DNS |
Sponsored by |
|
A fourth draft of ICANN's New gTLD Draft Applicant Guidebook has been released. In addition to the Applicant Guidebook, ICANN has also published summaries and analysis of the public comment period. The latest version includes... more
As a registrar at the front end of the DNSSEC deployment effort, our technical team has made a sustained investment in DNSSEC deployment so that our customers don't get overwhelmed by this wave of changes to the core infrastructure of the Domain Name System. Along the way, we've learnt a lot about how to implement DNSSEC which might hold useful lessons for other organizations that plan to deploy DNSSEC in their networks. more
This week, 17 individuals from about a dozen organizations in the DNS space met up in Manchester, NH at the Dyn Inc. headquarters for a first of its kind Summit for DNS industry insiders. Called "Inside Baseball," we wanted to bring people together from every spectrum of the DNS industry to inspire collaboration and innovation. more
The most recent episode of The Ask Mr. DNS Podcast offers up some disturbing corroborating evidence as to the extent of DNS filtering and outright blocking occurring in China. VeriSign's Matt Larson and InfoBlox's Cricket Liu, who co-host the geeky yet engaging and extremely informative show, held a roundtable discussion including technical experts from dynamic name service providers (better known as "managed DNS" services) DynDNS, TZO, No-IP, and DotQuad, as well as Google and Comcast. more
The deployment of Domain Security Extensions (DNSSEC) has crossed another milestone this month with the publication of DURZ (deliberately unvalidatable root zone) in all DNS root servers on 5 May 2010. While this change was virtually invisible to most Internet users, this event and the remaining testing that will occur over these next two months will dictate the ultimate success of DNSSEC deployment across the Internet. more
The .emarat Arabic script Internationalised Domain Name (IDN) ccTLD for the United Arab Emirates has been entered into the DNS Root Zone and is therefore now resolving. This is a truly historic moment in the development of the Internet in the United Arab Emirates and the wider Arabic-speaking world as it removes the last hurdle preventing people without English-language skills from enjoying the full benefits that the Internet has to offer. more
Just when you think ICANN has got it right, it shoots itself in the foot as only ICANN can. Unfortunately it seems this is yet another case of one step forward and two steps back. While we should be celebrating the fact that Internationalised Domain Names (IDN's) have finally been entered into the Root Zone, we are instead left shaking our heads at the seemingly nonexistent process lines nor communication lines between ICANN and its technical off-shoot IANA. more
The project to sign the DNS root zone with DNSSEC took an additional step toward completion yesterday with the last of the "root server" hosts switching to serving signed DNSSEC data. Now every DNS query to a root server can return DNSSEC-signed data, albeit the "deliberately unvalidatable" data prior to the final launch. Another key piece for a working signed root is the acceptance of trust anchors in the form of DS records from top-level domain operators. These trust anchors are used to form the chain of trust from the root zone to the TLD. more
Since November of last year we have been discussing the problem of illicit and illegal online pharmacy support by ICANN-accredited Registrars. In several articles and direct contact with the Registrars we have tirelessly tried to convey the seriousness of this problem, many listened, some did not... With the background information already known, the case presented here is much more specific and concerns EvaPharmacy, which was until recently, the world's largest online criminal pharmacy network. more
IT security specialists have known for years that the plain DNS is not to be trusted. Any hope for improvement rests on the DNSSEC protocol deployment. In this post, I will review the current status in one critical aspect, namely the DNS root signature key management. The other two foremost are the application usage of DNSSEC protocol functionality and the operational front, or the extent of deployment in the DNS infrastructure. The operational front includes the support by the DNS root nameservers, but my focus on signature key management leaves this issue aside. more
A World-Renowned Source for Internet Developments. Serving Since 2002.