cloud computing is security. And there is a reason for that. Cloud providers have demonstrated some spectacular failures in the past, including Amazon's near total shutdown of an entire region, Dropbox's authentication snafu, and innumerous cloud providers that go belly-up. However, in the long run, cloud computing is destined to become more secure than in-house IT. I will briefly describe two dynamics in the industry that point in that direction, with substantiating evidence. more
The 15th edition of the European Summer School on Internet Governance (EuroSSIG) took place recently in Meissen/Germany, from August 15 -20, 2021. It was the second hybrid meeting under the challenging condition of the pandemic. Eighteen fellows from 15 countries representing all regions of the world traveled to Germany, as well as five faculty members. Fifteen faculty members joined via Zoom from California to Beijing. The agenda of the one-week course included a broad range of topics such as cybersecurity, digital diplomacy, IGF+, DNS Abuse, human rights, digital trade and taxation, as well as artificial intelligence. more
On September 12 China, the Russian Federation, Tajikistan and Uzbekistan released a Resolution for the UN General Assembly entitled "International code of conduct for information security." The resolution proposes a voluntary 12 point code of conduct based on "the need to prevent the potential use of information and communication technologies for purposes that are inconsistent with the objectives of maintaining international stability and security and may adversely affect the integrity of the infrastructure within States..." more
On October 12, 2023, the 18th Internet Governance Forum (IGF) ended in Kyoto. It was, with more than 9000 registered participants, the largest IGF since its inception in 2006. UN Secretary-General Antonio Guterres and Japan Prime Minister Fumio Kishida opened the five-day meeting. The tangible output included 89 "IGF Messages from Kyoto," four substantial reports with recommendations from IGF Policy Networks (PN) for Artificial Intelligence... more
Sponsored byCSC
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byRadix
A World-Renowned Source for Internet Developments. Serving Since 2002.