WHOIS Record Redaction and GDPR: What’s the Evolution Post-2018?

We all use the Internet daily. Practically every element of our reality has its equal in the virtual realm. Friends turn into social media contacts, retail establishments to e-commerce shops, and so on. We can't deny that the way the Internet was designed, to what it has become, differs much. One example that we'll tackle in this post is the seeming loss of connection between domains and their distinguishable owners. more

One More Trump 5G Minefield

As the saying goes, it's not over until it's over. So, it wasn't surprising that Trump's minions just got one last 5G minefield out the door. On 15 January, his followers at Dept. of Commerce's NTIA published the "National Strategy to Secure 5G Implementation Plan". The 40-page document consists of a fairly standard Washington policy playbook of 18 activities with six annexes that "details how the United States along with like-minded countries will lead global development, deployment, and... more

A Look Back at the World of IP Addressing in 2020: What Changed and What It Means

Time for another annual roundup from the world of IP addresses. Let's see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. Back around 1992, the IETF gazed into their crystal ball and tried to understand how the Internet was going to evolve and what demands would be placed on the addressing system as part of the "IP Next Generation" study.  more

Verisign Outreach Program Remediates Billions of Name Collision Queries

A name collision occurs when a user attempts to resolve a domain in one namespace, but it unexpectedly resolves in a different namespace. Name collision issues in the public global Domain Name System (DNS) cause billions of unnecessary and potentially unsafe DNS queries every day. A targeted outreach program that Verisign started in March 2020 has remediated one billion queries per day to the A and J root name servers, via 46 collision strings. more

ICANN 2021 NomCom Will Fill 9 Positions

As every year, at the end of ICANN's Annual General Meeting (AGM), the new Nominating Committee (NomCom) comes together to start its work. Due to the Corona pandemic, the circumstances were slightly different; however, the 2021 NomCom kicked-off end of 2020. ICANN's Nominating Committee is charged with identifying, recruiting, and selecting nominees of the highest possible quality for key leadership positions at ICANN. more

Newer Cryptographic Advances for the Domain Name System: NSEC5 and Tokenized Queries

In my last post, I looked at what happens when a DNS query renders a "negative" response -- i.e., when a domain name doesn't exist. I then examined two cryptographic approaches to handling negative responses: NSEC and NSEC3. In this post, I will examine a third approach, NSEC5, and a related concept that protects client information, tokenized queries. The concepts I discuss below are topics we've studied in our long-term research program as we evaluate new technologies. more

Brand Protection Beyond the “Whack-a-Mole” Approach

I recently shared at a conference how a seasoned brand and fraud expert from one of the world's largest global financial institutions lamented a major attack where multiple fraudulent websites would pop up every single day. All attacks were launched from the same registrar and web hosting company, and no matter how much they reached out to these providers, they received the same reply: "we will pass on your request to the registrant or site owner," and then nothing happened. more

More Warning Shots for ICANN, or the End of the Road?

Last fall, I wrote about ICANN's failed effort to achieve its goal of preserving the Whois domain name registration directory to the fullest extent possible. I predicted that if the policy effort failed, governments would take up the legislative pen in order to fulfill the long-ignored needs of those combating domain name system harms. That forecast has now come true through significant regulatory actions in the United States and the European Union in the form of a proposed directive from the European Commission (EC) and instruction from the US Congress to the National Telecommunications and Information Administration (NTIA). more

Cryptographic Tools for Non-Existence in the Domain Name System: NSEC and NSEC3

In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned. more

Can We Control the Digital Platforms?

The digital market has matured over the last 20 years, and it is no longer an excuse for governments to do nothing with the aim to let new markets and innovations emerge without immediate regulatory oversight. It has become clear this period is now well and truly over. The European Commission has already launched several lawsuits against the digital giants. Regulation, in general, is known as "ex-post" (after the deed has been done). This is set to change, as I will explain later. more