Verizon filed sued against iREIT and Domain Marketplace a couple of weeks ago in a Texas court, alleging cybersquatting. David Kesmodel's blog broke the story, and I used the PACER system to obtain the court filings, which are posted here. Exhibit 5 makes fascinating reading, especially when point #43 in the main statement of claim says "Exhibit 5 details only one famous trademark for each letter of the alphabet."
One of the consistent chants we've always heard from ICANN is that there has to be a single DNS root, so everyone sees the same set of names on the net, a sentiment with which I agree. Unfortunately, I discovered at this week's ICANN meeting that due to ICANN's inaction, it's already too late. Among the topics that ICANN has been grinding away at is Internationalized Domain Names (IDNs) that contain characters outside the traditional English ASCII character set... ICANN has tied itself with the issue of homographs, different characters that look the same or mean the same thing. Once people noticed that IDNs let you register different names that look the same, the intellectual property crowd that has always had a mysteriously great influence on ICANN went into a tizzy and they went into lengthy discussions on what to do about them...
After much initial fanfare a couple of years ago ENUM has matured to a state where it is currently yet another under-achiever in the technology deployment stakes. ENUM initially presented itself as a very provocative response to the legacy telco position of monopolising public voice services through their exclusive control over the Public Switched Telephone Network (PSTN) and the associated controlling position over the telephone number space... The perception was that ENUM was going to dismantle these levers of control and open up the voice market to a new wave of competitive carriers. If the address plan was the key to the PSTN, then ENUM was intended unlock this network and position the new wave of Voice Over IP (VOIP) carriers to take over any residual treasures of the traditional voice market. Events have not played out according to these expectations...
There are a lot of bad, but smart, people out there on the net. They are quick to find and capitalize on vulnerabilities, particularly those vulnerabilities in mass market software. These bad folks are quite creative when it comes to making it hard to locate and shutdown the computers involved. For example, a virus that takes over a victim's computer might communicate with its control point, or send its captured/stolen information, by looking up a domain name. Normally domain names are somewhat static - the addresses they map to don't change very frequently - typically changes occur over periods measured in months or longer.
Isn't security as important to discuss as .XSS? The DNS has become an abuse infrastructure, it is no longer just a functional infrastructure. It is not being used by malware, phishing and other Bad Things [TM], it facilitates them. Operational needs require the policy and governance folks to start taking notice. It's high time security got where it needs to be on the agenda, not just because it is important to consider security, but rather because lack of security controls made it a necessity.
The fallout from the failure of RegisterFly has been largely addressed as an issue of regulation and enforcement. ...ICANN has not historically enforced the escrow obligation, and in any case, if a company has failed, who exactly is going to take responsibility for updating the escrowed data? It seems to me that the problems that have arisen as a result of RegisterFly's collapse have more to do with the design of the "shared registry system" for the .COM and .NET TLDs than they do with ICANN's failure to enforce the RAA.
There is a current ongoing Internet emergency: a critical 0day vulnerability currently exploited in the wild threatens numerous desktop systems which are being compromised and turned into bots, and the domain names hosting it are a significant part of the reason why this attack has not yet been mitigated. This incident is currently being handled by several operational groups. This past February, I sent an email to the Reg-Ops (Registrar Operations) mailing list. The email, which is quoted below, states how DNS abuse (not the DNS infrastructure) is the biggest unmitigated current vulnerability in day-to-day Internet security operations, not to mention abuse.
A recent trend in the Japanese web advertising market may presage changes that could come to the Western world. ...some advertising in Japan now includes a picture of a filled-in browser search box instead of a domain name. The idea is that an advertiser can buy top-of-page advertising at the main search engines for various terms and then suggest to people reading their print ads to use those terms to search.
The ICANN Board voted today 9-5, with Paul Twomey abstaining, to reject a proposal to open .xxx. This is my statement in connection with that vote. I found the resolution adopted by the Board (rejecting xxx) both weak and unprincipled... I am troubled by the path the Board has followed on this issue since I joined the Board in December of 2005. I would like to make two points. First, ICANN only creates problems for itself when it acts in an ad hoc fashion in response to political pressures. Second, ICANN should take itself seriously as a private governance institution with a limited mandate and should resist efforts by governments to veto what it does.
Last week I noted here that cutting off collapsed domain Registerfly will leave a huge problem for registrants. ICANN is supposed to have escrowed copies of each registrar's registrant data, but has never got around to setting that up. This means that unless Registerfly can supply the data, there may be no record of the actual owner of their domains.