Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
Wikipedia defines a Mexican standoff as "a confrontation in which no strategy exists that allows any party to achieve victory. As a result, all participants need to maintain the strategic tension, which remains unresolved until some outside event makes it possible to resolve it." This would be an apt way to describe what may be possibly occurring presently between the Internet Corporation for Assigned Names and Numbers (ICANN) and its largest ratepayer, VeriSign. more
New Zealand's Domain Name Commission (DNC) wins in court against the US company DomainTools for "illegally scrapping personal information" of .nz domain name owners. more
Mozilla was nominated as one of the three ISPAUK's 2019 Internet Villains for their proposed approach "to introduce DNS-over-HTTPS in such a way as to bypass UK filtering obligations and parental controls, undermining internet safety standards in the UK." more
This past Monday, as ICANN65 was beginning in Marrakesh, the technical review blog Review Signal published a detailed expose, "The Case for Regulatory Capture of ICANN" authored by site founder and "geek-in-charge" Kevin Ohashi. The post was clearly the product of extensive investigative reporting – and what it reveals is deeply disturbing. more
You might not understand how crypto-currencies or blockchain wallets work, but Facebook's announcement this week is a clear signal that these new technologies will soon become ubiquitous. Facebook's introduction of its own crypto-currency to its 2 billion users means mass adoption of crypto-currencies and digital wallets are on the horizon. This has implications that trademark owners need to be aware of. more
New research from the Global Cyber Alliance (GCA) released on Wednesday reports that the use of freely available DNS firewalls could prevent 33% of cybersecurity data breaches from occurring. more
In June, I participated in a workshop, organized by the Internet Architecture Board, on the topic of protocol design and effect, looking at the differences between initial design expectations and deployment realities. These are my impressions of the discussions that took place at this workshop. ... In this first part of my report, I'll report on the case studies of two protocol efforts and their expectations and deployment experience. more
DNS Operations, Analysis, and Research Center (DNS-OARC) held its 30th meeting in Bangkok on the 12th and 13th May. Here's what attracted my interest from two full days of DNS presentations and conversations, together with a summary of the other material that was presented at this workshop. Some Bad News for DANE (and DNSSEC): For many years the Domain Name X509 certification system, or WebPKI, has been the weak point of Internet security... more
The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system. The 8th ROW will be held in Bangkok, Thailand on Thursday, May 9th, 2019 in the afternoon, at the end of the GDD Industry Summit, in the same venue. more
Imagine a scenario. Your website analysis shows that your page has stopped receiving visitors, yet there are no complaints that your domain is unreachable. Strange, isn't it? You are certainly wondering: What's going on? Where are my customers? You see, what happened is that you are facing the consequences of the lack of domain name system (DNS) security. more
ICANN has spent years trying to figure out what to do with domain name variants, strings that look different but mean the same thing, for some definition of "the same." They've been trying to deal with them in second level domains for a decade, and are now working on rules to allow variant top-level domains. Unfortunately, variants don't work. The problem isn't putting them in the DNS; it's that once they're in the DNS, they don't work anywhere else. more
A team of security researchers on Wednesday issued a stern warning about a DNS Hijacking campaign being carried out by an advanced, state-sponsored actor believed to be targetting sensitive networks and systems. more
I've been incredibly lucky in my time at Neustar to lead both the exceptional Registry and Security teams. While these divisions handle their own unique product and service offerings, it's clear that they have some obvious crossovers in their risks, opportunities and challenges. Having been closely involved in the strategy of both these teams, it strikes me that there is more we as Registry Operators and service providers can and should be doing to align the world of cybersecurity with that of domain names. more
March 22, 2019, saw the completion of the final important step in the Key Signing Key (KSK) rollover - a process which began about a year and half ago. What may be less well known is that post rollover, and until just a couple days ago, Verisign was receiving a dramatically increasing number of root DNSKEY queries, to the tune of 75 times higher than previously observed, and accounting for ~7 percent of all transactions at the root servers we operate. more
Because the speed of DNS is so important to the performance of any connection on the 'net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the 'net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries. more
A World-Renowned Source for Internet Developments. Serving Since 2002.