ICANN's recently released report, ICANN's Whois Data Accuracy and Availability Program: Description of Prior Efforts and New Compliance Initiatives [PDF], is a summary of the Whois Data Problem Report System's (WDPRS) reports spanning a one-year period that concluded at the end of Fenruary 2007. In case you're not familiar with the WDPRS, it's system that tracks complaints about inaccurate or incomplete whois entries. Notable facts from the report include: There were 50,189 reports for which ICANN received follow-up responses during the year... more
Verizon filed sued against iREIT and Domain Marketplace a couple of weeks ago in a Texas court, alleging cybersquatting. David Kesmodel's blog broke the story, and I used the PACER system to obtain the court filings, which are posted here. Exhibit 5 makes fascinating reading, especially when point #43 in the main statement of claim says "Exhibit 5 details only one famous trademark for each letter of the alphabet." more
ICANN's web site has a press release saying that the were granted a temporary restraining order on Monday requiring that Registerfly cough up all the info on their registrants, or else.
My assumption all along has been that the reason that Registerfly hasn't provided full info is because they don't have it. ICANN agrees that they got partial data last month, and it's hard to imagine a reason that Registerfly would have given them some of the data but deliberately held back the rest. I guess we'll know soon enough.
By the way, I hear that ICANN plans to implement their registrar escrow policy, the one that's been in the contracts since 2000, pretty soon. more
One of the consistent chants we've always heard from ICANN is that there has to be a single DNS root, so everyone sees the same set of names on the net, a sentiment with which I agree. Unfortunately, I discovered at this week's ICANN meeting that due to ICANN's inaction, it's already too late. Among the topics that ICANN has been grinding away at is Internationalized Domain Names (IDNs) that contain characters outside the traditional English ASCII character set... ICANN has tied itself with the issue of homographs, different characters that look the same or mean the same thing. Once people noticed that IDNs let you register different names that look the same, the intellectual property crowd that has always had a mysteriously great influence on ICANN went into a tizzy and they went into lengthy discussions on what to do about them... more
You may have seen a new proposal for a "mobile" top-level domain name for use by something called "mobile users" whatever they are. (The domain will not actually be named .mobile, rumours are they are hoping for a coveted one-letter TLD like .m "to make it easier to type on a mobile phone.) Centuries ago, as trademark law began its evolution, we learned one pretty strong rule about building rules for a name system for commerce, and even for non-commerce.
Nobody should be given ownership of generic terms. Nobody should have ownership rights in a generic word like "apple" -- not Apple Computer, not Apple Records, not the Washington State Apple Growers, not a man named John Apple. more
The ICANN Board voted today 9-5, with Paul Twomey abstaining, to reject a proposal to open .xxx. This is my statement in connection with that vote. I found the resolution adopted by the Board (rejecting xxx) both weak and unprincipled... I am troubled by the path the Board has followed on this issue since I joined the Board in December of 2005. I would like to make two points. First, ICANN only creates problems for itself when it acts in an ad hoc fashion in response to political pressures. Second, ICANN should take itself seriously as a private governance institution with a limited mandate and should resist efforts by governments to veto what it does. more
For about the last two years, I was a member of ICANN's At Large Advisory Commitee (ALAC), the group charged with representing the interests of ordinary Internet users within ICANN. In case anyone is wondering, here's why I'm not on the ALAC any more. ICANN has a very narrow mission. They maintain the root zone, the list of top-level domain names in the Internet's domain name system. They coordinate numeric IP addresses, with the real work delegated to five Regional Internet Registries. And they keep track of some simple and uncontroversial technical parameters for Internet routing applications... more
There are a lot of bad, but smart, people out there on the net. They are quick to find and capitalize on vulnerabilities, particularly those vulnerabilities in mass market software. These bad folks are quite creative when it comes to making it hard to locate and shutdown the computers involved. For example, a virus that takes over a victim's computer might communicate with its control point, or send its captured/stolen information, by looking up a domain name. Normally domain names are somewhat static - the addresses they map to don't change very frequently - typically changes occur over periods measured in months or longer. more
