DNS |
Sponsored by |
|
It was only a few weeks back, in July of this year, where I remarked that an Akamai report of an outage was unusual for this industry. It was unusual in that it was informative in detailing their understanding of the root cause of the problem, describing the response that they performed to rectify the immediate problem, the measures being undertaken to prevent a recurrence of this issue, and the longer-term measures to improve the monitoring and alerting processes used within their platform. more
Well, here we are on Friday the 13th and I couldn't think of a better way to spend the day than providing an update on GDPR, WHOIS and ICANN. There's lots to cover, so let's dive right in. As we have been talking about for a number of months now, the EU's new General Data Privacy Regulation (GDPR) will become enforceable on May 25th. The ICANN community has been struggling with how GDPR will impact the WHOIS system. more
I thought of ICANN yesterday when reading about the devolution of the Iraqi Governing Council, which managed to unite for just a moment to approve a constitution with about the half-life of lutetium. ICANN and the IGC: two institutions put in charge of ill-behaved constituencies and stuck in chronic failure mode. Could anything be learned by examining them at arm's length? Indeed, different as they are, their histories contain several common elements... more
In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned. more
The ICANN bylaws require a periodic review of ICANN structures and operations; the first of such reviews, that of the Generic Names Supporting Organization Council, is scheduled to be finalized in the next few weeks prior to the start of ICANN's annual meeting. To begin discussion on this topic, I draw your attention to a very thoughtful question posed by Joe Sims during the prior ICANN reform process... more
This post follows an earlier post about DNS amplification attacks being observed around the world. DNS Amplification Attacks are occurring regularly and even though they aren't generating headlines targets have to deal with floods of traffic and ISP infrastructure is needlessly stressed -- load balancers fail, network links get saturated, and servers get overloaded. And far more intense attacks can be launched at any time. more
If you will be at ICANN 52 in Singapore in February 2015 (or can get there) and work with DNSSEC or the DANE protocol, we are seeking proposals for talks to be featured as part of the 6-hour DNSSEC Workshop on Wednesday, February 11, 2015. The deadline to submit proposals is Wednesday, December 10, 2015... The full Call For Participation is published online and gives many examples of the kinds of talks we'd like to include. more
For a brief moment earlier this week, I thought my days spent dreaming of hover-boards, flying cars and Biff's elusive Sports Almanac were finally over. From reports circulating online, we had finally reached "Back to the Future Day". Those movie buffs out there will know exactly what I'm referring to... But it got me thinking. What would the Domain Name world look like if that crazy cat Doc Brown swung past in his DeLorean, with a fully-charged flux capacitor and a return ticket to October 21st 2015? more
ICANN's two-year effort to purportedly preserve the Whois public directory to the greatest extent possible while complying with GDPR has failed. Under the latest proposal, the Whois database, once a contractually-required directory of domain name registrants, will be gutted to the point of virtual worthlessness, as registrars, registries, academics, and hand-wringing others ignored the public interest and imposed ever-higher barriers to legitimate, GDPR-compliant access to registration data. more
Wednesday's announcement by the Obama administration, that former Washington state governor Gary Locke has been nominated as the next Secretary of Commerce could be a good sign for Internet governance, and the continued globalization of the ICANN regime. The Chinese-American Locke brings key political capital and experience to the table. He is well respected within and has access to the most senior levels of the Chinese government... more
In the second part of this two-part series article (part one here), Andrew McLaughlin concludes his critical look at the recently reported study, Public Participation in ICANN, by John Palfrey, Clifford Chen, Sam Hwang, and Noah Eisenkraft at the Berkman Center for Internet & Society at Harvard Law School... "ICANN has never attempted to be -- and was never designed to be -- 'representative' of the worldwide Internet community in any mathematically precise way. In view of the vast size of the global population of Internet users, and the specialized technical focus of ICANN's policy-making responsibilities, it would be a hopeless task to try to achieve truly representative statistical proportionality among ICANN's participants, committees, task forces, or Board members. Rather, here's how the U.S. government's foundational 1998 DNS policy statement described the core principle of 'representation'." more
There have been quite a few news stories released over the last 24 hours regarding a wide-scale compromise of 300,00 Internet gateway devices. Here's the executive summary of what happened, how to check if you are vulnerable, and what you can do to fix it... If you use any of these devices, you should check it to ensure your device has not been compromised. more
This Sunday, March 22, 2015, the second Registration Operations Workshop (ROW) will be taking place at the Fairmont Dallas hotel from 12:30 -- 4:30 pm CDT. Discussion will include extensions to EPP, new encryption initiatives and also suggestions for ways to further automate DNS interactions between registries, registrars and DNS operators, including a need to do this for DNSSEC. more
ICANN's 44th public meeting is about to start in a few days with a number of topics on the agenda. Some of them are new, while some of them are ongoing. First off, ICANN will be announcing the new CEO this Friday afternoon in Prague. Whoever it is will be coming to the organisation at a time when it faces a number of significant challenges. While the actual official meeting does not start until Monday morning there will be plenty of meetings on over the weekend as well... So what's on the "menu" for Prague? more
I'm sitting in the Popov Room of the ITU Tower in Geneva, the room is quiet, the atmosphere placid, chairs are empty. The final meeting of the CWG WCIT prep WG has just concluded its work and the chair will be reporting to the Council the results of our work. I find myself strangely calm and looking forward to my next week, to be spent in Prague... Should you choose to read through the documents, and they are lengthy at approximately 375 pages, you might think that a number of the proposals were directed at the Internet. more
A World-Renowned Source for Internet Developments. Serving Since 2002.