Domain Names |
Sponsored by |
|
Previously, this series tackled the terribly awful Amendment 35 to the NTIA-Verisign cooperative agreement and also made the case that the tainted presumptive renewal currently included in registry agreements is inherently anti-competitive. But renewing legitimacy and integrity of Internet governance requires accurately understanding the unique and significant role retained by the U.S. government following the IANA transition. more
Clarivate has once again surveyed global business leaders about the importance of domain names to their organizations, including the role of domains as intellectual property (IP) assets. The 2020 survey followed up on our 2019 survey, revealing key year-over-year trends in how organizations manage, secure and budget for domain names. In this blog, we review key trends from the new report. more
The first part of this series explained how Amendment 35 to the NTIA-Verisign cooperative agreement is highly offensive to the public interest. But the reasons for saving the Internet are more fundamental to Western interests than a bad deal made under highly questionable circumstances. One of the world's foremost experts on conducting censorship at scale, the Chinese Communist Party's experience with the Great Firewall... more
A few weeks ago, Appdetex published a blog with predictions for 2021, and admittedly, at the date of publication, there were already very clear indications that one prediction was already in flight. In our blog post, we'd said, "With the global domain name system failing to abate abuse, and, in fact, thwarting consumer protection, get ready for a patchwork of local laws targeting attribution and prosecution of bad actors... Get ready for some confusion and turmoil in the world of notice and takedown related to local laws and regulations." more
UDRP Paragraph 4(c) states as a preamble that "[a]ny of the following circumstances, in particular, but without limitation, if found by the Panel to be proved based on its evaluation of all evidence presented, shall demonstrate your rights or legitimate interest to the domain name for purposes of Paragraph 4(a)(ii)." Three nonexclusive circumstances are listed. more
In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I'll turn attention to another application that may appear at first to be the most natural, though as it turns out, may not always be the most necessary: DNS encryption. (I've also written about DNS encryption as well as minimization in a separate post on DNS information protection.) more
Would you be interested in helping guide the future of the Public Interest Registry (PIR), the non-profit operator of the .ORG, .NGO and .ONG domains? Or do you know of someone who would be a good candidate? If so, the Internet Society is seeking nominations for four positions on the PIR Board of Directors. The nomination deadline is Monday, February 16, 2021, at 18:00 UTC. more
One of the "key" questions cryptographers have been asking for the past decade or more is what to do about the potential future development of a large-scale quantum computer. If theory holds, a quantum computer could break established public-key algorithms including RSA and elliptic curve cryptography (ECC), building on Peter Shor's groundbreaking result from 1994. more
A name collision occurs when a user attempts to resolve a domain in one namespace, but it unexpectedly resolves in a different namespace. Name collision issues in the public global Domain Name System (DNS) cause billions of unnecessary and potentially unsafe DNS queries every day. A targeted outreach program that Verisign started in March 2020 has remediated one billion queries per day to the A and J root name servers, via 46 collision strings. more
In my last post, I looked at what happens when a DNS query renders a "negative" response -- i.e., when a domain name doesn't exist. I then examined two cryptographic approaches to handling negative responses: NSEC and NSEC3. In this post, I will examine a third approach, NSEC5, and a related concept that protects client information, tokenized queries. The concepts I discuss below are topics we've studied in our long-term research program as we evaluate new technologies. more
I recently shared at a conference how a seasoned brand and fraud expert from one of the world's largest global financial institutions lamented a major attack where multiple fraudulent websites would pop up every single day. All attacks were launched from the same registrar and web hosting company, and no matter how much they reached out to these providers, they received the same reply: "we will pass on your request to the registrant or site owner," and then nothing happened. more
In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned. more
As one of the earliest protocols in the internet, the DNS emerged in an era in which today's global network was still an experiment. Security was not a primary consideration then, and the design of the DNS, like other parts of the internet of the day, did not have cryptography built in. Today, cryptography is part of almost every protocol, including the DNS. And from a cryptographer's perspective, as I described in my talk at last year's International Cryptographic Module Conference (ICMC20), there's so much more to the story than just encryption. more
For complainant, the second leg in determining cybersquatting under the Uniform Domain Name Dispute Resolution Policy (UDRP) is evidence respondent lacks both rights and legitimate interests in the challenged domain name (Paragraph 4(a)(ii)). I underscore "both" because proving one but not the other is not good enough. This seems obvious, so why suggest there is something to explore about "rights" and "legitimate interests" if their meanings hardly need explication? more
2020 - a year like no other. The impact of COVID on the domain name industry was felt far and wide as ICANN meetings were held virtually, travel was cancelled, TLD launches were delayed, the topic of domain name abuse was front and center, and we all tried to navigate a "new" normal. Unlike many sectors, the domain name industry was fortunate and, in many ways, survived 2020 unscathed. Much of our industry was able to continue working from home after an initial period of adjustment. more