DNS |
Sponsored by |
In politics, as in Internet policy, the most effective weapons are also the oldest. So when it came time for hard-line intellectual property advocates to make a desperate last stand against the new gTLD program, it came as no surprise they turned to the atomic bomb of rhetorical devices: FUD. FUD stands for "fear, uncertainty and doubt" and it is the tool of last resort when change is coming and you want to stop it. The theory is simple: the human response to fear is to cling to what's familiar and oppose what's new. So if you can scare enough people about the potential effects of a new policy or law, you stand a pretty good chance of preventing it from ever going into effect. more
As Internet services go, WHOIS held a lot of promise but has repeatedly failed to live up to its potential; raising the question "is it time to retire WHOIS?" The concept behind WHOIS was simple. For each and every registered domain name, provide the facility for querying details about who owns it, who administers it, when was it created and when it will expire. Unfortunately the service lost its way practically from day one after failing to agree upon or adhere to any formal structure of the content it provides. more
In my last post I discussed some questions that remain about ICANN's generic Top-level Domain (gTLD) budget. Today I discuss the rights protections mechanisms as they currently appear. An economic study commissioned ICANN to analyze the new gTLD process recently concluded that "the biggest likely costs" of approving new gTLDs are "consumer confusion and trademark protection." more
New generic Top-Level Domains (gTLDs) appear to be headed for introduction next year, finally. That's a good thing for many ICANN constituents who have been waiting for them to become available. Important questions persist about how new gTLDs will affect ICANN and its constituents, however, despite a lot of effort to resolve concerns. Pressing those questions should not be taken as criticism of the basic wisdom of making new gTLDs available to many constituents under many circumstances. But too much is at stake not to get it right. more
The DNS White Paper has stood the test of time remarkably well. More than a decade after it was published, its principles of stability, competition, and private-sector-led DNS management remain the gold standard for DNS governance. ICANN is struggling to achieve that standard, however, and a dramatic change in direction may need to be considered. more
For more than 15 years, the IETF has been working on DNSSEC, a set of extensions to apply digital signatures to DNS. Millions of dollars in government grants and several reboots from scratch later, DNSSEC is just starting to see real world testing. And that testing is minimal -- only about 400 of the more than 85,000,000 .com domains support DNSSEC, fewer than 20% of US government agencies met their mandated December 31, 2009 deadline for DNSSEC deployment, and only two of the thirteen root zone name servers is testing with even dummy DNSSEC data. more
At the beginning of last year, MarkMonitor participated in VeriSign's beta program to test server-level protections which were designed to mitigate the potential for unintended domain name changes, deletions and transfers. When VeriSign finally released their Registry Locking Program to all registrars, I expected to see the owners of highly trafficked sites flocking to this new offering. However, after a review of the top 300 most highly trafficked sites, I was shocked to uncover that less than 10% of these valuable domains were protected using these newly available security measures. more
Before the US Government abdicates its oversight of the Internet Corporation for Assigned Names and Numbers (ICANN) it should take a long, hard look at the mounting efforts by world governments to assume greater power over the Internet's addressing system. If those efforts meet no further resistance, the once-theoretical threat of "capture" could become a reality. At the end of September, the Joint Project Agreement (JPA) between ICANN and the US Government is set to expire. The JPA is part of a decade-long agreement where the US transitions control of Internet addressing to ICANN. more
NeuStar's UltraDNS faced attack on two fronts on Tuesday, March 31. One of the attacks was technical -- a massive denial-of-service attack. The second was a rather surprising opening strike from competitor Dynamic Network Services (DynDNS), which launched a full-scale (and in T1R's opinion, misguided) public relations broadside. First, to the actual denial of service attack. Contrary to many early reports, UltraDNS was not 'down' on Tuesday... more
A cranky letter from the NTIA to ICANN, submitted in late December during ICANN's comment period for new top-level domains, has encouraged the awkward coalition of those opposed to new TLDs. The NTIA (National Telecommunications and Information Administration), a division of the Department of Commerce, is the agency tasked with being ICANN's watchdog. So a letter from them carries some weight, though not as much as some people think... more
Planning for a short trip to Hong Kong tomorrow reminded me of Jonathan Shea, something I wanted to blog about but was waiting for the hype around the new generic Top-Level Domains (TLDs) to cool down. Jonathan Shea is an old friend who is in-charge of ".hk". I had the pleasure to catch up with him in Paris ICANN meeting. Before Jonathan, let me talk about something related that happened in Paris. At the Cross Constituency Meeting, there was a presentation by the Anti-Phishing Working Group (APWG). In summary, they were proposing working with registries to take down domain names that are suspected to be involved in phishing. more
If you are not already using OpenDNS on your home network I have one question for you. Why not? When it debuted, OpenDNS' main advantage was speed. It is a great deal faster than the DNS operated by most ISPs so, if you configure your border router/DHCP server to use OpenDNS name servers, the t'internet magically speeds up... On looking at the OpenDNS stats for my home network the other day, one item gave me cause to scratch my head a little. There was a non-trivial number of AAAA look-ups going on. In case you don't know (and I know you do), AAAA look-ups are IPv6 address look-ups... more
There are two types of domain name appraisers, designated here as type "1" and type "0," with the former being appraisers who rely on a scientific approach. A large number of domain owners use the services of type "0" -- the nonscientific -- or do the appraisal themselves. Approaches used by scientific appraisers include regression-type statistical modeling, discounted cash-flow analysis, and reliance on the Law of Large Numbers. This post looks at some of the typical erroneous arguments against taking a statistical approach and provides an example from law... more
Sender Policy Framework (SPF) stops novice spammers but not the professionals, says Spammer-X, a retired spammer who has gone into a lot of the details in his book, "Inside the Spam Cartel". The best way to beat SPF is to join it... First, Joe Spammer rents a dedicated spam host in a spammer-friendly location, like China. Next, he registers 100 domain names, and each domain is registered under a fake name and address. Next, DNS entries for each of the hosts are set up, including a valid pointer record (PTR), an MX record and reverse DNS entries for each domain... more
ICANN has announced that it is seeking input and feedback on the topic of domain tasting. (See their announcement for full details) Interestingly enough Michael Gilmour published an article a couple of days ago covering the same topic - "Why domain tasting is great!", which will probably raise a few hackles! One point that in particular caught my eye... more