/ Featured Blogs

DMA Requires Email Authentication, Do We Care?

Nov 03, 2005

Last week the DMA announced with considerable fanfare that their members should all use e-mail authentication. DMA members send a lot of bulk e-mail, but not much that would be considered spam by any normal metric. (Altria's Gevalia Kaffee is one of the few exceptions.) Their main problem is their legitimate bulk mail, sent in large quantities from fixed sources, getting caught by ISPs spam filters. That happens to be one problem for which path authentication schemes like SPF and Sender ID are useful, since they make it easier to add known fixed source mailers to a recipient ISP's whitelist, and that's just what AOL and probably other big ISPs use it for. While the DMA may be implying that this is a virtuous move, in reality it's something that their members are doing anyway for straightforward business purposes. more

You Paid to Join; You Can Leave Anytime

Nov 02, 2005

Once upon a time, around 1998-1999, three of us were hired by APEC-Tel to study "International Charging Arrangements for Internet Services". APEC-Tel is a regular meeting of Pacific-nation telecommunications ministers. The impetus of the study was their consternation that connection to the Internet was being charged (paid for) in an entirely new way. The template of the old telephone settlement scheme had been overthrown. Those wishing to connect to the Internet, which was centred in the United States, were being forced to lay lines across the Pacific, pay landing rights in the United States or Canada, and pay further to connect to the Internet at the nearest negotiated peering or transit point. more

Welcome to the Root, .MOBI

Oct 29, 2005

mTLD's .mobi entered the root zone on Tuesday, quietly contrasted amidst all of the recent ICANN/VeriSign announcements. The .mobi mTLD is a Dublin, Ireland based joint venture between the Nokia Corporation, Vodafone Group Services Limited, and Microsoft. The .mobi domain was granted to service a sponsored community, consisting of: Individual and business consumers of mobile devices, services and applications; Content and service providers; Mobile operators; Mobile device manufacturers and vendors; IT technology and software vendors who serve the mobile community, and there are numerous benefits of .mobi to this community. more

Request to Extend the 24-Day Comment Period on the Proposed VeriSign Agreement

Oct 28, 2005

Bruce Tonkin (MIT) wrote in the Registrars mailing list yesterday with this: "We the undersigned registrars, request that the public comment period on the proposed agreement with Verisign be extended until Sunday 4 Dec 2005 so as to allow opportunities for in-person public discussions during the upcoming ICANN meeting in Vancouver..." In terms of process, the Registrar Constituency (RC) by-laws prevent the RC from balloting on anything in less than 24 days, and ICANN could require the interest groups it recognizes to have decision making processes that are capable of responding to the Board of Director's decision making process, in a better administrative law world. more

ICANN’s Proposed Changes to IDN Registration

Oct 26, 2005

A month ago, ICANN announced that it had a large set of proposed changes to its "Guidelines for the Implementation of Internationalized Domain Names". The original guidelines are fairly confusing and not widely deployed by the ccTLDs, so one would think that the proposed revisions would be clearer and more useful. No such luck. Instead of describing what the problems with the old guidelines were, the committee that put together the new proposal simply added a whole bunch more rules. more

ICANN Gets the Root Zone, Too

Oct 25, 2005

A small but intriguing paragraph in the VeriSign settlement says that ICANN gets to maintain the root zone. I thought they did now, but I guess VRSN does, following advice from ICANN. This has two and a half effects. The most obvious is political -- if ICANN rather than VRSN is distributing the root zone, it removes the symbolic significance of VeriSign's A root server. The second is DNSSEC key management. Until now, the contents of the root zone have been pretty boring, a list of names and IP addresses of name servers. If DNSSEC is deployed in the root, which is not unlikely in the next few months, ICANN rather than VeriSign will hold the crypto keys used to sign the root zone. If a tug of war develops, whoever holds the keys wins, since without the keys, you can't publish a new version of the root with changed or added records unless you publish your own competing set of keys and can persuade people to use them. more

Verisign Gets .COM Forever, But ICANN Gets a Lobbyist

Oct 25, 2005

A press release on the ICANN web site says that ICANN and Verisign have agreed to settle all pending lawsuits, and there’s a new .COM agreement, all tentative but if history is any guide, nothing short of DOC action is going to stop it. The good news is that VeriSign has agreed not to make unilateral changes like Sitefinder. They have to give prior notice to ICANN for any material change in the operation of the registry, and if ICANN has any concerns there’s a lengthy process full of expert panels and Consensus and the like to decide whether they can do it. more

VeriSign and ICANN Settle Lawsuit

Oct 24, 2005

ICANN has announced today that it has tentatively agreed to settle a longstanding dispute with VeriSign Inc. The dispute which began in part from SiteFinder, a controversial search service VeriSign created in late 2003 for users who mistype Web addresses. The following is an excerpt from today's press release... more

Survey Results Expose Widespread DNS Vulnerabilities

Oct 24, 2005

The Measurement Factory and Infoblox have announced results of a survey of more than 1.3 million Internet-connected, authoritative domain name system (DNS) servers around the globe. The results of the survey indicate that as many as 84 percent of Internet name servers could be vulnerable to pharming attacks, and that many exhibit other security and deployment-related vulnerabilities. The surveys consisted of several queries directed at each of a large set of external DNS servers to estimate the number of systems deployed today and determine specific configuration details. more

When will we run out of IPv4?

Oct 23, 2005

A paper by Tony Hain was recently published in the Internet Protocol Journal which sparked a debate on Slashdot. Particularly, Tony's paper suggested that IANA will run out of IP addresses in 5 years or less. However, there is another paper written by Geoff Hutson which projects that we have enough IPv4 address until 2022. The differences got most people confused. So who is right? more

Industry Updates

Thoughts on RDRS for Brand Owners

  • By CSC
  • May 13, 2024

Unraveling the World of Security Data Aggregation

A DNS Investigation of the Typhoon 2FA Phishing Kit

Radix’s Releases H2 2023 Premium Domains Report, Reaches $4.8M in Total Premium Domain Name Retail Revenue

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

Hunting for TimbreStealer Malware Artifacts in the DNS

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

Uncovering Suspicious Download Pages Linked to App Installer Abuse

On the DNS Trail of the Rise of macOS Backdoors

Checking Out the DNS for More Signs of ResumeLooters

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

Searching for Potential Propaganda Vehicle Presence in the DNS

Navigating Change and Unlocking Value: The Strategic Journey of Jack Hazan and IPv4.Global

Following the VexTrio DNS Trail

View More