Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
A year ago, under the leadership of the Internet Corporation for Assigned Names and Numbers (ICANN), the internet naming community completed the first-ever rollover of the cryptographic key that plays a critical role in securing internet traffic worldwide. The ultimate success of that endeavor was due in large part to outreach efforts by ICANN and Verisign which, when coupled with the tireless efforts of the global internet measurement community, ensured that this significant event did not disrupt internet name resolution functions for billions of end users.
I run a business. For years I've been in the ICANN Business Constituency, holding a series of different positions including Chair. Suffice it to say, I'm absolutely ok with making money and generally speaking, letting markets work. I also care about NGOs. For years our firm worked with PIR on the .NGO project. We got to see up close the role PIR has played as a supporter of NGOs online -- encouraging best practice, helping push out DNSSEC to a global audience, working on DNS abuse issues, supporting the sector.
The announcement of the intended Internet Society (ISOC) sale of the .ORG registry to Ethos Capital has caused a lot of frustration and anger while raising a lot of questions.
It's more than just about the money. It's more than who is behind it. It's about the soul of the DNS and the ICANN community with its multi-stakeholder model. Let's remember that the Public Interest Registry (PIR) was created, with ISOC as its sole legal owner, to provide ISOC with the funds to operate and to run the registry more-or-less as a Social Business.
A recent exchange on CircleID highlighted a critical need for data to inform the debate on the impact of ICANN's post-GDPR WHOIS policy that resulted in the redaction of domain name registrant contact data. A bit of background: in my original post, I made the point that domain name abuse had increased post-GDPR. A reader who works with a registrar (according to his bio) commented: "Can you back up that statement with data? Our abuse desk has actually seen a reduction in abuse complaints."
Last Thursday, during VeriSign's Q3 2019 quarterly earnings call, CEO Jim Bidzos offered statements that seemed to be carefully calibrated to satisfy Wall Street's curiosity about protracted negotiations with ICANN on a Third Amendment to the .com Registry Agreement while also appearing to distance the company from the soon-to-be forthcoming product of that year-long effort.
We've seen alarmingly BIG increases in multiple abusive behaviors – like phishing, hacking and malware – that often leverage the domain name system (DNS) and privacy/proxy services. Cybercriminals capitalize on gaps in DNS security measures, and ICANN is holding the door open for them by failing to implement their privacy/proxy policy. If you are ever targeted, you are not alone.
Domain names that can be rapidly acquired, used in an attack, and abandoned before they can be traced are a critical resource for cybercriminals. Some attacks, including spam and ransomware campaigns and criminal infrastructure operation (e.g., "botnets"), benefit particularly from the ability to rapidly and cheaply acquire very large numbers of domain names – a tactic known as bulk registration.
Dear colleagues and friends, it is very, very difficult to write these words. The loss of a young person is always a tragedy. The untimely loss of a friend is even worse and is always a very difficult time. The loss of a fellow Internet pioneer is like losing a brother. Tarek Kamel was a great friend of the Internet Society–Bulgaria. I remember him giving an interview for the Bulgarian public television in Yokohama during the INET 2000 meeting...
There's a well-documented crisis facing the domain name system: very few who rely on domain name registration data from the Whois database to perform vital functions can do so any longer, which is escalating consumer harm and abuse on the internet worldwide. And the problems, thanks to ICANN's overly restrictive policy post-GDPR and a failing policy process, are piling up.
The ICANN Security and Stability Advisory Committee (SSAC) and the Internet Society Deploy360 Programme are planning a DNSSEC and Security Workshop on Wednesday, 06 November 2019, during the ICANN66 meeting held from 02-07 November 2019 in Montreal, Canada. The original DNSSEC Workshop has been a part of ICANN meetings for many years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments.
A World-Renowned Source for Internet Developments. Serving Since 2002.