DNS |
Sponsored by |
|
Mike Hammer's thoughtful article, A Few Thoughts on the Future of Email Authentication, should trigger thoughtfulness in the rest of us. Email abuse has been around a long time. Anti-abuse efforts have too. Yet global abuse traffic has grown into the 90+% range, with no hint of trending downward. The best we hear about current effectiveness is for last-hop filtering, if you have the money, staff and skills to apply to the problem... more
So I wrote earlier that I though it was good stuff when ICANN released a paper on DNS Security. Yes, I think it was good this paper was released, and yes it points out correctly how important DNSSEC is. But, now when reading it in detail, I find two things that troubles me. And it has to do with management of .ARPA. A top level domain that is used for infrastructural purposes. Like IP-addresses and E.164 numbers... more
After a widespread blackout hit the United States and Canada, the so-called network domino effect attracted high public attention. Modern physicists have paid attention to the effect of network dominos. Especially, scientists who have studied complex systems have warned that a network domino effect, if it occurs, will bring chaos to a society that is well connected through the Internet. The cause of the blackout in the United States and Canada was not traced down quickly. But it apparently shows a typical network domino effect. more
ICANN and internet exchange firm Packet Clearing House (PCH) have joined forces with Infocomm Development Authority of Singapore (IDA) and the National University of Singapore (NUS) to launch the first of three facilities designed to boost the adoption of Domain Name System Security (DNSSEC) among country code Top-Level Domains (ccTLDs). The three new facilities, located in Singapore; Zurich, Switzerland (still under construction) and San Jose, California, provide cryptographic security using the recently deployed DNSSEC protocol. more
Wow. It's out. It's finally, finally out... So there's a bug in DNS, the name-to-address mapping system at the core of most Internet services. DNS goes bad, every website goes bad, and every email goes...somewhere. Not where it was supposed to... I'm pretty proud of what we accomplished here. We got Windows. We got Cisco IOS. We got Nominum. We got BIND 9, and when we couldn't get BIND 8, we got Yahoo, the biggest BIND 8 deployment we knew of, to publicly commit to abandoning it entirely. It was a good day... more
At the Internet Engineering Task Force (IETF) it is time we accept the wide range of drivers behind (and implications of) standards and for stakeholders to start listening to each other. A protocol recently released by the IETF, DNS over HTTPS (DoH), is at the centre of an increasingly polarised debate. This is because DoH uses encryption in the name of security and privacy and re-locates DNS resolution to the application layer of the Internet. more
In 2019, we've seen a surge in domain name system (DNS) hijacking attempts and have relayed warnings from the U.S. Cybersecurity and Infrastructure Agency, U.K.'s Cybersecurity Centre, ICANN, and other notable security experts. Although the topic has gained popularity amongst CIOs and CISOs, most companies are still overlooking important security blind spots when it comes to securing their digital assets outside the enterprise firewalls -- domains, DNS, digital certificates. more
On September 30, 2002, the Memorandum of Understanding (MOU) between the US Department of Commerce (DOC) and the corporation created to privatize the infrastructure of the Internet will expire. This corporation, known as ICANN (Internet Corporation for Assigned Names and Numbers) has had a very contentious existence from its earliest days. On July 10, 2002, a US Department of Commerce official, Nancy Victory, sent a letter to ICANN. She wrote that the agreement between ICANN and the DOC "will expire on September 30, 2002 and in the coming weeks, the Department of Commerce will assess whether to renew, extend, or modify this agreement. To assist in this review process," Victory asked, "I request that you provide me with a report detailing ICANN's efforts in these areas, as well as any other information that might inform the Department in its decision-making with respect to this agreement." Victory said that the response to her letter should be sent no later than August 15, 2002. more
APNIC Labs, the research arm of Asia-Pacific Network Information Centre, is partnering with Cloudflare for a joint research project relating to the operation of the DNS, reports Geoff Huston, APNIC's Chief Scientist. more
Domain holders need to test their sites for 'DNS Flag Day' which will kick off on Friday, Feb. 1, 2019. more
ICANN's web site has a press release saying that the were granted a temporary restraining order on Monday requiring that Registerfly cough up all the info on their registrants, or else.
My assumption all along has been that the reason that Registerfly hasn't provided full info is because they don't have it. ICANN agrees that they got partial data last month, and it's hard to imagine a reason that Registerfly would have given them some of the data but deliberately held back the rest. I guess we'll know soon enough.
By the way, I hear that ICANN plans to implement their registrar escrow policy, the one that's been in the contracts since 2000, pretty soon. more
For nearly all communications on today's Internet, domain names play a crucial role in providing stable navigation anchors for accessing information in a predictable and safe manner, irrespective of where you're located or the type of device or network connection you're using. Over the past 15 years hundreds of millions of domain names have been added to the Internet's Domain Name System (DNS), and well over two billion (that's Billion!) new users, some ~34 percent of the global population, have become connected. more
Neustar, a leading provider of registry services, is hosting a Town Hall meeting this month for the United States' country code Top-Level Domain, .US. Neustar introduced the .US Town Hall last year to reflect our commitment -- and the Commerce Department commitment to the bottom-up, multistakeholder model of DNS management. The public forum is an important part of ensuring that .US continues to be a vibrant namespace that reflects America's diversity, creativity, and innovative spirit. more
In the previous installments, we've been looking at aspects of the design of the DNS. Many databases go to great effort to present a globally consistent view of the data they control, since the alternative is to lose credit card charges and double-book airline seats. The DNS has never tried to do that. The data is roughly consistent, but not perfectly so. more
Today ICANN releases a paper with the title "DNSSEC @ ICANN - Signing the root zone: A way forward toward operational readiness". The paper explains in more detail than earlier documents what ICANN view on signing of the root zone is. I think the key points mentioned in this paper are true, and in general, I think this document is a good read. It is not long, and summarizes what I would call the current view is. more
A World-Renowned Source for Internet Developments. Serving Since 2002.