DNS

DNS / Most Viewed

Adult-Related TLDs Considered Dangerous

In an RFC prepared by Donald E. Eastlake 3rd and Declan McCullagh, an analysis is offered for proposals to mandate the use of a special top level name or an IP address bit to flag "adult" or "unsafe" material or the like. This document explains why these ideas are ill considered from legal, philosophical, and technical points of view: "Besides technical impossibility, such a mandate would be an illegal forcing of speech in some jurisdictions, as well as cause severe linguistic problems for domain or other character string names." more

IPv6: Extinction, Evolution or Revolution?

For some years now the general uptake of IPv6 has appeared to be "just around the corner". Yet the Internet industry has so far failed to pick up and run with this message, and it continues to be strongly reluctant to make any substantial widespread commitment to deploy IPv6. Some carriers are now making some initial moves in terms of migrating their internet infrastructure over to a dual protocol network, but for many others it's a case of still watching and waiting for what they think is the optimum time to make a move. So when should we be deploying IPv6 services? At what point will the business case for IPv6 have a positive bottom line? It's a tough question to answer, and while advice of "sometime, probably sooner than later" is certainly not wrong, it's also entirely unhelpful as well! more

Bug Reveals the Snooper in VeriSign’s Site Finder

Here's another interesting angle on the Verisign Site Finder Web site. VeriSign has hired a company called Omniture to snoop on people who make domain name typos. I found this Omniture Web bug on a VeriSign Site Finder Web page... more

Summary Judgment Denied in a Case of Creative Typosquatting

In the case of Lands' End, Inc. v. Remy, the defendant website owners were accused of crafting a clever scheme to get some extra commissions from their affiliate relationship with landsend.com. It looks like the scheme has backfired, however, as Lands' End's claim against the defendants under the Anticybersquatting Consumer Protection Act, [15 U.S.C. §1125(d)] ("ACPA") has survived a summary judgment motion and the case is heading for trial. more

Non-Commercial Website Domain Names Using Trademarks

There are now several different courts of appeals that have upheld the right of individuals to post a non-commercial website using the domain name www.company.com, and there are as yet NO appellate decisions that forbid such websites outside the context of the serial cybersquatter who tries to erect a so-called gripe site as a CYA measure after being sued. In fact, it seems to me that we are getting close to the point where companies that sue over such websites have to consider seriously the possibility that they will not only lose the suit, but face a malicious prosecution action... more

Breaking the Internet HOWTO

A number of people, notably Viviane Reding, the European Commissioner for Information Society and Media, have been asking about how to Break The Internet. Since Mme Reding seems to have absolutely no prior experience in the Information Technology, Computing or Telecommunications industries, I have prepared this brief HOWTO. "1. Declare the creation of a new Root Zone. This is the easy bit - all you have to do is spout great volumes of hot air at a conference in Geneva, and then storm out in a huff when other people refuse to take you seriously. Then you get the PFY who services your photocopier to declare the creation of a new European Root Zone! Hooray!" more

The Closing Window: A Historical Analysis of Domain Tasting

I wrote this history and analysis of domain tasting for the ICANN Business Constituency membership. It's by no means perfect but I thought I'd share it with those who would like a bit more color on the subject. "Present day 'Domain Tasting' has its roots in 2001 and 2002 when a small group of ambitious domain registrants persuaded two registrars to allow them to register large blocks of domain names for the purpose of establishing which names garnered type-in traffic..." more

So You Think You’re Safe from DNS Cache Poisoning?

Everyone is probably well aware of the Kashpureff-style DNS cache- poisoning exploit (I'll call this "classic cache poisoning"). For reference, see the original US-CERT advisory prompted by this exploit. Vendors patched their code to appropriately scrub (validate) responses so that caches could not be poisoned. For the next 7-8 years, we didn't hear much about cache poisoning. However, there was still a vulnerability lurking in the code, directly related to cache poisoning. ...On April 7, 2005, the SANS ISC (not to be confused with Internet Systems Consortium) posted an update detailing how Microsoft Windows DNS servers were still being poisoned, even though the "Secure cache against pollution" option was set. The SANS ISC found that Windows DNS servers using BIND4 and BIND8 servers as forwarders were being poisoned. But how could this be? more

Why Site Finder is Breaking MS Outlook & Windows Networking Utilities

I have discovered that VeriSign's SiteFinder service breaks Microsoft's Outlook and Microsoft's Outlook Express email readers as well as many of the standard Windows Networking Utilities by providing misleading error messages, temporary lockups, and incorrect status information.  more

Internationalizing the Internet

One topic does not appear to have a compellingly obvious localization solution in the multi-lingual world, and that is the Domain Name System (DNS). The subtle difference here is that the DNS is the glue that binds all users' language symbols together, and performing localized adaptations to suit local language use needs is not enough. What we need is a means to allow all of these language symbols to be used within the same system, or "internationalization". more

New Mobile Domain Another Bad Idea

You may have seen a new proposal for a "mobile" top-level domain name for use by something called "mobile users" whatever they are. (The domain will not actually be named .mobile, rumours are they are hoping for a coveted one-letter TLD like .m "to make it easier to type on a mobile phone.) Centuries ago, as trademark law began its evolution, we learned one pretty strong rule about building rules for a name system for commerce, and even for non-commerce.
Nobody should be given ownership of generic terms. Nobody should have ownership rights in a generic word like "apple" -- not Apple Computer, not Apple Records, not the Washington State Apple Growers, not a man named John Apple. more

On Mandated Content Blocking in the Domain Name System

COICA (Combating Online Infringement and Counterfeits Act) is a legislative bill introduced in the United States Senate during 2010 that has been the topic of considerable debate. After my name was mentioned during some testimony before a Senate committee last year I dug into the details and I am alarmed. I wrote recently about interactions between DNS blocking and Secure DNS and in this article I will expand on the reasons why COICA as proposed last year should not be pursued further in any similar form. more

Cricket Liu Interviewed: DNS and BIND, 5th Edition

In follow-up to recent announcement on the release of the latest edition of the very popular DNS and BIND book -- often referred to as the bible of DNS -- CircleID has caught up with Cricket Liu, co-author and a world renowned authority on the Domain Name System. In this interview, Cricket Liu talks about emerging issues around DNS such as security and IPv6 support, and important new features such as internationalized domain names, ENUM (electronic numbering), and SPF (the Sender Policy Framework). "Cricket Liu: We're now seeing more frequent attacks against DNS infrastructure. ...Turns out that name servers are terrific amplifiers -- you can get an amplification factor of nearly 100x. These attacks have raised awareness of the vulnerability of Internet name servers, which is possibly the only positive result..." more

What is Anti-Spam?

There's a lot of argument as to which "anti-spam" techniques are legitimately so called. In this article, I'd like to consider what constitutes an anti-spam technique in an ideal sense, then consider the various practiced approaches to spam mitigation in that light, drawing conclusions as to how we should frame the "anti-spam" discussion. ...For the purposes of this discussion, let "spam" refer to "unsolicited bulk email". Not everyone agrees on this definition, but it's by far the most widely accepted, and without a working definition we won't be able to define "anti-spam"... more

Google Sued for Trademark Infringement Based on Third-Level Subdomain

It's no surprise that Google has been sued again for trademark infringement, but the basis of this lawsuit is surprising. Rather than another lawsuit over the sale of trademarked keywords to deliver ads (along the lines of the GEICO, American Blinds, Rescuecom and JTH Tax cases, or the dozens of international lawsuits), this lawsuit is based on a Blogspot blog URL. Because of its comparative novelty, this lawsuit raises some complex and unsettled legal issues. more