DNS |
Sponsored by |
Two weeks ago, the Federal Trade Commission held a summit on e-mail authentication in Washington, DC; the community of people who handle bulk mail came together and agreed on standards and processes that should help reduce the proliferation of spoofed mail and fraudulent offers. This was a big, collective step in the right direction. But e-mail sender authentication alone won't solve the Net's fraud and phishing problems - nor will any single thing. It requires a web of accountability among a broad range of players. Yet this week there's another meeting, in Cape Town, South Africa, that could make even more of a difference...but it probably won't. more
Imagine my surprise upon reading a BBC article which identified ISC BIND as the top security vulnerability to UNIX systems. At ISC, we have striven for a decade to repair BIND's reputation, and by all accounts we have made great progress. "What could this be about," I wondered, as I scanned the BBC article for more details. It turns out that BBC was merely parroting what it had been told by SANS. OK, let's see what SANS has to say... more
TLD registrations in the Internet's root-zone file currently are divided into two broad classifications: generic and country-code top-level domains. With respect to the latter classification, no new "strategy" is required to add further ccTLDs as a relatively well-working process is already in place to integrate the occasional new country-code top-level domain. With one of these two classifications under reasonably sound management, it is therefore perfectly understandable to see that the ICANN organization consequently views its obligation to "Define and implement a predictable strategy for selecting new TLDs" as a mandate "to begin the process of allocating and implementing new gTLDs"... the flaw in this conclusion, however, stems from the presumption that the Internet's taxonomy must necessarily contain only the two above-so-mentioned broad classifications. I am proposing a third TLD classification -- based on languages. more
Those of you familiar with the American comic series "Peanuts" by the late Charles Schultz may be familiar with the recurring theme of Lucy's football. Lucy holds a football on her toe for Charlie Brown to practice a field goal kick. Charlie Brown realizes that the last 25 times Lucy has held the ball for him to kick, she pulled the ball out of the way at the last minute, causing him to trip and fall. Charlie Brown knows full well that Lucy may not keep the ball in place for him to kick, yet his determination gets him running towards that unlikely opportunity each and every time. more
For those who are Star Wars fans, the following scene from the prequel, Attack of the Clones, will be easy to recall: a young and misinformed Jedi, known as Obi-waan Kenobi, opines about how an army of clones had been able to snatch a victory from imminent defeat. Yoda, a Jedi Master and virtual fountain of wisdom, immediately gushes forth an important correction: "Victory? Victory you say? Master Obi-waan, not victory." Yoda explains that winning a battle is not a victory, if the win merely signals that the war has just begun. Yoda's apparent perception seems particularly apt for the precedent setting federal court opinion involving the sex.com domain name. Notwithstanding that individual domain name registrants may seek comfort in the victory obtained from the Ninth Circuit's opinion in Kremen v. Cohen, that decision merely signals a beginning -- not an end -- to the controversy over the proper legal framework for resolving domain name theft. more
In a press release issued Wednesday, March 03, 2004, Go Daddy Software, Inc., defended ICANN's right to regulate VeriSign's registry services and called for a formal review of the company's position as an "exclusive registry." This announcement from Go Daddy, which comes one week after VeriSign filed a lawsuit against ICANN, pledges $100,000 to ICANN for its defense of the VeriSign lawsuit. Go Daddy, which ranks among the top 3 largest domain name registrars in the world and one of VeriSign's largest customers, has also sent a letter to both the U.S. Department of Commerce (DOC) and the Internet Corporation for Assigned Names and Numbers (ICANN) strongly urging both groups to undertake a formal review of VeriSign's registry position.
In this special interview, CircleID has caught up with Bob Parsons, President and Founder of Go Daddy, where he provides in-depth discussions of Internet Innovation, ICANN, VeriSign's Global Registry Services, Top-Level Domains and the current legal battles. more
It seems like spam is in the news every day lately, and frankly, some of the proposed solutions seem either completely hare-brained or worse than the problem itself. I'd like to reiterate a relatively modest proposal I first made over a year ago: Require legitimate DNS MX records for all outbound email servers.
MX records are one component of a domain's Domain Name System (DNS) information. They identify IP addresses that accept inbound email for a particular domain name. To get mail to, say, linux.com, a mail server picks an MX record from linux.com's DNS information and attempts to deliver the mail to that IP address. If the delivery fails because a server is out of action, the delivering server may work through the domain's MX records until it finds a server that can accept the mail. Without at least one MX record, mail cannot be delivered to a domain.
more
ICANN's response to the European Union's Network and Information Security Directive (NIS2) is a litmus test on whether its policy processes can address the needs of all stakeholders, instead of only satisfying the needs of the domain industry. Early indications from the ICANN Hamburg meeting point to another disappointment for law enforcement, cybersecurity professionals, and the many businesses seeking to reinstate WHOIS as required by NIS2. more
Transparency and accountability are embedded in ICANN's core values. Indeed, ICANN's Bylaws mandate that "ICANN and its constituent bodies shall operate to the maximum extent feasible in an open and transparent manner ...". Public Interest Registry believes that a dedication to transparency is fundamental to the strength and continued effectiveness of ICANN's multistakeholder model. more
On December 14, 2021, Dot Hip Hop, LLC (DHH) filed an Urgent Reconsideration Request following ICANN staff inaction (for its over four-month delay) of its Assignment Request for the .hiphop Registry Agreement. Not only did the ICANN Board Accountability Mechanisms Committee (BAMC) decide against considering the Reconsideration Request on an urgent basis, but on its last day of business for 2021, ICANN Org decided to retaliate against DHH for filing the Reconsideration Request in the first place ... more
Someone recently observed that many stakeholders have fallen victim to a "chilling effect" resulting from fear of retaliation by the rich and powerful bullies currently infecting the multistakeholder community, ICANN, and Internet governance. I related to what I was hearing because I've been personally targeted and libelously attacked and it is deeply dismaying enough having to worry about threats to revenue and reputation along with other harmful effects of such thuggery. more
According to media sources, the National Telecommunications and Information Administration (NTIA) wrote to Verisign last Friday, objecting to the company's plan to auction o.com to the highest bidder. The planned release for o.com - described by the Second Amendment to the .com Registry Agreement and intended as a pilot for the remaining reserved single-character .com names - involved an opaque consideration process that ignored community input and set aside hard-won trademark protections developed by stakeholders in order to maximize dollars earmarked for an unidentified cadre of non-profit organizations. more
The DNS is a remarkably simple system. You send it queries, and you get back answers. Within the system, you see exactly the same simplicity: The DNS resolver that receives your query may not know the answer, so it, in turn, will send queries deeper into the system and collects the answers. The query and response process is the same, applied recursively. Simple. However, the DNS is simple in the same way that Chess or Go are simple... more
Afilias has informed registrars and registry clients that it is taking steps to remove orphan glue records from 200+ TLD zones in its care. This will eliminate the potential for a handful of domain names to be misused. "Glue records" enable websites and other uses of domain names to work on the internet. They are related to DNS domain name delegations and are necessary to guide iterative resolvers to delegated nameservers. more
From time to time the IETF seriously grapples with its role with respect to technology relating to users' privacy. Should the IETF publish standard specifications of technologies that facilitate third-party eavesdropping on communications or should it refrain from working on such technologies? Should the IETF take further steps and publish standard specifications of technologies that directly impede various forms of third party eavesdropping on communications? more