Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
My book, "The Current State of Domain Name Regulation: Domain Names as Second Class Citizens in a Mark-dominated World" is now available by Routledge. The following is an overview of the book. more
Patent practitioners are familiar with the long-honored practice of engaging in standards-setting activities with the aim of having the standard ultimately require the use of one's proprietary technology. This practice is no longer limited to patents, but has become the game the whole family can play. While most standards-setting organizations have caught on, and have implemented IP disclosure policies, ICANN has not done so... As some are aware, the question of making single-character domain names available has been a perennial topic of discussion within ICANN, championed by a few who have quietly been engaged in some interesting advocacy within the USPTO along a parallel track. more
In Ripley Scott's classic 1982 science fiction film Blade Runner, replicant Roy Batty (portrayed by Rutger Hauer) delivers this soliloquy... "I've...seen things you people wouldn't believe... Attack ships on fire off the shoulder of Orion. I watched C-beams glitter in the dark near the Tannhäuser Gate. All those... moments... will be lost in time, like (cough) tears... in... rain. Time... to die." more
Jointly published by the Internet Infrastructure Coalition (i2C) and the Messaging, Malware and Mobile Anti-Abuse Working Group, the new document outlines proven activities that can help Web hosting services improve their operations and better protect end-users. more
The secondary domain market has gone from one extreme to another. First, huge sums were paid for some domains, raising the expectations of domain sellers. Now, however, in many cases the corporate sector expects to pick up a domain for next to nothing in comparison with the domain's immediate sales and long-term investment potential. In my opinion, both situations are unrealistic. more
The recent ICANN meeting in Vancouver touched upon many issues important to ordinary Internet users: privacy in domain name registration; the cost and terms of .com domain names; internationalized domains; introduction of new domain suffixes. But there were few "ordinary Internet users" at the meeting. Few people can roam the globe to keep up with ICANN's travels, and not many more participate in online forums. more
OARC held a 2-day meeting in February, with presentations on various DNS topics. Here are some observations I picked up from the presentations in that meeting... In a world where every DNS name is DNSSEC-signed, and every DNS client validates all received DNS responses, we wouldn't necessarily have the problem of DNS spoofing. Even if we concede that universal use of DNSSEC is a long time off ... more
I want to call your attention to another court decision that upholds the right of a consumer to create a non-commercial web site criticizing a company, using the company's name as the domain name. Lucas Nursery and Landscaping v. Grosse, 2004 WL 403213 (6th Circuit March 5, 2004). This case involves Lucas Nursery, a landscaping company in the suburbs of Detroit, Michigan, which apparently botched work done for Michelle Gross - or at least that was her opinion. But, when she established a web site to tell her story, Lucas sued her under the Anticybersquatting Consumer Protection Act ("ACPA")... more
Well... Maybe not the world, but the Internet it seems. According to a Pastebin letter, Anonymous announced they will black-out Internet on 31st of March. They even explained how to do it by attacking the DNS Root Servers on Internet using a reflected amplification attack. If this is successful, the root DNS servers will become unresponsive and cannot handle any other requests... more
How do you keep track of what new generic top-level domains (newgTLDs) are now available? Particularly when there seem to be new ones being announced weekly? Because I've written about newgTLDs here previously, someone recently asked me those questions... Now, these are the newgTLDs that have been delegated by ICANN, meaning that they now appear in the "root zone" of DNS. This does NOT mean that you can go right now and register a domain underneath one of these new TLDs. more
As Ond?ej Surý of CZ.NIC recently pointed out on the dns-operations list, it was 30 years ago this month, in November 1983, that two RFCs that defined what we now call the Domain Name System (DNS), RFC 882 and RFC 883, were published. They make for an interesting read today when you think about how far we've come in those 30 years -- and now how absolutely critical DNS is as part of the Internet's infrastructure. more
In a recent decision, a World Intellectual Property Organization (WIPO) domain name arbitration panel dismissed a complaint filed by the Mexican Tourist Board (MTB) against Latin America Telecom (LAT) concerning the domain name "mexico.com." The panel went so far as to find that the complaint was brought in "bad faith" and made a finding of attempted "Reverse Domain Name Hijacking" against the MTB. ...In its complaint, the MTB argued that LAT had registered the domain name in "bad faith" in order to sell it for a profit at a later date. more
Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently. more
On November 4, 2003, VeriSign announced a new "trust enhancing" seal which they built using Macromedia's Flash technology...While there are problems inherent to VeriSign's approach that call into question their understanding of "The Value of Trust," there are ways they could have made this particular implementation less trivially spoofable. The flaws I demonstrate on this page are flaws in the concept and the execution rather than anything inherently flawed in Flash. Overall this kind of graphical "trustmark" is extremely easy to forge just by recreating the artwork. But in this case, you don't even have to do that. The seal can still be called directly off the VeriSign servers, yet it is easily modified, without recreating artwork, and without doing anything untoward with VeriSign's servers! more
How prevalent is cybersquatting and typosquatting? Take a look at www.wipo.com, and then compare it with the World Intellectual Property Organization's web site www.wipo.org. Ironically, the WIPO Arbitration and Mediation Center handles a majority of the UDRP domain dispute arbitrations internationally. The very organization which is invested with the authority by ICANN to resolve cybersquatting and typosquatting disputes internationally under the UDRP is, by all appearances, being squatted. Here are two apparent typosquatters... more
A World-Renowned Source for Internet Developments. Serving Since 2002.