Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
As the ICANN's 40th international meetings start off in San Francisco, Kieren McCarthy, General Manager (US) of the Global Internet Business Coalition (GIBC), and founder of the .NXT conference, has released a guide for the most important topics (listed below) with some added commentary, background and links to relevant resources.
A group led by former Pirate Bay co-founder Peter Sunde is forming to develop a peer-to-peer-based alternative to today's ICANN-controlled DNS system, according to a blog posted on Tuesday. A tweet on Sunde's account dated Nov 28 said: "Alternative dns root is step 1. Step 2 is the new DNS system that is in the making. It's not advanced, it's p2p and more secure." The tweet has generated a fair amount of interest according to Sunde who has written a follow up post on a blog called "P2P DNS".
Earl Zmijewski reporting in Renesys Blog: "There's been sudden interest recently in a Chinese route hijacking incident that occurred way back in April, brought about by a new report to the US Congress that highlighted the event. A second Chinese event, also in the report, has received almost no attention despite being much more interesting (technically, anyway). A Chinese DNS censorship incident occurred just one month earlier, in March..."
.ORG, The Public Interest Registry (PIR) has announced today the launch of a new campaign aimed at educating IT professionals about securing DNS and the adoption of Domain Name System Security Extensions (DNSSEC). The key purpose of the "Practice Safe DNS" website, according to PIR, is to "serve as a key resource for domain holders, registrars, web developers and IT professionals to learn how they can respectively play a increasingly relevant role in providing a safer and more secure Internet."
The one-page link shortening service provider, vb.ly, has been seized with no apparent warning by the Libyan government which manages the ".ly" county code Top-Level Domain (ccTLD). According to reports, Nic.ly, the registry operator of the ccTLD in Libya informed the user of the domain that the content of its website was considered offensive, obscene and illegal by the Libyan Islamic Sharia Law and therefore revoked.
Majority of U.S. Federal agencies using .gov domains have not signed their DNS with DNSSEC (Domain Name Security Extensions) despite a December 2009 Federal deadline for adoption, according to the latest report by IID (Internet Identity). IID analyzed the DNS of more than 2,900 .gov domains and has released the results in its "Q3 State of DNS Report".
A report, released today by McAfee, Inc., titled "Security Takes the Offensive," says that traditionally, security technology companies and computer users have taken a defensive posture, putting the cyber equivalent of body armor on computers, networks and in the cloud. The report's authors say it is now time to avoid enemy strikes altogether by taking a more aggressive stance, aligning forces and involving law enforcement.
Andrew McLaughlin reporting in the White House website: "Last week marked a significant advance in the security of the Internet. After years of intensive design, testing, and implementation work, the Internet's domain name system now has a new security upgrade that allows Internet service providers and end users alike to protect against an important online vulnerability: the clandestine redirecting of online communications to unwanted destinations."
ICANN video highlighting last week's historical DNSSEC key signing ceremony held in a high security data centre located in Culpeper, VA, outside of Washington, DC. "During the ceremony, participants were present within a secure facility and witnessed the preparations required to ensure that the so-called key-signing-key (KSK) was not only generated correctly, but that almost every aspect of the equipment, software and procedures associated with its generation were also verified to be correct and trustworthy."
J.D. Falk writes: Last week, MAAWG quietly published a new document titled "Overview of DNS Security - Port 53 Protection." [PDF] The paper discusses cache poisoning and other attacks on the local DNS, including likely effects of such a compromise and what access providers may be able to do to prevent it.
Millions of websites under Germany's top-level domains, .de, went offline on Wednesday due to a technical error according to various sources. While the exact cause of the outage is still unknown, the problem is reported to have originated from DENIC, the central registry for the .de top-level domain.
Announced in a blog post today, ICANN's Manager of Root Zone Services, Kim Davies, reports: "Today the first three production non-Latin top-level domains were placed in the DNS root zone. ... The three new top-level domains are ????????. (“Al-Saudiah”), ??????. ( “Emarat”) and ???. (“Misr”). All three are Arabic script domains, and will enable domain names written fully right-to-left. Expect more as we continue to process other applications using the “fast track” methodology."
ICANN has given Jordan preliminary approval for its IDN (Internationalized Domain Name) ccTLD. "At this time ICANN has received a total of 21 requests for IDN ccTLD(s) through the String Evaluation process, representing 11 languages. A total of 13 requests have successfully passed through the String Evaluation and are hence ready for the requesting country or territory to initiate the application for String Delegation."
A proposal to extend the DNS protocol has been submitted by Google and other DNS and content providers such as Neustar/UltraDNS. Wilmer van der Gaast and Carlo Contavalli on behalf of the Google Public DNS team said: "Our proposed DNS protocol extension lets recursive DNS resolvers include part of your IP address in the request sent to authoritative nameservers. Only the first three octets, or top 24 bits, are sent providing enough information to the authoritative nameserver to determine your network location, without affecting your privacy." The proposal aims to ultimately help send users to nearby servers in order to improves speed, latency, and network utilization.
The deployment of Domain Name System Security Extensions (DNSSEC) for the root zone got an official start today with its public signing for the first time. DNSSEC for the root zone is a joint effort between ICANN and VeriSign, with support from the U.S. Department of Commerce to improve security of the Internet's naming infrastructure. Kim Davies, ICANN's Manager of Root Zone Services, says: "What happened today was the deliberately un-validatable root zone started being published on l.root-servers.net. It is anticipated this will be rolled out across the other root servers over the coming months. This phase is designed to identify any issues with the larger DNS response sizes associated with DNSSEC data."
A World-Renowned Source for Internet Developments. Serving Since 2002.