Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
A few weeks ago, on Oct. 1, 2016, Verisign successfully doubled the size of the cryptographic key that generates DNSSEC signatures for the internet's root zone. With this change, root zone DNS responses can be fully validated using 2048-bit RSA keys. This project involved work by numerous people within Verisign, as well as collaborations with ICANN, Internet Assigned Numbers Authority (IANA) and National Telecommunications and Information Administration (NTIA). more
The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system. The 7th ROW will be held in Vancouver, Canada on Thursday, May 17th 2018 in the afternoon, at the end of the GDD Industry Summit, in the same venue. more
Just in time for ICANN's 44th meeting next week, a new Internet Draft has turned up, purporting to fix the centralization of the DNS. The draft has received some attention, including an article in PC World. It isn't entirely clear what the real purpose of the draft is, but it is hard to credit the notion that it is solving any technical problem. Without examining the reasons why the draft exists, I want to debunk a claim in it. more
In 1987, CompuServe introduced GIF images, Steve Wozniak left Apple and IBM introduced the PS/2 personal computer with improved graphics and a 3.5-inch diskette drive. Behind the scenes, one more critical piece of internet infrastructure was quietly taking form to help establish the internet we know today. November of 1987 saw the establishment of the Domain Name System protocol suite as internet standards. more
Close to 1300 IP addresses were hijacked this morning resulting in Amazon losing control of a number of its highly used cloud services. more
Over the past several years, questions about how to protect information exchanged in the DNS have come to the forefront. One of these questions was posed first to DNS resolver operators in the middle of the last decade, and is now being brought to authoritative name server operators: "to encrypt or not to encrypt?" It's a question that Verisign has been considering for some time as part of our commitment to security, stability and resiliency of our DNS operations and the surrounding DNS ecosystem. more
Imagine that you run an organization out of a building. Imagine that the landlord comes one day and says, "Oh I didn't know you are a resident of country X or dealing with anybody from country X. I have to close this place down right now." And then you are done. You don't have an organization anymore. This very scenario happens on the Internet. more
The domain name system is not the place to police speech. ICANN is legally bound not to act as the Internet's speech police, but its legal commitments are riddled with exceptions, and aspiring censors have already used those exceptions in harmful ways. This was one factor that made the failed takeover of the .ORG registry such a dangerous situation. But now, ICANN has an opportunity to curb this abuse and recommit to its narrow mission of keeping the DNS running... more
I've been incredibly lucky in my time at Neustar to lead both the exceptional Registry and Security teams. While these divisions handle their own unique product and service offerings, it's clear that they have some obvious crossovers in their risks, opportunities and challenges. Having been closely involved in the strategy of both these teams, it strikes me that there is more we as Registry Operators and service providers can and should be doing to align the world of cybersecurity with that of domain names. more
Previously, this series tackled the terribly awful Amendment 35 to the NTIA-Verisign cooperative agreement and also made the case that the tainted presumptive renewal currently included in registry agreements is inherently anti-competitive. But renewing legitimacy and integrity of Internet governance requires accurately understanding the unique and significant role retained by the U.S. government following the IANA transition. more
For those interested in encouraging innovation in the domain name space -- which presumably includes the ICANN community currently convening in Dakar -- the recent episode in which VeriSign proposed, and then quickly withdrew, a bundle of new services (the VeriSign anti-abuse domain use policy) raises important issues that will be revisited as new gTLDs are introduced. Some of those issues are referenced in a recent blog post by Milton Mueller, but his emphasis on "due process" suggests a regulatory framework that is not friendly to innovation. more
From the humble beginnings of ARPANET to the birth of the internet as we know it today, domain registrars have been the silent architects of our online activity. Now, as we stand on the cusp of the Web3 revolution, domains are set to undergo yet another profound transformation. Internet innovations have given us a remarkable ability to connect, but now we are bouncing against the limits of this paradigm. more
A fourth draft of ICANN's New gTLD Draft Applicant Guidebook has been released. In addition to the Applicant Guidebook, ICANN has also published summaries and analysis of the public comment period. The latest version includes... more
Ukraine's representative to ICANN's Governmental Advisory Committee (GAC) has sent a letter to the Internet Corporation for Assigned Names and Numbers (ICANN) to remove Russian-administered top level domains (.RU, .SU and .рф) from the DNS root zone. In a separate letter, Ukraine's representative also asked RIPE NCC to withdraw the right to use all IPv4 and IPv6 addresses by all Russian members of the regional IP registry for the European region. more
Domain Name System (DNS) Operators (Registries and Registrars) receive notices asking them to take action on a wide range of alleged technical and content-related abuses. However, there is a fundamental question of when it is appropriate to act at the DNS level and the evaluation of whether the alleged abuse meets a sufficient threshold for action at the DNS level. Additionally, given the volume of abuses occurring on the internet, existing resources, mechanisms, and protocols available in-house to Operators are in many cases insufficient to address abuses in a timely fashion. more
A World-Renowned Source for Internet Developments. Serving Since 2002.