As new Top-Level Domains (TLDs) are launched, the industry mustn't overlook the customer experience. A key question is this: Will the software applications we all use, recognize the new TLDs and know what to do with them in a timely fashion? Think email and even form-fill applications. I speak from experience here. In 2006 when we launched the .MOBI TLD, there were arguably only a handful of .MOBI email addresses in existence. To my dismay, I found that often emails sent only from my .MOBI account were not being received at the other end... more
"CreditCards.com, the domain name, has been purchased for $2.75 million by ClickSuccess, L.P., an Austin, Texas-based firm specializing in marketing financial products online. The purchase, announced yesterday (July 20, 2004), represents the fifth highest selling price for a domain name on record." I have to admit, when I looked at those opening lines from a new press release today I started trying to find out who was behind the joke! more
Where is the domain industry with the adoption of DNSSEC? After a burst of well publicized activity from 2009-2011 -- .org, .com, .net, and .gov adopting DNSSEC, roots signed, other Top-Level Domains (TLDs) signed -- the pace of adoption appears to have slowed in recent years. As many CircleID readers know, DNSSEC requires multiple steps in the chain of trust to be in place to improve online security. more
Last week, Columbia University's School of International and Public Affairs (SIPA), in collaboration with the Global Commission on Internet Governance (GCIG), hosted a conference on Internet governance and cybersecurity. The conference gathered a variety of experts to discuss issues pertaining to Internet governance, human rights, data protection and privacy, digital trade, innovation and security. more
I recently attended RIPE 66 where Tore Anderson presented his suggested policy change 2013-03, "No Need -- Post-Depletion Reality Adjustment and Cleanup." In his presentation, Tore suggested that this policy proposal was primarily aimed at removing the requirement to complete the form(s) used to document need. There was a significant amount of discussion around bureaucracy, convenience, and "liking" (or not) the process of demonstrating need. Laziness has never been a compelling argument for me and this is no exception. more
There are two types of domain name appraisers, designated here as type "1" and type "0," with the former being appraisers who rely on a scientific approach. A large number of domain owners use the services of type "0" -- the nonscientific -- or do the appraisal themselves. Approaches used by scientific appraisers include regression-type statistical modeling, discounted cash-flow analysis, and reliance on the Law of Large Numbers. This post looks at some of the typical erroneous arguments against taking a statistical approach and provides an example from law... more
As attack vectors go, very few are as significant as obtaining the ability to insert bespoke code in to an application and have it automatically execute upon "inaccessible" backend systems. In the Web application arena, SQL Injection vulnerabilities are often the scariest threat that developers and system administrators come face to face with (albeit way too regularly). more
ICANN has been wrangling about WHOIS privacy for years. Last week, yet another WHOIS working group ended without making any progress. What's the problem? Actually, there are two: one is that WHOIS privacy is not necessarily all it's cracked up to be, and the other is that so far, nothing in the debate has given any of the parties any incentive to come to agreement. The current ICANN rules for WHOIS say, approximately, that each time you register a domain in a gTLD (the domains that ICANN manages), you are supposed to provide contact information... WHOIS data is public, and despite unenforceable rules to the contrary, it is routinely scraped... more
As widely reported, Credit Suisse analysts have estimated Google's YouTube may lose $470M in 2009 and more in the future. However, their estimates say Google will pay $360M for bandwidth in 2009. I don't know how Google figures their cost of bandwidth, but anyone who understands anything about Internet transit/peering knows Credit is way off base. more
ICANN has launched three task forces on WHOIS restructuring...It sounds innocuous enough -- nobody likes spam -- but the restrictions being discussed reach further than marketers. Pushed by registrars who feel that WHOIS amounts to forced disclosure of their customer lists, the task force is seriously discussing closing off port 43's straightforward access to WHOIS information, replacing it with GIF-based barriers or similar access restrictions. more
I, for one, have been a proponent of new gTLDs from the early days of their policy development process within ICANN. I always believed that the existing gTLDs -- and mainly the .com space -- have created artificial scarcity, which is primarily responsible for much of the cybersquatting and the abuse trademarks experience. I do not share the same fears as those who argue that new gTLDs will create intolerable levels of cybersquatting or will necessitate defensive registrations from brand and trademark owners alike. more
At the April 2013 ARIN meeting the inevitable question came up once more: "Exactly when is ARIN going to run out of IPv4 addresses?" Various dates have been proposed as an answer to this question, based on various methods of prediction. As the date is indeed getting closer, it may well be worth the time to review ARIN's situation, and make a few predictions here about the likely date when ARIN's exhausts its remaining pool of IPv4 addresses. more
For those who've been living in an e-mail free cave for the past year, phishing has become a huge problem for banks. Every day I get dozens of urgent messages from a wide variety of banks telling me that I'd better confirm my account info pronto. ...Several people have been floating proposals to extend authentication schemes to the URLs in a mail message. A sender might declare that all of links in it are to its own domain, e.g., if the sender is bigbank.com, all of the links have to be to bigbank.com or maybe www.bigbank.com. Current path authentication schemes don't handle this, but it wouldn't be too hard to retrofit into SPF. ...So the question is, is it worth the effort to make all of the senders and URLs match up? more
Facebook announced on Friday that it settled the class action challenging its "Beacon" advertising program. Net result? Facebook establishes a privacy foundation funded with $9.5 million (or what's left of this amount after attorneys' fees, costs, and class claims are deducted)... Beacon was an advertising program launched in November 2007 which (roughly speaking) allowed the transmission of purchase and consumer-related information between partner retailers, Facebook, and of course, your Facebook friends. I don't think many people have a sense of all of the contours of the program... more
There is little doubt that the Internet has formed part of the impetus for a revolutionary change in the nature of the global communications industry. "Revolutionary" in the sense that the past decade has seen fundamental and highly disruptive changes in the nature of the underlying technologies used by the industry, changes in the composition, ownership and role of industry players, changes in the nature of services offered to the end consumer, changes in the associated financial models used by the industry, and changes in the regulatory environments in which this industry operates. Considering that this industry was, in the latter half of the twentieth century, one of the largest and most influential industry sectors on a global basis, these revolutionary changes will doubtless have consequences that will echo onward for some time yet. more
Sponsored byRadix
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byVerisign
A World-Renowned Source for Internet Developments. Serving Since 2002.