Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
For a long time, arguments about the meaning of "DNS Abuse" prevented fruitful discussions within the ICANN community on when and how it is appropriate to act at the level of the DNS to address abuses online. The proposed amendments to RA and RAA agreements represent a significant and welcomed step in the right direction. As Secretariat of the Internet & Jurisdiction Policy Network (I&JPN), we strongly encourage their adoption... more
There must be something in the air. I'm not sure exactly what it is, but there are a lot of things going on in the ccTLD world at the moment. In the UK Nominet's Annual General Meeting (AGM) is being held this week. This would normally provoke a yawn from most people -- it's an AGM -- how exciting can that be? This year's AGM looks like it could be quite entertaining, although it probably isn't going to be particularly beneficial for its membership. more
A DNSSEC failure plunged hundreds of Russian-language websites into darkness on Tuesday evening, rendering .ru and .рф domains inaccessible. The outage affected users both within and outside Russia, with major platforms such as Tinkoff Bank, Avito, Wildberries, Yandex, and MTS experiencing disruptions. more
Last time the ICANN faithful gathered in Sydney, there was a fair bit of unrest and some big unknowns. The Implementation Recommendation Taskforce (IRT) report on how Intellectual Property (IP) could be protected in the era of new Top-Level Domains (TLDs) stirred the pot as did, to a lesser extent, the issue of Registry-Registrar separation in new TLDs. Additionally, everyone had big questions on their minds - when the root would be signed (and DNSSEC fully implemented)... Four months later and five thousand miles almost due north, the netizens gathering at ICANN 36 in Seoul know the answers to some of those very important questions. more
Did you know that over 50% of .CZ domains are now signed with DNS Security Extensions (DNSSEC)? Or that over 2.5 million .NL domains and almost 1 million .BR domains are now DNSSEC-signed? Were you aware that around 80% of DNS clients are now requesting DNSSEC signatures in their DNS queries? And did you know that over 100,000 email domains are using DNSSEC and DANE to enable secure email between servers? more
So I wrote earlier that I though it was good stuff when ICANN released a paper on DNS Security. Yes, I think it was good this paper was released, and yes it points out correctly how important DNSSEC is. But, now when reading it in detail, I find two things that troubles me. And it has to do with management of .ARPA. A top level domain that is used for infrastructural purposes. Like IP-addresses and E.164 numbers... more
If there is one word in the telecommunications that has suffered from over-abuse for many years now, it's convergence. The term has been liberally applied to each successive generation of communications technology for their supposed ability to solve a myriad of service delivery problems within a single unifying converged carriage and service delivery solution. Unfortunately, the underlying reality has always been markedly different from these wondrous promises, and we continue to see an industry that deploys a plethora of service delivery platforms and an equally diverse collection of associated switching and service delivery technologies. One can't help but wonder at the collective gullibility of an industry that continues to herald the convergent attributes of each new generation of communications technology, while at the same time being forced to admit that previous convergent promises have never been realized. more
The Coalition for Internet Transparency (CFIT) filed an anti-trust suit against VeriSign for their monopoly control of the .COM registry and the expiring market of .COM domains. The claims were many including excessive financial pressure lobbying and lawsuits to force ICANN into renewing the VeriSign .COM agreement under very self-serving terms. ICANN inevitably was paid millions of dollars to settle the suit. However, the saga continues once again. ... In the light of continuous and relentless discussions and proposals by the Vertical Integration working group, one question is in the back of everyone's mind. Could the decision on Vertical Integration backfire on ICANN and invite similar suits in the domain name space? more
In the last article we examined the language in Stuart Lynn's A Plan for Action Regarding New gTLDs, and I addressed concerns about specific language in that document. In this article, I will examine several questions of importance that need to be addressed when discussing new gTLD policy; questions that Mr. Lynn leaves unanswered in his proposal... more
Lots of coverage in the last two days about a Memorial Day weekend attack that took down the servers of Revision3, an Internet video network. This story has a lot of ingredients -- P2P maneuvering, DDoS attack, copyright vs. piracy, talk of laws broken and the FBI investigating. more
The Domain Name System is now over 25 years old. Since the publication of RFCs 1034 and 1035 in 1987, there have been over 100 RFC documents published that extend and clarify the original DNS specs. Although the basic design of the DNS hasn't changed, its definition is now extremely complex, enough so that it's a challenging task to tell whether a DNS package correctly implements the specs. more
Everyone who participated in supporting DNS Flag Day initiative should feel they have accomplished something worth-while, says ISC's Vicky Risk. more
DNS tunneling -- the ability to encode the data of other programs or protocols in DNS queries and responses -- has been a concern since the late 1990s. If you don't follow DNS closely, however, DNS tunneling likely isn't an issue you would be familiar with. Originally, DNS tunneling was designed simply to bypass the captive portals of Wi-Fi providers, but as with many things on the Web it can be used for nefarious purposes. For many organizations, tunneling isn't even a known suspect and therefore a significant security risk. more
Mike Hammer's thoughtful article, A Few Thoughts on the Future of Email Authentication, should trigger thoughtfulness in the rest of us. Email abuse has been around a long time. Anti-abuse efforts have too. Yet global abuse traffic has grown into the 90+% range, with no hint of trending downward. The best we hear about current effectiveness is for last-hop filtering, if you have the money, staff and skills to apply to the problem... more
The .LY domain is Libya, and their government recently cancelled the registration of the short and snappy VB.LY, provoking great gnashing of teeth. If you direct your attention to the address bar above this page, you'll note that it's at JL.LY, equally short and snappy. The .LY registry started allowing two letter second-level domains last year, and there was a quiet land rush. Now they restrict those domains to people actually in Libya, but say they'll let us keep the ones we have. How concerned am I that they'll take my domain away, too? more
A World-Renowned Source for Internet Developments. Serving Since 2002.