ICANN has announced that it is seeking input and feedback on the topic of domain tasting. (See their announcement for full details) Interestingly enough Michael Gilmour published an article a couple of days ago covering the same topic - "Why domain tasting is great!", which will probably raise a few hackles! One point that in particular caught my eye... more
I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more
"First they ignore you, then they laugh at you, then they fight you, then you win!" quote by Gandhi pretty much summarizes the evolution of the domain name monetization and development business. I have watched this business come of age for more than half a decade... In the beginning nobody cared... then when people started talking about how great it was, 'smart people' and the "legitimate web" laughed. Then the trucks with money showed up... A significant double-digit percentage of global Internet traffic is now owned by domain holders with generic names. So the fight is on. more
DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more
This article discusses grassroots progress toward the development of a "Domain Registrant's Code of Rights and Responsibilities." This Code is an effort to create a balanced combination of the rights that domain name registrants should enjoy and the responsibilities that domain name registrants should fulfill. Discussion and survey results concerning this Code at domain-related forums show far greater grassroots consensus than one might think between what might be called the "domainer" and "intellectual property" communities. Informal surveys at some domain-related forums show very strong support in favor of this Code. more
Imagine my surprise upon reading a BBC article which identified ISC BIND as the top security vulnerability to UNIX systems. At ISC, we have striven for a decade to repair BIND's reputation, and by all accounts we have made great progress. "What could this be about," I wondered, as I scanned the BBC article for more details. It turns out that BBC was merely parroting what it had been told by SANS. OK, let's see what SANS has to say... more
Domainer litigation is heating up, and this lawsuit may be the most ambitious anti-domainer lawsuit to date. First, it is a putative class action lawsuit. Second, in addition to naming four leading domainer firms, the plaintiffs provocatively go after Google for providing ads to domainer sites. I believe this is the first lawsuit against Google for its domainer relationships. The complaint itself is a 121 page, 638 paragraph (with one paragraph enumerating 47 defined terms), 4.3MB behemoth alleging trademark infringement and dilution, ACPA violations, RICO and other claims. more
While travelling home from Geneva, I was thinking quite a lot on the relationship between a ccTLD (registry) and a Country. This is because many countries are starting to talk louder and louder about the responsibilities Countries have on critical infrastructure, or (possibly more important) the management of the critical infrastructure. Will for example any (none?) of ccTLD operators (servers) sustain a denial of service attack of a scale similar to the attack on the root servers? What can ccTLD operators do to resist the malicious attacks? Should this be discussed? more
This morning I was forwarded a link to the Business2.0 article on domainer Kevin Ham about a half-dozen times and one sent the reddit comment thread on it (titled "This guy is a piece of s**t") and I had to chuckle and replied "I see Techno-Pinkos are out in full force". Some of the comments are just classicly clueless: "He's just a parasite. Someone gaming the system for their own financial ends without providing a useful service to anyone, and making it worse for many." ...Newsflash: Speculation is any time you choose one path, good or service over another in the hopes that you will do better... more
Social Science Research Network has published a paper examining "the large gaps and inconsistencies in current domain name law and policy" as compared with domain name use in the political context. The paper suggests that the current domain name policy is focused on protecting trademark uses of domain names against bad faith commercial 'cybersquatters' but does not deal with protecting use of domain names as part of the political process. more
On the face of it, Kieren McCarthy's Sex.com was a book that could have written itself: a notorious, well-publicised feud over the most valuable domain name in existence, between two charismatic men -- one a serial entrepreneur with a weakness for hard drugs (Gary Kremen), the other a gifted con-man with delusions of grandeur (Stephen Cohen). It's a story replete with vicious acrimony, multi-million dollar lawsuits, and rumours of gunfights between bounty hunters in the streets of Tijuana. Thankfully, McCarthy wasn't content to just bundle together all the articles he's written about Sex.com over the years and slap a cover on the front... more
Verizon filed sued against iREIT and Domain Marketplace a couple of weeks ago in a Texas court, alleging cybersquatting. David Kesmodel's blog broke the story, and I used the PACER system to obtain the court filings, which are posted here. Exhibit 5 makes fascinating reading, especially when point #43 in the main statement of claim says "Exhibit 5 details only one famous trademark for each letter of the alphabet." more
The ICANN Board voted today 9-5, with Paul Twomey abstaining, to reject a proposal to open .xxx. This is my statement in connection with that vote. I found the resolution adopted by the Board (rejecting xxx) both weak and unprincipled... I am troubled by the path the Board has followed on this issue since I joined the Board in December of 2005. I would like to make two points. First, ICANN only creates problems for itself when it acts in an ad hoc fashion in response to political pressures. Second, ICANN should take itself seriously as a private governance institution with a limited mandate and should resist efforts by governments to veto what it does. more
As an alternative to the creation of the .XXX TLD, ICANN/IANA can assign special port numbers that can be used to label adult content. IANA assigns port numbers as part of its duties. For example, port 80 is reserved for the HTTP protocol (i.e. the World Wide Web). Port 443 is reserved for the HTTPS protocol (SSL-secure version of HTTP). Port 23 is for Telnet, port 25 is for SMTP, and so on. One can see the full list at here... In a real sense, the IANA port assignments are just suggestions to the world as to what to expect on certain ports, whether it be a mail server, WHOIS, FTP, POP email or any other service/protocol. more
David Pecker is the chairman of American Media, Inc., publisher of, among others, National Enquirer and Weekly World News. 'Mr. Ferris' registered the domain name DAVIDPECKER.COM, had a PPC company host it, where it was keyed to ads for porn, because, according to the registrant, the word PECKER was in the domain name. Mr. Pecker brought a UDRP. Although 'Mr. Ferris' (as he is identified in the decision) did not seem (to me) that he could establish a bona fide intent to use the name in conenction with an offering of goods or services, and altohugh there seemed to be plausible evidence of bad faith, the UDRP was denied... more
A World-Renowned Source for Internet Developments. Serving Since 2002.