Domain Names

Sponsored
by

Domain Names / Recently Commented

Reporting To God

"GOD, at least in the West, is often represented as a man with a flowing beard and sandals. Users of the Internet might be forgiven for feeling that nature is imitating art — for if the Net does have a god he is probably Jon Postel" (The Economist, Feb. 1997) David W. Maher, Senior Vice President, Law and Policy of Public Interest Registry (PIR) offers his reminiscence of the early days of the Internet and attempts made to restructure the Domain Name System — an article he has entitled 'Reporting to God'. more

Time to Act as Apple Sets Wheels in Motion for Shorter Certificate Life Cycles

You may have read our previous blog about the pending reduction of digital certificate life cycles to just 90 days. This past weekend, the issue gained momentum at the Certification Authority Browser Forum when more detail was discussed following the proposed ballot to set a timeline for shorter lifetime certificates by Apple. This creates real urgency for organizations of all sizes to seriously consider and implement automation into their certificate life cycle management. more

India Launches ‘.bank.in’ and ‘.fin.in’ Domains to Deter Financial Fraud

In a bid to bolster cybersecurity in India's financial sector, the Reserve Bank of India (RBI) has announced exclusive internet domains -- 'bank.in' for registered banks and 'fin.in' for non-banking financial entities. RBI Governor Sanjay Malhotra revealed that registrations for 'bank.in' will commence in April 2025, followed by 'fin.in', with the initiative aimed at reducing phishing attempts and fortifying digital banking trust. more

Response to usTLD Registry Management and Maintenance RFI

On January 17th in the closing days of the Biden Administration, NTIA issued the following Response for Information in connection with the .us ccTLD. While responses to the RFI will be held in confidence by NTIA per the RFI, some organizations such as M3AAWG made their response public. In the spirit of openness and transparency, Rick Lane and I are sharing our response on this important topic. more

Beyond WHOIS: Towards a New Framework of Internet Domain Registration Data Disclosure

The collection and disclosure of DNS registration data have evolved chaotically, influenced by GDPR and other privacy laws. The system, while improving privacy, has enabled bad actors and raised costs for registrars and registries. Join experts at this event as they explore Project Jake's framework for balancing privacy with legitimate data needs, emphasizing policy clarity, efficiency, and adaptability. more

Exploring the Impact of WHOIS Data Redaction on Unsolicited Emails

In the digital age, personal data protection has become paramount, with regulations like the General Data Protection Regulation (GDPR) shaping global practices. One area significantly affected is the public availability of WHOIS data, a critical resource in the domain name system. WHOIS traditionally provided detailed contact information for domain registrants, but privacy measures have redacted much of this data in recent years. more

Is Verisign a Monopoly? Does It Matter?

Senator Elizabeth Warren and Rep. Jerry Nadler recently wrote a letter complaining that VeriSign overcharges for .com domains due to its market power. They sent it to the Department of Justice and the National Telecommunications and Information Administration (NTIA). While you can make a reasonable case that the claim is true, two more interesting questions are "Why now?" and "Why bother?" more

Attacking DNS Abuse: The Next Amendments Needed

Abusive behavior that leverages the domain name system (DNS) continues to be a problem, with a reach that has been widely and credibly documented. There is little doubt that bad actors continue to use the DNS for nefarious and costly purposes. While the amendments made in 2024 to ICANN's Registry Agreement (RA) and Registrar Accreditation Agreement (RAA) were a step in the right direction, more advanced tools are needed to bring abuse rates down. more

NIS2 Article 28 Guidance: A Positive Step Toward Reducing DNS Abuse Across Europe

The European Union (EU) has set a high bar by tackling domain name system (DNS) abuse head on via government regulation and seems to have successfully resisted attempts to water down DNS stewardship obligations. Recent guidance from a key European Commission cooperation group (the NIS Cooperation Group) handling sections of the Network and Information Security Directive (NIS2) intends for a robust implementation of Article 28, which will go a long way toward helping to mitigate some of the longstanding problems that persist in the DNS. more

NIS 2 Directive Set for Implementation with New Guidelines, But Concerns Remain

The NIS Cooperation Group has released critical guidance for the implementation of Article 28 under the NIS 2 Directive, focusing on registration data accuracy obligations for top-level domain (TLD) registries, registrars, and related services in the EU. more

Setting the Record Straight - Myths vs. Facts about .com

Over the past several weeks, there has been significant discussion about Verisign and its management of the .com top-level domain (TLD) registry. Much of this discussion has been distorted by factual inaccuracies, a misunderstanding of core technical concepts, and misinterpretations regarding pricing, competition, and market dynamics in the domain name industry. more

Harmonizing WHOIS With NIS2 Article 28 - the Rubber Is About to Meet the Road

ICANN must act now to harmonize its domain name registration data (commonly known as WHOIS) policies with Article 28 of the European Union's Network and Information Security (NIS2) directive, first to adhere to applicable laws as it fulfills its oversight responsibilities and, second, to keep its word to the community to preserve WHOIS to the fullest extent possible under law. more

Alternative Insights on Article 28 of the NIS2 Directive

On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states. more

Demystifying Art. 28 NIS2

On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024. more

Announcing the 2024 ICANN Contracted Parties Summit Statement!

As Chairs of ICANN's Registries and Registrar Stakeholder Groups, we are proud to announce that we have initiated a new practice for the Contracted Parties Summits: the publication of our Contracted Parties Summit Statement. As you may (or may not) know, Contracted Parties get together periodically to interact and work together on issues that we care about, and which impact our businesses as registries and registrars. more