Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Domain Names |
Sponsored by |
|
UDRP Paragraph 4(c) states as a preamble that "[a]ny of the following circumstances, in particular, but without limitation, if found by the Panel to be proved based on its evaluation of all evidence presented, shall demonstrate your rights or legitimate interest to the domain name for purposes of Paragraph 4(a)(ii)." Three nonexclusive circumstances are listed. more
In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I'll turn attention to another application that may appear at first to be the most natural, though as it turns out, may not always be the most necessary: DNS encryption. (I've also written about DNS encryption as well as minimization in a separate post on DNS information protection.) more
Would you be interested in helping guide the future of the Public Interest Registry (PIR), the non-profit operator of the .ORG, .NGO and .ONG domains? Or do you know of someone who would be a good candidate? If so, the Internet Society is seeking nominations for four positions on the PIR Board of Directors. The nomination deadline is Monday, February 16, 2021, at 18:00 UTC. more
One of the "key" questions cryptographers have been asking for the past decade or more is what to do about the potential future development of a large-scale quantum computer. If theory holds, a quantum computer could break established public-key algorithms including RSA and elliptic curve cryptography (ECC), building on Peter Shor's groundbreaking result from 1994. more
A name collision occurs when a user attempts to resolve a domain in one namespace, but it unexpectedly resolves in a different namespace. Name collision issues in the public global Domain Name System (DNS) cause billions of unnecessary and potentially unsafe DNS queries every day. A targeted outreach program that Verisign started in March 2020 has remediated one billion queries per day to the A and J root name servers, via 46 collision strings. more
In my last post, I looked at what happens when a DNS query renders a "negative" response -- i.e., when a domain name doesn't exist. I then examined two cryptographic approaches to handling negative responses: NSEC and NSEC3. In this post, I will examine a third approach, NSEC5, and a related concept that protects client information, tokenized queries. The concepts I discuss below are topics we've studied in our long-term research program as we evaluate new technologies. more
I recently shared at a conference how a seasoned brand and fraud expert from one of the world's largest global financial institutions lamented a major attack where multiple fraudulent websites would pop up every single day. All attacks were launched from the same registrar and web hosting company, and no matter how much they reached out to these providers, they received the same reply: "we will pass on your request to the registrant or site owner," and then nothing happened. more
In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned. more
As one of the earliest protocols in the internet, the DNS emerged in an era in which today's global network was still an experiment. Security was not a primary consideration then, and the design of the DNS, like other parts of the internet of the day, did not have cryptography built in. Today, cryptography is part of almost every protocol, including the DNS. And from a cryptographer's perspective, as I described in my talk at last year's International Cryptographic Module Conference (ICMC20), there's so much more to the story than just encryption. more
For complainant, the second leg in determining cybersquatting under the Uniform Domain Name Dispute Resolution Policy (UDRP) is evidence respondent lacks both rights and legitimate interests in the challenged domain name (Paragraph 4(a)(ii)). I underscore "both" because proving one but not the other is not good enough. This seems obvious, so why suggest there is something to explore about "rights" and "legitimate interests" if their meanings hardly need explication? more
2020 - a year like no other. The impact of COVID on the domain name industry was felt far and wide as ICANN meetings were held virtually, travel was cancelled, TLD launches were delayed, the topic of domain name abuse was front and center, and we all tried to navigate a "new" normal. Unlike many sectors, the domain name industry was fortunate and, in many ways, survived 2020 unscathed. Much of our industry was able to continue working from home after an initial period of adjustment. more
Donuts stated today that it has completed the acquisition of Afilias announced on November 19. Donuts' CEO Akram Atallah says the company is now ready to begin the integration plan promising minimal disruptions to customers. more
The Government of Niue, a small island 2,400 kilometers northeast of New Zealand, launched proceedings today demanding a "redelegation" of its country code top-level domain, .nu, from the Internet Corporation for Assigned Names and Numbers (ICANN). more
Over the past several years, questions about how to protect information exchanged in the DNS have come to the forefront. One of these questions was posed first to DNS resolver operators in the middle of the last decade, and is now being brought to authoritative name server operators: "to encrypt or not to encrypt?" It's a question that Verisign has been considering for some time as part of our commitment to security, stability and resiliency of our DNS operations and the surrounding DNS ecosystem. more
The WIPO Arbitration and Mediation Center on Monday announced it had registered its 50,000th "cybersquatting" case. The 50,000th case just received by WIPO coincides with the organization's 20th anniversary on November 20, 2020. more
A World-Renowned Source for Internet Developments. Serving Since 2002.