DNS |
Sponsored by |
|
I joined the ICANN board during the December 2004 ICANN meeting in Cape Town. I served for a three year term and stepped down at this last meeting in Los Angeles and didn't run for another term... Before joining ICANN, I thought that ICANN was the only part of the Internet that wasn't really working. I knew that there must be a better way to do what ICANN does, but I couldn't be bothered to figure it out. I'd agree with people who said things like, "it should just be distributed" or "it should just be first come first serve" or "we should just get rid of it." People from ICANN would say, "it's more complicated than that" or "at this point that would be impossible." After being part of the process for three years, I find myself saying those same things... more
I'm writing this column in November, and that means that it is time for the traveling circus known as the Internet Governance Forum (IGF) to come down to earth, unpack its tents and sell tickets for its annual song and dance routine. The script for this year's show has been changed, and after being excluded from the main arena last year at the Athens gig, the headline act of "Critical Internet Resources" is taking a starring role this year in Rio. Some folk are even saying that it is the single most contentious issue to be scheduled at this year's IGF show. So what are "Critical Internet Resources" anyway? If folks are going to spend all this time, energy and carbon emissions traveling to Rio to talk on this topic, then wouldn't it be helpful to understand what it means in the first place? There are probably a number of ways to answer this question, so in this heavily opinionated column I'd like to look at the range of possible answers to this question. more
There are many network operator group meetings being held these days. Even in the backwater of the South Pacific where I live there is now AUSNOG, and NZNOG is just next door in New Zealand. We now have MENOG in the Middle East and AFNOG in Africa. The original NOG was the North American Network Operators Group (NANOG), and they have the T-Shirts to prove it! NANOG meets three times a year, and I attended NANOG 41 in October 2007. NANOG meetings cover a broad variety of topics, from operational tools, measurement, and peering practices through to a commentary on the state of the Internet industry. Here are my impressions of the meeting. more
Damien Allen of VTalk Radio recently interviewed Professor Eric Goldman of the Santa Clara University School of Law on the topic of "Domaining". The interview covers the nature of domaining as a business and how it differs from cybersquatting. From the interview: "Often times the domainers are not particularly interested in profitable resale and, in fact, in my experience many times when domainers get complaints about domains, they'll just hand the domain name back, no questions asked and no money charged. They're not looking to make money from the resale of the domain names..." more
Microsoft has filed 3 cybersquatting cases at the beginning of September 2007, as reported in an Inside Indiana Business article. I took the liberty of accessing the cases via the PACER system, and posted the major documents... It looks like they're stepping up efforts to defend their trademarks, and seeking big damages in court, rather than go the way of the UDRP. These cases demonstrate that new TLDs should not be a priority with ICANN until the problems in existing TLDs are addressed. more
EURid, the entity charged with managing the .eu namespace, is reported to have taken action against an alleged cybersquatter based in China, Zheng Qingying... The last suspension "en masse" was directed against Ovidio when over 74 thousand domains were suspended. This time round the number is much lower -- a paltry ten thousand! In this instance there seems to have been a pattern of cybersquatting, with over a dozen ADR proceedings against the registrant in question. more
I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more
DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more
Last month's column looked at the exhaustion of the IPv4 unallocated address pool and the state of preparedness in the Internet to grapple with this issue... There has been a considerable volume of discussion in various IPv6 and address policy forums across the world about how we should respond to this situation in terms of development of address distribution policies. Is it possible to devise address management policies that might both lessen some of the more harmful potential impacts of this forthcoming hiatus in IPv4 address supply, and also provide some impetus to industry to move in the originally intended direction to transition into an IPv6 network? more
Neustar is facing a potential loss of the Dot-US franchise as competitors bid against them. Why might this be of interest to .com registrants? ...The issue of antitrust with regards to the .com agreement has never really been properly settled, as a well-funded complainant hasn't brought forward a case to full fruition in the courts. ICANN sold out the public by agreeing to a settlement that would see its own coffers swell, at the expense of registrants, so they do not count. more
This article discusses grassroots progress toward the development of a "Domain Registrant's Code of Rights and Responsibilities." This Code is an effort to create a balanced combination of the rights that domain name registrants should enjoy and the responsibilities that domain name registrants should fulfill. Discussion and survey results concerning this Code at domain-related forums show far greater grassroots consensus than one might think between what might be called the "domainer" and "intellectual property" communities. Informal surveys at some domain-related forums show very strong support in favor of this Code. more
Funny how some topics seem sit on a quiet back burner for years, and then all of a sudden become matters of relatively intense attention. Over the past few weeks we've seen a number of pronouncements on the imminent exhaustion of the IP version 4 address pools. Not only have some of the Regional Internet Registries (RIRs) and some national registry bodies made public statements on the topic, we've now seen ICANN also make its pronouncement on this topic... Why the sudden uptake of interest in this topic? I suspect that a small part of this may be my fault! more
In one of the first (if not the first) UDRP cases for .cat, the auto giant BMW appears to have filed a WIPO case over the BMW.cat domain name. Other prospective new TLD operators have tried to suggest in ICANN meetings that these new TLDs do not cause problems with cybersquatting or defensive registrations... Obviously, given the above WIPO case, that statement is false. more
I recently came across a copy of a ruling in the bizarre case of MySpace vs. theglobe.com. Theglobe.com was the ultimate dot.com bubble company. It started up here in Ithaca, and went public at the peak of dot.com hysteria with one of the the greatest one-day price runups ever. Since then they bought and sold a variety of busineses, none of which ever made any money, including the Voiceglo VoIP service which appears to be what the spam was promoting. more
On the face of it, Kieren McCarthy's Sex.com was a book that could have written itself: a notorious, well-publicised feud over the most valuable domain name in existence, between two charismatic men -- one a serial entrepreneur with a weakness for hard drugs (Gary Kremen), the other a gifted con-man with delusions of grandeur (Stephen Cohen). It's a story replete with vicious acrimony, multi-million dollar lawsuits, and rumours of gunfights between bounty hunters in the streets of Tijuana. Thankfully, McCarthy wasn't content to just bundle together all the articles he's written about Sex.com over the years and slap a cover on the front... more
A World-Renowned Source for Internet Developments. Serving Since 2002.