Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
News reports say that the Israeli government is close to passing a law that requires portable e-mail addresses, similar to portable phone numbers. Number portability has been a success, making it much easier to switch from one provider to another, and address portability might ease switching among ISPs. But e-mail is not phone calls. Is it even possible?
They say late converts are the most passionate believers. Until now I haven't supported the Expression of Interest (EOI) for new TLDs, the proposed mechanism to measure the number and type of likely applications. Not because it won't work (I think it'll work fine) but because I didn't think it was necessary. I've changed my mind. Here's why.
Like many of those present at the ICANN Seoul meeting last October, and indeed along with those around the globe who were eagerly awaiting new TLDs, I too was angered and frustrated at ICANN's deadlines that were slipping like a cartoon character running on an oil slick, caused by an incessant search by certain industry factions for perfection in an imperfect science. (We do work with the internet remember?).
For more than 15 years, the IETF has been working on DNSSEC, a set of extensions to apply digital signatures to DNS. Millions of dollars in government grants and several reboots from scratch later, DNSSEC is just starting to see real world testing. And that testing is minimal -- only about 400 of the more than 85,000,000 .com domains support DNSSEC, fewer than 20% of US government agencies met their mandated December 31, 2009 deadline for DNSSEC deployment, and only two of the thirteen root zone name servers is testing with even dummy DNSSEC data.
Last week Czech researchers released information on a new worm which exploits CPE devices (broadband routers) by means such as default passwords, constructing a large DDoS botnet. Today this story hit international news... The spread of insecure broadband modems (DSL and Cable) is extremely wide-spread, with numerous ISPs, large and small, whose entire (read significant portions of) broadband population is vulnerable.
ICANN has announced that they will be having a Special Meeting of the ICANN Board on 19 February 2010 (3:00 UCT) to discuss the "upcoming ICANN International meeting." It is reasonable to assume that the 17 February 2010 security update will be a topic of discussion... I trust that the ICANN Board will make the right decision balancing the obligations that ICANN has to the global Internet community, with the safety and security of those ICANN stakeholders that participate in person at these ICANN events. However, the ICANN Board needs to gain the trust of the global community in connection with this and other important decisions that it will be making.
At the beginning of last year, MarkMonitor participated in VeriSign's beta program to test server-level protections which were designed to mitigate the potential for unintended domain name changes, deletions and transfers. When VeriSign finally released their Registry Locking Program to all registrars, I expected to see the owners of highly trafficked sites flocking to this new offering. However, after a review of the top 300 most highly trafficked sites, I was shocked to uncover that less than 10% of these valuable domains were protected using these newly available security measures.
Security is great when all the green lights are shining brightly and everything validates as intended, but what happens when you encounter failure? In this work we examine the behaviour of the DNS when security, in the form of DNSSEC is added, and we look at what happens when things do not happen as intended. What triggered this examination was a sudden increase in the traffic generated by secondary servers for the in-addr.arpa reverse zones in December 2009.
The Internet has two billion global users, and the developing world is just hitting its growth phase. Mobile data traffic is doubling every year, and soon all four billion mobile phones will access the Net. In 2008, according to a new UC-San Diego study, Americans consumed over 3,600 exabytes of information, or an average of 34 gigabytes per person per day. Microsoft researchers argue in a new book, "The Fourth Paradigm," that an "exaflood" of real-world and experimental data is changing the very nature of science itself. We need completely new strategies, they write, to "capture, curate, and analyze" these unimaginably large waves of information.
No one can have failed to notice that the last IPv4 address will soon be allocated. We have lived with a shortage of addresses for 15 years, but when the last address is allocated, the shortage will become acute, instead of just a pain, as it is today... In The Hitchhiker's Guide to the Galaxy, Douglas Adams describes the least expensive and most effective method for making something invisible. You simply decide that it is Someone Else's Problem or SEP, if you abbreviate. This is an approach that is frighteningly similar to the Swedish public sector's view of the address shortage on the Internet. "It is not our problem -- if we ignore it, it will probably go away."
A World-Renowned Source for Internet Developments. Serving Since 2002.