Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
It's late in the new gTLD day and the program looks to be inching ever closer to the finish line. Yet last minute hiccups seem to be a recurring theme for this ambitious project to expand the Internet namespace far beyond the 300 odd active TLDs in existence today (counting generics and country codes). A drive for growth which is already underway, with 63 gTLD contracts now signed as of mid September... But will those users find themselves at greater risk because of this namespace expansion? That's what several parties have been asking in recent months. more
The following is a report by Susan Crawford at the ICANN meeting in Cape Town where a workshop was held yesterday for increasing awareness and understanding of United Nation's World Summit on the Information Society (WSIS) and issues that directly impact ICANN. "WSIS" is defined as a process in which governments intend to address a broad range of international legal, regulatory, economic, and policy issues related to the Internet. Some governments have proposed that an intergovernmental organization be responsible for "Internet governance," a phrase that remains undefined and some consider to include and/or mean the administration and coordination of the domain name system (DNS). more
I'm interested in CircleID community's take on NeuStar's recent announcement of Cache Defender. While only effective for domains the company is authoritative for, that does cover a large number of big Internet brands and financial institutions. Why wouldn't an ISP deploy this now, while waiting for all the myriad issues involved in DNSSEC to be resolved? more
As facts unfold, and the NTIA's decision to take away our privacy comes to light, it is interesting to see the NTIA struggling to explain its decision. Keep in mind that an "as yet to be identified" bureaucrat made this decision to take away your privacy, did it without notice, and without holding hearings. Those affected were not given an opportunity to explain how the loss of privacy would negatively affect them. Quite simply, this is NOT how our government is supposed to work. We should be outraged... more
New Zealand's .nz operator, InternetNZ, on Wednesday disclosed a vulnerability against authoritative DNS servers. The vulnerability called TsuNAME was first detected in February 2020 in the .nz registry and found that it could be exploited to carry out Denial-of-Service (DoS) attacks across the world. more
Last month, I wrote to describe the state of registration restrictions in .BIZ, .US, and .NAME. I noted trends among nonconforming registrations in these TLDs, and I suggested that certain automated enforcement systems might serve to improve compliance. But an important larger question remained unanswered: Why care about registration restrictions in the first place? Much as registries might like to ignore the restrictions, I submit that the Internet community nonetheless ought to hold them to their contracts.
more
Seems that DNSSEC is being subjected to what an old boss of mine used to call the "fatal flaw seeking missiles" which try to explain the technical reasons that DNSSEC is not being implemented. First it was zone walking, then the complexity of Proof of Non-Existence (PNE), next week ... one shudders to think. While there is still some modest technical work outstanding on DNSSEC, NSEC3 and the mechanics of key rollover being examples, that work, of itself, does not explain the stunning lack of implementation or aggressive planning being undertaken within the DNS community. more
I've been writing about the intrinsic problem with the use of the DNS as both a technical mechanism and as a source of unambiguous meaning and authority. The problems are much worse than most of the posters seem to note. The current approach assures that the Internet will unravel and worse, that URLs become perversely reused. The commercial terms of service associated with the use of ".com" names exacerbates the problem by imposing arbitrary social policies into the plumbing of the Internet. more
I have previously pointed out the shortcomings of good and user friendly support for DNSSEC in Microsoft's Server 2008 R2. During the period just after I wrote the post, I had a dialogue with Microsoft, but during the last months there has been no word at all. The reason I bring this up again is that more and more Top Level Domains (TLDs) now enable DNSSEC and also the fact that within six months the root will be signed. more
The Board of Directors of the Internet Corporation for Assigned Names and Numbers (ICANN) has determined that the proposal for a new top level domain submitted by ICM Registry, Inc. has met the criteria established by ICANN. Accordingly, ICM Registry will now move forward into technical and commercial contractual negotiations with ICANN to generate a voluntary .xxx top-level domain (TLD). more
Over the past 30 years the Domain Name System has become an integral part of the operation of the Internet. Due to its ubiquity and good performance, many new applications over the years have used the DNS to publish information. But as the DNS and its applications have grown farther from its original use in publishing information about Internet hosts, questions have arisen about what applications are appropriate for publication in the DNS, and how one should design an application to work well with the DNS. more
A company called PW Registry Corporation makes the following announcement regarding the .PW ccTLD originally designated for the country of Palau: "The PW Registry Corporation announced today plans for the activation of the PW top- level domain (TLD), the Internet's first and only domain extension devoted to "Communities of Shared Interests". Unlike other domain extensions, such as .com, .biz, and .info, PW is aimed at providing individuals and consumer/affinity organizations a highly-personalized, permanent and portable e-mail address and a managed platform for community and social networking." more
The DNS is a crucial part of today's Internet. With the fracturing of the network's address space as a byproduct of IPv4 address run down and the protracted IPv6 transition the Internet's name space is now the defining attribute of the Internet that makes it one network. However, the DNS is not a rigid and unchanging technology. It has changed considerably over the lifetime of the Internet and here I'd like to look at what's changed and what's remained the same. more
In this newly released paper Randal Vaughn and Gadi Evron discuss the threat of Distributed Denial of Service (DDoS) attacks using recursive DNS name servers open to the world. The study is based on case studies of several attacked ISPs reported to have on a volume of 2.8Gbps. One reported event indicated attacks reaching as high as 10Gbps and used as many as 140,000 exploited name servers. more
A third lawsuit has been filed late Friday in a federal district court in California against VeriSign, Inc. over its controversial DNS wildcard redirection service known as SiteFinder. It was filed by the longtime Internet litigator Ira Rothken. In addition, while two other lawsuits have been filed by Go Daddy Software, Inc. and Popular Enterprises, LLC. in Arizona and Florida, this is the first lawsuit to seek class-action status. Here is an excerpt from the "Introduction" section of this class-action lawsuit... more
A World-Renowned Source for Internet Developments. Serving Since 2002.