Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
The front page story of the September 13 2011 issue of the International Herald Tribune said it all: "Iranian activists feel the chill as hacker taps into e-mails." The news story relates how a hacker has "sneaked into the computer systems of a security firm on the outskirts of Amsterdam" and then "created credentials that could allow someone to spy on Internet connections that appeared to be secure." According to this news report this incident punched a hole in an online security mechanism that is trusted by hundreds of millions of Internet users all over the network. more
The leaked release of the European Commission's working papers on the future of Top Level Domains highlights the impending collision between adherents of the present "multistakeholder" ICANN governance model, and an ever longer list of national governments who challenge that model. At the core of the controversy is the question of how ICANN can claim legitimacy in the DNS world when none of its Directors or Officers are elected. Even worse, its only answer, when challenged legally, is that it is responsive to its contract with an agency of the U.S. Government... more
The Domain Name System Security Extensions (DNSSEC) is a suite of IETF-developed specifications designed to validate information provided by the Domain Name System (DNS). ... When the root zone was signed in June 2010, this acted as a catalyst for TLD operators to deploy DNSSEC on their side. We have seen a gradual but significant increase in signed TLDs since then. The map in this post shows the level of DNSSEC deployment in Europe. more
As is well known to most CircleID readers - but importantly, not to most other Internet users - in March 2011, ICANN knowingly and purposefully embraced an unprecedented policy that will encourage filtering, blocking, and/or redirecting entire virtual neighborhoods, i.e., "top-level domains" (TLDs). Specifically, ICANN approved the creation of the ".XXX" suffix, intended for pornography websites. Although the owner of the new .XXX TLD deems a designated virtual enclave for morally controversial material to be socially beneficial for the Internet, this claim obfuscates the dangers such a policy creates under the hood. more
At the time of this writing DNSSEC mostly does not work. This is not a bad thing - in fact it's expected... There is a significant last-mover advantage DNSSEC deployment (or IPv6 deployment) and that can't be helped. It's all in a good cause though - everybody knows we need this stuff and some farsighted contributors put a lot of money and other resources into DNSSEC years or decades ago to ensure that when the time comes the world will have a migration path. Sadly, this leaves current investors and application designers and developers wondering whether there's a market yet. more
When I first wrote about Domain Registry Locking over a year and a half ago, Verisign was the only Registry offering a true Registry Lock Service. Of course, not long after, Neustar announced their Registry Lock Service too. Recently however, a number of ccTLD Registries have also adopted Registry Locking programs... more
I think we are finally getting somewhere: ICANN is no longer fluttering flusteredly whenever a lobbying group sends a nastygram over the transom. Case in point: a Association of National Advertisers (ANA) that arrived a few days ago, full of bombast and muscle-flexing, demanding that ICANN immediately stop the new gTLD program until a long list of demands from the ANA were met, or else the ANA would be forced to take some Very Scary Actions... more
For me, one of the more interesting sessions at the recent IETF 81 meeting in July was the first meeting of the recently established Homenet Working Group. What's so interesting about networking the home? Well, if you regard challenges as "interesting", then just about everything is interesting when you look at networking in the home! more
When ICANN approved the New generic Top-Level Domain (gTLD) Program in Singapore in June 2011, it pushed the activities in this space to a new level. I think we will all agree that everyone involved are very busy working on new gTLD applications and getting organized per the Applicant Guidebook requirements. This to be ready in time for the 12th of January 2012 ICANN new TLD Program launch date. However, good activities also brings along bad activities. more
I've written recently about a general purpose method called DNS Response Policy Zones (DNS RPZ) for publishing and consuming DNS reputation data to enable a market between security companies who can do the research necessary to find out where the Internet's bad stuff is and network operators who don't want their users to be victims of that bad stuff... During an extensive walking tour of the US Capitol last week to discuss a technical whitepaper with members of both parties and both houses of the legislature, I was asked several times why the DNS RPZ technology would not work for implementing something like PROTECT-IP. more
There's been a fair amount of controversy of late about ICANN's decision to dramatically increase the number of top-level domains. With a bit of effort, though and with little disruption to the infrastructure -- we could abolish the issue entirely. Any string whatsoever could be used, and it would all Just Work. That is, it would Just Work in a narrow technical sense; it would hurt innovation and it would likely have serious economic failure modes. more
In our last instalments we discussed the various ways to encode non-ASCII character sets, of which UTF-8 is the winner, and some complex approaches that tried to make UTF-8 mail backward compatible with ASCII mail. After years of experiments, the perhaps surprising consensus is that if you're going to do international mail, you just do it. more
On June 20th, the ICANN board voted to move ahead with the new generic Top-Level Domains (gTLDs) program, intended to add hundreds, if not thousands of new names to the DNS root. Now what? Not even the most enthusiastic ICANN supporters think that any new TLDs will be added before the end of 2012, but there are other things going on that greatly complicate the outlook. more
After more than six years of consultation and negotiation regarding the New Top-Level Domain Program, the ICANN Board this week approved the program to the pleasure of many within the Internet community. For this, we say thank you to ICANN on a job well done! The New Top-Level Domain (TLD) Program has been controversial at times and has fuelled many passionate debates within the Internet community. more
The Board of ICANN today gave final approval to the most dramatic change to the Internet in four decades -- allowing the expansion of new Top-Level Domains (TLDs). This monumental decision will allow companies and organizations to turn their own brands into Internet domain extensions (that is .brand) or to create broad generic strings such as .CAR, .SPORTS or .BANK. ICANN's TLD expansion plan was first announced three years ago on June 26, 2008 at the 32nd ICANN Meeting in Paris. more
A World-Renowned Source for Internet Developments. Serving Since 2002.