DNS |
Sponsored by |
|
About two years ago I wrote with concern about Bit.ly's use of Libya's country code. I noted that It's always important to keep in mind that a company can't "own" a domain the way it owns real estate. Now it appears that companies that have built brand names on Libya's country code are facing difficult times. more
According to the Online Etymology Dictionary, the verb collide is derived from the Latin verb collidere, which means, literally, "to strike together": com- "together" + lædere "to strike, injure by striking." Combined instead with loquium, or "speaking," the com- prefix produces the Latin-derived noun colloquy: "a speaking together." So consider WPNC 14 - the upcoming namecollisions.net workshop - a colloquium on collisions: speaking together to keep name spaces from striking together. more
The registries (gTLDS) are all moving towards signing in about a year. PIR and .org is going to be first with .edu, .biz, and others closely behind. The root is scheduled to be signed in the beginning of July (end of June looking at the holiday calendar) being the biggest milestone. Some of the roots already contain DNSSEC information. Other ccTLDs continue to turn DNSSEC on with countries on every continent signed. more
Last week the Ukrainian government sent a letter to ICANN asking them to revoke the ".ru", ".рф" and ".su" top-level domains. It also said they were asking RIPE, which manages IP addresses in Europe, to revoke Russian IP addresses. Both ICANN and RIPE said no. Other people have explained why it would have been a policy disaster, but beyond that, neither would actually have worked. more
Less than a week ago, I posted a short blog piece entitled "Can ICANN Please Stop Shooting Itself in the Foot?" in which I questioned ICANN's actions in connection with the recently announced key signing ceremony. At the end of this piece I asked the question: "While it seems that ICANN continues it propensity to shoot itself in the foot, does the community need to start worrying about when ICANN takes aim at other more vital organizational body parts?" Well it looks like I only had to wait five days to get the answer to that question. more
On July 28th DNSSEC took center stage at the 2010 Black Hat Conference in Las Vegas. Two years ago, at the same conference, Dan Kaminsky unveiled the infamous DNS bug that many believe became a major catalyst for DNSSEC implementation. To kick things off, Jeff Moss -- founder of Black Hat -- in his opening speech called out the fact that "we have not solved any fundamental problems" and noted that the technical community must catch up. more
Do you know someone who deserves recognition for launching the Internet in their region or country? Or someone who made some major technical innovation that made the Internet faster or better? Or someone who is a passionate advocate who influenced other people to make the Internet better? Can you think of someone who helped the Internet reach new people? For example, in a new region or language? Do you know someone who made the Internet more inclusive and accessible to more people? more
There's been a lot of emphasis on DNS performance lately because faster DNS contributes directly to a better user experience. There's an interesting flipside to DNS performance though, higher performance DNS servers may be better targets for cache poisoning attacks. Faster servers give attackers more opportunities to insert fake entries into the DNS - speed can kill (or at least inflict a nasty wound!) so it's important to understand the security implications if you're looking to upgrade DNS performance. more
I always geek out a little when I see something ICANN-related breaking out into the real world, like when the bus-stop display has borked, and its LAN is vainly searching for an IP number so it can reboot. Or the ICANN Paris meeting back in 2008 when the board gave the thumbs up to the GNSO policy to launch new gTLDs. One day we were an obscure Californian organisation doing something technical-seeming most people had never heard of, and the next we were working two phones each, giving journalists quotes and information for dozens of front-page news stories around the world. more
For two things that would seem to be completely unrelated there is an interesting parallel between IPv6 and DNSSEC. In both cases there is a misalignment of interests between content providers and service?providers. Content providers aren't highly motivated to deploy IPv6 because only a small proportion of users have v6 connectivity and even fewer only have v6. Service providers aren't anxious to deploy IPv6? because there isn't a lot of content on v6, and virtually none exclusively on v6 - so they don't expand the universe of interesting stuff on the web by deploying IPv6. Basically the same things could be said about DNSSEC. more
One of fastest growing trends of electronic communications is digital identity. The simplest way of establishing digital identity is to get a domain name and create a web site and email accounts. While this might have been a fairly complex undertaking some ten years ago, today it is a trivial matter. So trivial in fact that spammers and phishers can ply their trade with very low costs of entry. These low cost of entry have made the Internet a commodity business as traffic is handled in the aggregate and competitive pricing has made being an ISP a difficult business model. It also has created aggressive growth and adoption curves. The Internet is also the lowest common denominator... more
When the domain name system (DNS) was first designed, security was an afterthought. Threats simply weren't a consideration at a time when merely carrying out a function - routing Internet users to websites - was the core objective. As the weaknesses of the protocol became evident, engineers began to apply a patchwork of fixes. After several decades, it is now apparent that this reactive approach to DNS security has caused some unintended consequences and challenges. more
Economists aren't very good at predicting things, as any one with money in the stock market can attest. The most powerful economist in the United States, the Chairman of the Federal Reserve, is on record predicting a continuing climb in housing prices -- just prior to their precipitous decline. And yet their crystal balls still hold some allure for those who need to present "evidence" about the future. Such is the case with ICANN and the new generic Top-Level Domain (gTLD) program. more
Do you have an idea for a new way to use DNSSEC or DANE to make the Internet more secure? Have you recently installed DNSSEC and have a great case study you can share of lessons learned? Do you have a new tool or service that makes DNSSEC or DANE easier to use or deploy? Do you have suggestions for how to improve DNSSEC? Or new ways to automate or simplify the user experience? If you do, and if you will be attending ICANN 55 in Marrakech, Morocco (or can get there), we are now seeking proposals for the ICANN 55 DNSSEC Workshop that will take place on Wednesday, 9 March 2016. more
Oracle this morning announced agreement to acquire Dyn, leading cloud-based Internet Performance and DNS provider. Dyn, which recently gained substantial media attention as a result of a historic cyberattack, drives 40 billion traffic optimization decisions daily for more than 3,500 enterprise customers, including preeminent digital brands such as Netflix, Twitter, Pfizer and CNBC. more
A World-Renowned Source for Internet Developments. Serving Since 2002.