DNS |
Sponsored by |
|
In a move that shouldn't come as a surprise to anyone, the EU Commission has given a rather mixed welcome to the IANA bid. While they obviously like a lot of what they are seeing, they're also not overly impressed with the contract only being open to US companies. more
As you may know, ICANN holds three public meetings every year. The most recent one, ICANN 54, was held in Dublin... So the next ICANN meeting is being held in Marrakech, Morocco starting Saturday, March 5th through March the 10th. Up until now all three meetings were the same length and had the same basic structure. However, from this year onwards, that'll change. How that will play out in reality, however, is anyone's best guess. more
The U.S. Department of Homeland Security has issued a rare "emergency" directive ordering federal agencies to audit all DNS records within ten days. more
Well, I read the indictment (available here from Spamhaus.) It's a long litany of criminal behavior, primarily pump and dump stock fraud of a long list of penny stocks from the US and China. Ralsky is described as the "chief executive officer and overall leader" of the scheme... The thing that strikes me about this indictment is that although it includes a lot of CAN SPAM charges, everything Ralsky and Co. did was already illegal under conventional fraud and computer tampering laws. more
Because the speed of DNS is so important to the performance of any connection on the 'net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the 'net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries. more
With the latest "DNSpionage" attack, ICANN astutely prompted domain name holders to fully deploy DNSSEC on their names. Afilias absolutely supports this and encourages the same. In this post, I remind you of why DNSSEC is important and our continued role. Afilias has a long history in the development and advocacy of DNSSEC. In 2007, we partnered with Public Interest Registry to help found dnssec-deployment.org. more
Most of the single-character .com labels were initially registered in 1993 by Dr. Jon Postel while performing work pursuant to a contract with, and funded by, the U.S. government and are currently assigned to a "shell registrar" created and controlled by ICANN. This shell - which is the 376th entry on ICANN's list of accredited registrars - is misleadingly identified as the IANA registrar while being engaged in the illicit warehousing of domain names for speculative purposes. more
I am writing to you as someone who is not your citizen, (although I had the fortune to wed the most beautiful of your daughters), to share my thoughts about the recent US Government Cyber Solarium Commission report. U.S.A. We owe you one! Without you and your citizens there would be no free Internet as we know it. Thank You! Your constitution is our inspiration. We, the global digital citizenship want to be "the people", in order to "secure the Blessings of Liberty to ourselves and our Posterity..." more
Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020. more
For a number of years, there have been many different high profile incidents where major websites were defaced, taken offline, or crippled due to issues related to their domain registration. Last night, there was an incident where several high profile domains went offline due to issues at their registrar, and they are now coming back online after what I am sure was a few crazy hours for their operations teams and management. more
Tucows issued a press release today wherein they announced lower domain name pricing and enhanced services. The bigger change, which might set a trend for other registrars, is the greater transparency of the registry and ICANN fees relative to the fees charged by Tucows... If all registrars were to quote domain name prices in this manner (I had called it "Asterisk Prices" when I had suggested the idea to various registrars last December, for lack of a better term), it would shift the blame to ICANN and the monopoly registry operators (e.g. VeriSign) every time they raised their fees. more
Anyone who has been part of the community during its soon-to-be 12-years of existence will be the first to tell you that while ICANN's intentions are good, its execution, time and again, has been lacking. Unfortunately, the global business world does not and cannot accept only good intentions. Businesses require surety, consistency and clear evidence of stability before they can establish the foundation for their enterprises. more
DNS-over-TLS has recently become a welcome addition to the range of security protocols supported by DNS. It joins TSIG, SIG(0) and DNSSEC to add privacy, and, in the absence of validating stub resolvers, necessary data integrity on the link between a full-service resolver and the users' stub resolver. (The authenticated source feature of TLS may also offer some additional benefits for those of a nervous disposition.) Good stuff. What is not good stuff is... more
I don't know about you, but I'm starting to think that DNSSEC being so hot these days is a mixed blessing. Yes, it's wonderful that after so many years there is finally broad consensus for making DNSSEC happen. But being so prominent also means the protocol is taking shots from those who don't want to make the necessary software, hardware and operational modifications needed. And DNSSEC has taken some shots from those who just want to be contrarian. more
ICANN's response to the European Union's Network and Information Security Directive (NIS2) is a litmus test on whether its policy processes can address the needs of all stakeholders, instead of only satisfying the needs of the domain industry. Early indications from the ICANN Hamburg meeting point to another disappointment for law enforcement, cybersecurity professionals, and the many businesses seeking to reinstate WHOIS as required by NIS2. more