The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer.
The following provides and introduction to a study by Venugopalan Ramasubramanian and Emin Gun Sirer, called "Perils of Transitive Trust in the Domain Name System". The paper presents results from a large scale survey of DNS, illustrating how complex and subtle dependencies between names and nameservers lead to a highly insecure naming system... "It is well-known that nameservers in the Domain Name System are vulnerable to a wide range of attacks. We recently performed a large scale survey to answer some basic questions about the legacy DNS."
The XXX drama isn't over. Today ICM Registry announced that it would file a reconsideration request with ICANN and a judicial appeal to challenge redactions and omissions from the internal US government documents released to it under a Freedom of Information Act (FOIA) request. These could prove to be opening moves in a more extended round of litigation. In connection with its judicial appeal, ICM Registry released 88 pages of internal US Commerce Department documents obtained under the FOIA showing how the U.S. handled its application.
Message to ICANN: Let those who want to create a TLD, simply register it with ICANN. If the TLD is not already taken, if they have the technical capability to mange the TLD, and they have the desire to market domain names on that TLD, then let them do so. ...Do you present a businesss plan to the city you live in before they allow you a business license? Does the city ask you to prove you are financially stable before issuing you a business license? If you apply for a business license to open a clothing store, does the city ask how you will run your clothing store or if you have the necessary expertise to run a clothing store? Does the city think you will hurt them economically if your clothing store goes out of business? No, it's none of their business...
The amount of time one spends actually working for ICANN is enormous. And that limits the people who can actually work for ICANN as directors. I say "work", but you should know that this is not a paid work. Nope. It's being performed for free -- we dedicate our time and skills to ICANN free of charge. Many people ask me "What is it like to be on the Board of ICANN?" Here is my response, with some astonishing data.
The success of a proposal by AT&T and Verizon to end net neutrality does not threaten the Internet. The broadband customers of AT&T and Verizon will just no longer have access to the Internet. The development appropriately creates alarm among AT&T and Verizon's customers, but the combined customer bases of these companies represent less than 2% of the billion or so users of the Internet. The fact that access to the Internet requires net neutrality does not depend on laws passed by the US Congress or enforced by the FCC. Neutrality arises as a technical and business imperative facilitating the interconnection 250,000 independent networks that choose to participate in the Internet.
By now, you should have read elsewhere that the ICANN board has rejected the ICM application to create a .XXX TLD. It still comes as a surprise to some. Frankly, this was the prognosis I made to Stuart Lawley two years ago, for the very reasons mentioned by the European Commission. I mentioned in a previous blog entry that 6000 complaints from US citizens would have more weight on the conservative US administration than any other consideration...
I had hoped to take a longer break from the theme of Net Neutrality, but a piece on Om Malik's blog by Daniel Berninger seems to be screaming for a reply. Berninger hails from Tier 1 Research; his credentials show a close association with Jeff Pulver's Free World Dialup, and hence a piece that is sympathetic to the 'Save the Internet' movement. His legalistically styled piece attempts to suggest that, in the absence of conformance to network neutrality principles, telephone companies will lose their common carrier status and therefore should lose their access to low cost rights-of-way. Good try, Dan...
In What's Driving the Next Telecom Law, David Isenberg writes about the incumbents desire to preserve "Rational Competition"... Rational competition is the idea that corporations, knowing their own costs, and their competition's pricing, will price their products to maximize profits. It is tied up in the language of predatory pricing. Some economists argue that predatory pricing is rare, because it is, in fact, irrational... The flaw in the incumbent's argument is twofold...
One of the best sources of information about sites on the web is the Whois database. A trio of patent applications from Go Daddy, published last week at the US Patent and Trademark Office, explores whether adding additional information to the Whois database might help reduce spam, phishing, and other fraudulent practices and improve search engine results. The patent filings from Go Daddy would add reputation information to the published Whois data to let others use it for a number of reasons, including enabling search engines incorporate it into their ranking mechanisms. ...The patent application from Google focuses upon fighting web spam using a wide range of data, including that associated with domain names. ...We can't really be certain that Google is presently using this information, but there are some indications that they may be...