As the implementation of DNSSEC continues to gather momentum and with a number of ccTLDs, and the '.org' gTLD having deployed it into their production systems, I think it is worth pausing to take a look at the entire DNSSEC situation. Whilst it is absolutely clear that DNSSEC is a significant step forward in terms of securing the DNS, it is but one link in the security chain and is therefore not, in itself, a comprehensive solution to fully securing the DNS system.
For a brief moment earlier this week, I thought my days spent dreaming of hover-boards, flying cars and Biff's elusive Sports Almanac were finally over. From reports circulating online, we had finally reached "Back to the Future Day". Those movie buffs out there will know exactly what I'm referring to... But it got me thinking. What would the Domain Name world look like if that crazy cat Doc Brown swung past in his DeLorean, with a fully-charged flux capacitor and a return ticket to October 21st 2015?
Last week ICANN took another very significant step forward in the expansion of the internet by approving the delegation of a number of Chinese script IDN ccTLDs. Although we have all heard statements that portray the introduction of IDN ccTLDs as being perhaps the single most important factor in the achievement of ICANN's "One World, One Internet" vision, we should take a moment to appreciate the true significance of this latest round of IDN ccTLD approvals.
We seem to hear quite a bit from ICM about their .xxx TLD proposal. People who might be interested in the view from the porn community might be interested in Violet Blue's article on the proposal. As you might expect, she is against and sees no real support from the porn world. She does not consider 153K defensive domain registrations as proof of demand.
ICANN's Generic Names Supporting Organisation (GNSO) has formed a working group to consider changes to the domain transfer process to enhance security and reduce hijacking. The working group consists of registrars, aftermarket players, domainers and other members of the ICANN Community. The group published its preliminary recommendations at the ICANN meeting in Brussels two weeks ago and the 20-day comment period has just begun.
ICANN's 38th get-together, in Brussels, may become known as the meeting where the dust finally began to settle. Long-standing issues were settled, compromises were reached, no-one complained too much about the latest version of the Applicant Guidebook, and the Board stood by its project plan dates, even scheduling a Board retreat to solve remaining issues. Finally, there were no surprise "gotcha!" delays that generic Top-Level Domain (gTLD) applicants have been used to seeing at ICANN meeting. With one possible exception...
The key to fixing any part of the Internet infrastructure is to understand the business cases for the parties whose behavior you want to influence and design the technology accordingly. People who follow this approach (Sir Tim Berners-Lee and the World Wide Web) have a chance of succeeding. People who ignore it (DNSSEC, IPv6) will fail. The root problem here is that the ICANN DNS does not differentiate between the parts of the Internet that are accountable and those that are not.
ICANN is the only institution with responsibility for the functioning of DNS. And so it is natural that when there is a DNS problem for people to expect ICANN to come up with the solution. But having the responsibility to act is not the same as having the ability. Like the IETF, ICANN appears to have been designed with the objective of achieving institutional paralysis. And this is not surprising since the first law of the Internet is 'You are so not in charge (for all values of you).
We have just returned from the Brussels, Belgium ICANN meeting where we released our Registrar audit, the Internet "Doomsday Book." There are many topics covered in the report, but we wanted to follow up specifically on the issue of WHOIS access and add data to our previous column Who Is Blocking WHOIS? which covered Registrar denial of their contracted obligation to support Port 43 WHOIS access.
At Friday's meeting of the ICANN board in Brussels, they voted, probably for the last time, to approve the 2004 application for the .XXX domain. Purely on the merits, there is of course no need for a top level domain for porn. This isn't about the merits, this is about whether ICANN follows its own rules. Despite overheated press reports, .XXX will not make porn any more available online than it already is (how could it?), there is no chance of all porn being forced into .XXX (that's a non-starter under US law), and .XXX will have no effect on the net other than perhaps being a place to put legal but socially marginal porn far away from any accidental visitors.