Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
How do you keep track of what new generic top-level domains (newgTLDs) are now available? Particularly when there seem to be new ones being announced weekly? Because I've written about newgTLDs here previously, someone recently asked me those questions... Now, these are the newgTLDs that have been delegated by ICANN, meaning that they now appear in the "root zone" of DNS. This does NOT mean that you can go right now and register a domain underneath one of these new TLDs. more
January 2014. The first registry contracts have been signed. The first Sunrise priority registration periods have been opened. The new gTLD program is well on the way. So maybe now, at last, we can start to find out the real costs of opening up the Internet root? And how much revenue doing so has brought ICANN! Short answer: ICANN has taken in USD 344.958 million from the first round of new gTLD applications. The figure comes from the first of ICANN's quarterly financial statements, covering the three months up until September 30th. more
Most people, even seasoned IT professionals, don't give DNS (the Domain Name System) the attention it deserves. As TCP/IP has become the dominant networking protocol, so has the use of DNS... Due to the reliability built into the fundamental RFC-based design of DNS, most IT professionals don't spend much time worrying about it. This can be a huge mistake! more
COICA (Combating Online Infringement and Counterfeits Act) is a legislative bill introduced in the United States Senate during 2010 that has been the topic of considerable debate. After my name was mentioned during some testimony before a Senate committee last year I dug into the details and I am alarmed. I wrote recently about interactions between DNS blocking and Secure DNS and in this article I will expand on the reasons why COICA as proposed last year should not be pursued further in any similar form. more
Much has been said about how Google uses the services they provide, including their mail service, their office productivity tools, file storage and similar services, as a means of gathering an accurate profile of each individual user of their services. The company has made a very successful business out of measuring users, and selling those metrics to advertisers. But can we measure Google as they undertake this activity? How many users avail themselves of their services? Perhaps that's a little ambitious at this stage, so maybe a slightly smaller scale may be better. Let's just look at one Google service. more
Doug Madory from Renesys reports: "In response to recent NSA spying allegations, Brazil is pressing ahead with a new law to require Internet companies like Google to store data about Brazilian users inside Brazil, where it will be subject to local privacy laws. The proposed legislation could be signed into law as early as the end of this week. However, Google's DNS service started leaving the country on September 12th, the day President Rousseff announced her intention to require local storage of user data." more
Hot on the heels of other ICANN Internationalized Domain Name (IDN) Top-Level Domain (TLD) launch errors, we now have another example of ICANN's failure to comprehend the differences between IDN and ASCII names, this time to the detriment of potential IDN registrants and the new IDN generic TLD (gTLD) Registries. This gaff really makes you wonder whether the SSAC and Multilinguism departments at ICANN have ever met. more
It was never obvious at the outset of this grand Internet experiment that the one aspect of the network's infrastructure that would truly prove to be the most fascinating, intriguing, painful, lucrative and just plain confusing, would be the Internet's Domain Name System. After all, it all seemed so simple to start with: network applications rendezvous with their counterparts using protocol-level addresses, but we users prefer to use "natural" identifiers that act as aliases for these addresses. more
This post follows an earlier post about DNS amplification attacks being observed around the world. DNS Amplification Attacks are occurring regularly and even though they aren't generating headlines targets have to deal with floods of traffic and ISP infrastructure is needlessly stressed -- load balancers fail, network links get saturated, and servers get overloaded. And far more intense attacks can be launched at any time. more
One of the most prominent denial of service attacks in recent months was one that occurred in March 2013 between Cloudflare and Spamhaus... How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time of the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack? more
When the domain name system (DNS) was first designed, security was an afterthought. Threats simply weren't a consideration at a time when merely carrying out a function - routing Internet users to websites - was the core objective. As the weaknesses of the protocol became evident, engineers began to apply a patchwork of fixes. After several decades, it is now apparent that this reactive approach to DNS security has caused some unintended consequences and challenges. more
ICANN continues to flail, pointlessly. The latest in a series of missteps that could easily have been avoided is its recommendations on what to do about a report on the potential for confusion and misaddressing when someone's internal network names match the name for a new gTLD, and they have misconfigured their routers and/or DNS to the extent that someone typing in a new gTLD name might end up in the middle of someone else's network. more
With all the focus in the TLD world on the imminent arrival of more than a thousand new TLDs and the still unfinished discussions within ICANN on what policy framework those TLDs will need to follow, it is often forgotten that there are hundreds of other TLD policy frameworks that are mature, stable and well tested. These of course are the ccTLD policy frameworks that have been actively developed over 20 years. more
Today's Internet is wonderful for solving hard problems such as connecting to Amazon to buy goods or for using Netflix. Amazon and Netflix, among others, demonstrate what is possible if you put in enough effort. Yet if we are to understand the Internet we need to look beyond those applications to the simplest application such as sending one bit of information from a light switch to a light fixture. more
Well more than a year ago, ICANN's Security and Stability Advisory Committee published SSAC 053, its paper on single-label domain names - now referred to in the community as "dotless" domains - advising against their use. In a robust comment period, the community weighed in on the utility and safety of dotless domains, with some in favor and some opposed. To address the matter, ICANN has commissioned further study of the issue with an eye toward resolving the issue for new gTLD applicants. more
A World-Renowned Source for Internet Developments. Serving Since 2002.