DNS |
Sponsored by |
|
In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning. On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars. more
When we deregulated the telephone industry, we replaced these national monopolies and their vertically bundled structures with a collection of separate enterprises whose actions are orchestrated by market forces rather than by the dictates of the incumbent monopoly telco. This was a comprehensive upheaval to the telecommunications industry, and one aspect of this broad sweep of changes was in the role of the regulator. Previously it was a rule-based framework: Is the incumbent playing by the rules we imposed on them? more
When we look at the intersection of cryptocurrency and domain data, we see something insidious: The prevalence of crypto-related threats. And it's not just cryptojacking. It's not even the use of cryptocurrency which has made ransomware attacks easier for threat actors to commit and all the more widespread. As with nearly every trend, there is always someone looking to capitalize on it and use it for their own, personal gain. Ever since cryptocurrency became the pandemic hobby of choice, threat actors have begun to target crypto novices for their schemes. more
Would you like to help guide the future of the Mutually Agreed Norms for Routing Security (MANRS) initiative? As the MANRS community continues to develop new efforts to make the routing layer of the Internet more secure (ex. the equipment vendor program), would you like to help lead the work? The MANRS community is seeking volunteers for its new Steering Committee. The committee will lead the community as it evolves its governance model. more
Earlier this year, the Internet Engineering Task Force’s (IETF’s) Internet Engineering Steering Group (IESG) announced that several Proposed Standards related to the Registration Data Access Protocol (RDAP), including three that I co-authored, were being promoted to the prestigious designation of Internet Standard. Initially accepted as proposed standards six years ago, RFC 7480, RFC 7481, RFC 9082 and RFC 9083 now comprise the new Standard 95. RDAP allows users to access domain registration data and could one day replace its predecessor the WHOIS protocol. more
The global internet, from the perspective of its billions of users, has often been envisioned as a cloud -- a shapeless structure that connects users to applications and to one another, with the internal details left up to the infrastructure operators inside. From the perspective of the infrastructure operators, however, the global internet is a network of networks. It's a complex set of connections among network operators, application platforms, content providers and other parties. more
Decentralization is exciting. Headline-grabbing, even. After all, in a world where frustration levels are sky-high and rising, it should not come as a shock that many individuals are willing to embrace what we might call "anti-system solutions." Decentralized solutions, in our case, which come with the ambitious promise of providing everything their centralized counterpart can provide but without centralized points of failure and regulations. In our previous article, we enumerated several advantages associated with decentralized domain names. more
With solution providers such as Unstoppable Domains or Handshake, and blockchain technology-friendly browsers, such as Brave, that are more than happy to assist on the implementation front, decentralized alternatives to the traditional Domain Name System has been receiving more and more attention lately. Centralized vs. decentralized... what will it be? more
In April, I published an article, The Multistakeholder Moment of Truth: Will Stakeholders Hold ICANN Accountable?, alerting stakeholders that ICANN is violating its legal agreements with the U.S. Government -- namely the InterNIC licensing agreement and merged Memorandum of Understanding. At that time, I warned that it is essential for stakeholders not to remain silent in the face of this transgression, "hoping that such behavior left unchecked will end of its own accord." more
Technical management of the Internet was delegated to ICANN by the U.S. government because it was believed that the private sector would be more agile and responsive to the needs of globally distributed stakeholders. However, this optimism and the faith it has produced has proven to be misplaced since ICANN's multi-stakeholder governance continues falling far short of the basic expectations set when it was created. more
A recent study carried out by Governance Primer on behalf of the Universal Acceptance Steering Group (UASG) identified trends in the acceptance of all domain names in software hosted at Github, the largest open-source repository globally. This research builds on top of previous efforts aimed at identifying the underlying issues that result in problems when different applications need to handle Internationalized Domain Names (IDNs) and new gTLDs, particularly when it comes to email addresses. more
As we finished this article, the world was hit by another global outage by content delivery network (CDN) provider, Akamai, on June 17, 2021. The cause seems to be related to the lack of capacity to a certain "routing table" of their distributed denial of service (DDoS) mitigation. Although the technical analysis is not yet available, the central premise of this article also applies to this incident, and it serves as a timely testimony. more
On May 26, 2021, I submitted a complaint to ICANN's Complaints Officer, Krista Papac. In a nutshell, my complaint centers on ICANN's blatant violation of its Bylaws, specifically Section 2.2, named Restrictions, which expressly prohibits ICANN from acting as a registrar. However, despite the absence of any exceptions to this unambiguous prohibition, ICANN is acting improperly as a registrar for the purposes of warehousing and cybersquatting on certain domain names in the .com and .net registries. more
The ongoing COVID-19 pandemic has been a major contextual factor of global internet governance discussions over the past year, and it appears that discussions in ICANN are no exception. Threats to the integrity and security of the DNS have become a regular topic of debate within the ICANN community. In recent months, these discussions have increasingly focused on the idea of 'DNS abuse' and, more specifically, COVID-19-related DNS abuse. more
It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more
A World-Renowned Source for Internet Developments. Serving Since 2002.