Isn't security as important to discuss as .XSS? The DNS has become an abuse infrastructure, it is no longer just a functional infrastructure. It is not being used by malware, phishing and other Bad Things [TM], it facilitates them. Operational needs require the policy and governance folks to start taking notice. It's high time security got where it needs to be on the agenda, not just because it is important to consider security, but rather because lack of security controls made it a necessity. more
Many in the technical community attribute the rapid growth and spread of the Internet to innovation that took place at the "edge" of the network, while its "core" was left largely application neutral to provide a universal and predictable building block for innovation. It is this core neutrality that provides a basis for the security and stability of the Internet as a whole. And it is this same core neutrality that is critical to the continued spread of the Internet across the Digital Divide. Unfortunately, when the politics of censorship rather than solely technical concerns drive the coordination of these "core" Internet resources, it threatens the future security and stability of the Internet. This paper proposes a paradigm upon which all the governments of the world have equal access to these core Internet resources to empower them and their citizens with the rights acknowledged in the WSIS Declaration of Principles. more
The fallout from the failure of RegisterFly has been largely addressed as an issue of regulation and enforcement. ...ICANN has not historically enforced the escrow obligation, and in any case, if a company has failed, who exactly is going to take responsibility for updating the escrowed data? It seems to me that the problems that have arisen as a result of RegisterFly's collapse have more to do with the design of the "shared registry system" for the .COM and .NET TLDs than they do with ICANN's failure to enforce the RAA. more
There is a current ongoing Internet emergency: a critical 0day vulnerability currently exploited in the wild threatens numerous desktop systems which are being compromised and turned into bots, and the domain names hosting it are a significant part of the reason why this attack has not yet been mitigated. This incident is currently being handled by several operational groups. This past February, I sent an email to the Reg-Ops (Registrar Operations) mailing list. The email, which is quoted below, states how DNS abuse (not the DNS infrastructure) is the biggest unmitigated current vulnerability in day-to-day Internet security operations, not to mention abuse. more
Shakespeare has Marcellus say in Act 1 of Hamlet, "Something's rotten in the state of Denmark." ...Milton Mueller, in his recent post to this site, would have us believe that since ICANN's Board long ago agreed that ICM's application for dot-xxx registry satisfied its own criteria for a sponsored TLD, then the only explanation for all the delay is, "I'm beginning to think that ICANN's approach to TLD approval was cooked up by a demented sergeant from Abu Ghraib." Milton goes on to assert that ICM's claim on dot-xxx is protected by the 1st Amendment. If this is so, then why after more than six years of discussion, is dot-xxx still raising such a fuss? more
ICM Registry applauds the decision yesterday of Judge Lowell Reed of the United States District Court for the Eastern District of Pennsylvania in ACLU v. Gonzales to permanently enjoin enforcement of the Child Online Protection Act ("COPA"). Praising Judge Reed's meticulously documented opinion, ICM Registry President Stuart Lawley said, "This continues the unbroken chain of court decisions in the U.S. upholding free expression on the Internet, and it underscores the superiority of voluntary measures that empower users to select content compared with government regulations." Lawley concluded, "Now, more than ever, it underscores the need for ICANN to approve the proposal for a voluntary .xxx domain as another alternative to government regulation." more
Just when you thought the .xxx affair couldn't get any worse, it does. I'm beginning to think that ICANN's approach to TLD approval was cooked up by a demented sergeant from Abu Ghraib... Now, after the triple x people negotiated with ICANN's staff a contract that met all prior objections, and heads into what should be its final approval, word is that a few ICANN Board members are leaning in a negative direction. What is the reason? A group of pornographers has organized a campaign against .xxx, flooding ICANN's comment box with overwhelmingly negative remarks. more
A World-Renowned Source for Internet Developments. Serving Since 2002.