The Discrepancy in Confusion and Similarity Decisions of New gTLDs

After more than half of the new gTLD String Confusion Objection determinations that have been published we have updated our popular chart which compares the Visual Similarity (determined by the SWORD tool) with the results of the String Confusion Objections. We found that there is a huge discrepancy in what has been expected in the ICANN community and what the "Experts" have be decided. more

On the Time Value of Security Features in DNS

There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more

Travelogue Broadband Experiences

Throughout this year I have once again travelled extensively through USA, Europe, Asia and Latin America. Naturally, being in this industry I watch closely the various developments in broadband, mobile and WiFi. When you are travelling obtaining access is never far from one's mind. This also provides good opportunities to compare what is available, where, what the quality is, and so on. Looking back over many years there is no doubt that, no matter where you travel, there has been incredible progress. more

Diagnosing Load Test Errors - Where to Start for Holiday Success

Picture this: you just completed hours of internal Web services preparations with your system administrative team prior to the holidays. You discovered possible points of failure and made appropriate modifications with the expectation of a perfect load test. You take a few minutes to relax, refill the coffee mug sitting in front of you, and connect to the conference bridge where real-time discussion about the load test will occur. Things go well for the first 20 minutes of the test... Then it happens: one of the simulated users logs an error stating that it has timed out. more

You Just Signed a Registry Contract With ICANN. What Are Your Plans?

Back on February 4, 2013, I wrote a CircleID post entitled 'How the registrar Cash Flow Model Could Collapse with New ICANN gTLDs.' My key point back then was this: new gTLD applicants need to be mindful of how the cash flow policies of their registry (and of their back-end service provider) could impact whether their TLD is actively promoted by ICANN registrars... registries have historically assumed near-zero risk. This is going to change. more

Plumbing Neutrality

I've been having arguments about Network Neutrality with a lawyer. My position is that you can't adequately regulate ISPs to be neutral, because there's no agreement what "neutral" means in practice. He points out that the courts aren't interested in technical details like what packets are dropped, it's that all traffic has to be treated the same, and ISPs should just figure out how to do that. So I contemplated a city with Plumbing Neutrality with the simple rule that all people must be treated the same... more

Reflections on EUI’s New Community Priority Evaluation Guidelines for New gTLDs

The new Community Priority Evaluation (CPE) guidelines prepared by the Economist Intelligence Unit (EIU), and published by ICANN are now past their feedback period. We, at Radix, believe that ICANN has received feedback from approximately 10 stakeholders, and I for one, am looking forward to those being published. In light of the fact that none of the comments that ICANN received have been made public yet, I decided to blog about my multiple concerns with the new guidelines. Sparing a thought for the not-so-involved reader, I have limited my rant to some of the more important issues. more

More than 85% of Top 500 Most Highly-Trafficked Websites Vulnerable

Over the last 5 years, hacktivists have continued the practice of redirecting well-known domain names to politically motivated websites utilizing tactics such as SQL injection attacks and social engineering schemes to gain access to domain management accounts -- and that, in and of itself, is not surprising. But what IS surprising is the fact that less than 15% of the 500 most highly trafficked domains in the world are utilizing Registry Locking. more

IETF Chair’s Statement On Security, Privacy And Widespread Internet Monitoring

This weekend Jari Arkko, Chair of the Internet Engineering Task Force (IETF), and Stephen Farrell, IETF Security Area Director, published a joint statement on the IETF blog titled: "Security and Pervasive Monitoring"... They go on to outline some of the IETF's general principles around security and privacy as well as some of the new developments. They also point out a vigorous (and still ongoing) discussion within the IETF around how to improve the security of the Internet in light of recent disclosures. more

New gTLDs: The Registry Lock

Last week, The New York Times website domain was hacked by "the Syrian Electronic Army". Other famous websites faced the same attack in 2012 by the Hacker group "UGNazi" and, in 2011 by Turkish hackers. Basically, it seems that no Registrar on the Internet is safe from attack, but the launching of new gTLDs can offer new ways to mitigate these attacks. more