DNS |
Sponsored by |
|
I've been privately talking about the theoretical dangers of HTTPS hacking with the developers of a major web browser since 2006 and earlier last month, I published my warnings about HTTPS web hacking along with a proposed solution. A week later, Google partially implemented some of my recommendations in an early Alpha version of their Chrome 2.0 browser... This week at the Black Hat security conference in Washington DC, Moxie Marlinspike released a tool called SSL Strip... more
ICANN has its 34th international public meeting in Mexico City on 1-6 March i.e. in just over a fortnight. One of the consistent concerns I hear in my role as general manager of public participation for the organization is that there is not a way for people to ask questions to the staff and the Board. I don't think that's really true but I do accept that the formats used are not liked by a large number of people... more
Today is a historic day as the first generic Top-Level Domain (gTLD) has been signed. Only a few other top level domains, all of which are country code Top-Level Domains (ccTLDs), have been signed to date. This step is part of the first phase of adoption. Authoritative DNS servers need to sign and publish their zones. The second part is for the resolvers on the Internet to validate the keys. Both systems working together will provide security in the DNS. more
This very interesting document was released by ICANN's Generic Names Supporting Organization (GNSO) for public comment yesterday. And it asks some fundamental questions while at the same time pointing to sources such as the Honeynet Alliance's reports on fast flux. more
A cranky letter from the NTIA to ICANN, submitted in late December during ICANN's comment period for new top-level domains, has encouraged the awkward coalition of those opposed to new TLDs. The NTIA (National Telecommunications and Information Administration), a division of the Department of Commerce, is the agency tasked with being ICANN's watchdog. So a letter from them carries some weight, though not as much as some people think... more
Back from the holidays I must admit I was thinking quite a bit on what is good policy for a registry? Of course I have my own personal favorites that I can not walk away from easily, but instead of thinking for too long, I decided to write down now immediately what is in my head. The main reasons for this are two: the decision by ICANN to change the rules for change in policy regarding the Add Grace Periods. more
As we start the new year, it is worth noting some of the major events and news in 2008 that shaped the industry and fueled considerable discussions. Last year's occurrences made for a very historic year, bearing the seeds of future changes for the DNS and domain name industry. more
The recent research highlighting the alarming practice of Secure Socket Layer (SSL) Certificate Authority (CA) vendors using the MD5 hashing algorithm (which was known to be broken since 2005) has shown a major crack in the foundation of the Web. While the latest research has shown that fake SSL certificates with MD5 hashes can be forged to perfection when the CA (such as VeriSign's RapidSSL) uses predictable certificate fields, the bigger problem is that the web has fundamentally botched secure authentication. more
Here is a list of the most viewed news and blog postings that were featured on CircleID in 2008... Best wishes for 2009 and Happy New Year from all of us here at CircleID. more
ICANN's plan to begin accepting applications for new generic top-level domains (gTLDs) in mid-2009 may have been derailed by last week's outpouring of opposition from the global business community and the United States Government (USG). Having been involved with ICANN for over a decade and having served on its Board for three years, I've never seen such strong and broad opposition to one of ICANN's proposals. more
A World-Renowned Source for Internet Developments. Serving Since 2002.