DNS |
Sponsored by |
Late last week, ICANN published the guidance from the Article 29 Working Party (WP29) that we have been waiting for. Predictably, WP29 took a privacy maximalist approach to the question of how Europe's General Data Protection Regulation (GDPR) applies to WHOIS, a tool widely used by cybersecurity professionals, businesses, intellectual property owners, consumer protection agencies and others to facilitate a safer and more secure internet. more
With ever more TLDs, where does it make sense to focus resources? After four years and a quadrupling of internet extensions, what metrics continue to make sense in the domain name industry? Which should we discard? And how do you gain understanding of this expanded market? For registries, future success is dependent on grasping the changes that have already come. For registrars, it is increasingly important to identify winners and allocate resources accordingly. The question is: how? more
Of all the patently false and ridiculous articles written this month about the obscure IANA transition which has become an issue of leverage in the partisan debate over funding the USG via a Continuing Resolution, this nonsense by Theresa Payton is the most egregiously false and outlandish. As such, it demands a critical, nearly line by line response. more
With all the focus in the TLD world on the imminent arrival of more than a thousand new TLDs and the still unfinished discussions within ICANN on what policy framework those TLDs will need to follow, it is often forgotten that there are hundreds of other TLD policy frameworks that are mature, stable and well tested. These of course are the ccTLD policy frameworks that have been actively developed over 20 years. more
For those worried about the threat of a state-based takeover of the Internet, there is no need to obsess over the International Telecommunication Regulations (ITRs) exclusively. Three Chinese engineers are proposing a way to alter Internet standards to partition the Internet into autonomously administered national networks, using the domain name system (DNS). The idea was not proposed in the ITU; no, it was sent to a multi-stakeholder institution, the granddaddy of the Internet itself, the Internet Engineering Task Force (IETF). more
The Board of ICANN today gave final approval to the most dramatic change to the Internet in four decades -- allowing the expansion of new Top-Level Domains (TLDs). This monumental decision will allow companies and organizations to turn their own brands into Internet domain extensions (that is .brand) or to create broad generic strings such as .CAR, .SPORTS or .BANK. ICANN's TLD expansion plan was first announced three years ago on June 26, 2008 at the 32nd ICANN Meeting in Paris. more
There has been no shortage of speculation within the ICANN community regarding the continued show down between the ICANN Board and its Governmental Advisory Committee (GAC) over new generic Top-Level Domains (gTLDs) and the pending expiration of the IANA contract this September. Now one of the more interesting topics of discussion that I have had with multiple independent parties was the potential of ICANN making changes to the L root zone file... more
So we finally have a signed root zone. Now when is someone going to answer the question I first asked over five years ago and have still not had an answer to: How do the domain name owner's keys get into the TLD? Before we have a system people can use there have to be technical standards, validation criteria and a business model. Where are they? more
The ICANN Board, at its October 2009 annual meeting in Seoul, passed a resolution directing staff to prepare an analysis regarding the feasibility of ICANN soliciting Expressions of Interests (EOIs) from prospective applicants for new Generic Top Level Domains (gTLDs)... While this latest initiative should not distract ICANN from the remaining four overarching issues, if well executed, this EOI initiative could provide valuable insights into two of the four overarching issues: economics and root scaling. more
In the last few weeks we've seen two very different approaches to the full disclosure of security flaws in large-scale computer systems. Problems in the domain name system have been kept quiet long enough for vendors to find and fix their software, while details of how to hack Transport for London's Oyster card will soon be available to anyone with a laptop computer and a desire to break the law. These two cases highlight a major problem facing the computing industry, one that goes back many years and is still far from being unresolved. Given that there are inevitably bugs, flaws and unexpected interactions in complex systems, how much information about them should be made public by researchers when the details could be helpful to criminals or malicious hackers? more
The recent news that .uk, .arpa and .org may sign their zones sometime this year is indeed good news. Each domain is highly significant... As the DNSSEC registry infrastructure moves inexorably forward -- primarily driven by top level pressure and considerations of National Interest -- it now behoves us to clearly articulate the benefits of DNSSEC to domain owners and registrars. In particular I want to focus on the vast majority of us to whom cold, hard cash is important and parting with it requires as a minimum tangible benefits or, in extreme cases, surgical intervention. more
I saw an interesting news item that broke Monday courtesy of DomainNameNews and SlashDot that hasn't been broadly covered yet. I'm surprised no one has posted on this yet on CircleID, so here goes. Apparently VeriSign has been awarded a patent for the resolution of mis-typed domain names. This was at the heart of the controversy back in 2003 around their SiteFinder Service. Amidst a storm of criticism ICANN insisted VeriSign shut down the service, and the company eventually agreed. more
In the news lately have been a number of incidents where U.S. courts, or the U.S. government itself has ordered domain registrars to shut down free speech. First was the E360 vs Spamhaus case, in which accused spammer E360 Insight sued anti-spam organization Spamhaus for labeling them as spammers and won by default when Spamhaus insisted that U.S. courts did not have jurisdiction over them in England and didn't appear. Unfortunately, U.S. courts did have jurisdiction over Spamhaus' domain registrar, who was nearly ordered to shut Spamhaus down (a court order was under consideration). Fortunately, Spamhaus was able to move their registration overseas before any shutdown order could be issued... more
There is currently a discussion going on between Milton Mueller and Patrik Fältström over the deployment of DNSSEC on the root servers. I think the discussion exemplifies the difficult relation between those who develop standards and those who use them. On the one hand, Milton points out that the way the signing of the root zone will be done will have a great influence on the subjective trust people and nation states will have towards the system. On the other hand, Patrik states that "DNSSEC is just digital signatures on records in this database". Both are right, of course, but they do not speak the same language... more
A revolution is taking place on the Internet, with new sites redefining how we interact online. The next-generation Internet is emerging in collaborative and interactive applications and sites with rich, varied media (images, video, music). As with many revolutions, this one is driven by the younger generation, which is adopting social networking sites like MySpace and video sharing sites like Google's YouTube. But the general shift is not restricted to the young, as more mature consumers and businesses alike are exploring the possibilities of collaborative, media-rich applications. This major shift in Internet applications has its unintended victims. One of them turns out to be the Domain Name System (DNS). more