For several years, many within ICANN circles have raised concerns about the escalating nature of domain name system (DNS) abuse. While some strides were made toward a safer DNS, new data - this time from a comprehensive study of DNS abuse by the European Union - demonstrates that abuse remains a frustratingly obstinate problem that requires urgent attention. We've seen some registries and registrars testing innovative industry-led initiatives in an effort to address the issues. more
According to National Journal, Susan Crawford is joining the Obama administration in a significant new role... This does not make me happy. Crawford is not a technologist, and the job that's been created for her needs to be filled by a person with deep knowledge of technology, the technology business, and the dynamics in research and business that promote innovation... more
I'm an engineer, and I firmly believe that Internet matters and, in general, Information Society, should be kept separate from politics, so usually, I'm very skeptical to talk about those and mix things. Let's start by saying that I'm Catalonian. Despite the dictatorial regime when I was born, forbidden teaching Catalonian, I learned it, even despite, initially for family reasons and now for work reasons, I live in Madrid. However, I keep saying everywhere I go, that I was born in Barcelona... more
In most industries, businesses that blatantly act against the interests of their customers to favor their own internal profit centers would either not be allowed or else subject to controls and oversight by the government. It is universally regarded as an unfair and deceptive business practice. In the domain name registrar business, however, the normal practices of legitimate business dealings and customer protection seem woefully wanting. Kelly's Case described here illustrates the point... more
ICANN has released their IRS Form 990 statements for the year ending June 30, 2008... ICANN says they use for-profit companies as comparables when determining employee compensation. However, even in the middle of a great recession, salaries have been going up, up, and up! more
PIR, the registry operator for .org, has sent notices to registrars that it is implementing an anti-abuse policy that offers no due process for innocent domain registrants... While it's good intentioned, there is great potential for innocent domain registrants to suffer harm, given the lack of appropriate safeguards, the lack of precision and open-ended definition of "abuse", the sole discretion of the registry operator to delete domains, and the general lack of due process. more
In June of 2008 KnujOn reported that 70 Registrars did not have a business address listed in the InterNIC Registrar Directory. Only after reporting a month later that little had changed did ICANN perform a mass update of the directory. On further inspection we found many of the newly disclosed addresses were phantom locations, false addresses, and PO boxes. more
ICANN is about to do serious damage to its reputation by making a precipitous, ill-considered leap into the unknown should it follow through on removing price constraints on several legacy extensions, most notably .org. Doing so would expose a global community of non-profits to the risk of quickly-escalating exploitative pricing. The rationale for eliminating price caps relies on three points, all of which are incorrect. more
ICANN should reconsider its decision to quarantine .DOCTOR, given that it's not even sick. In an utterly surprising move, ICANN staff and the Board's New gTLD Program Committee ("NGPC") recently informed the applicants for .DOCTOR that it has singled out the gTLD as a test case for controlling content and limiting speech on the Internet. In the epitome of top-down policy making, ICANN issued an edict that it will implement nearly year-old advice from the Government Advisory Committee ("GAC") differently from all other similarly situated gTLDs and in contravention of subsequent GAC advice. more
The Domain Name System is often though of as an integral part of the Internet. Without it, how can you ever locate anything? Well, quite easily, thank you very much. DNS is used implicitly for many services, such as web browsing. It also includes explicit extensions for a few applications such as e-mail. (I'm talking here about DNS the system, not DNS the technology that can be re-purposed to things like ENUM.) But the most notable thing about DNS is its receding importance... more
In recent weeks, thousands of what ICANN describes as "questionable" registrations have been activated... Let me illustrate: Mr. ICANN decides to hold a party. He has decided that he only wants to ask some of his professional friends to come, so they are asked to bring their party invites with them to prove they've been invited, because poor Mr. ICANN has had trouble before with people gatecrashing his parties. At a sunrise party he'd held a few years ago, all kinds of people had gatecrashed and no-one had asked to see their invites and it was dreadful. So Mr. ICANN hires a bouncer to stand guard at the front door of his house. The bouncer, Johnny Registry, assures Mr. ICANN that no-one will get in without an invite... more
Can we trust ICANN to conduct itself in a predictable, open, transparent, and accountable manner if it takes over governance of the Internet's domain name system from the U.S. government? That was the main question up for discussion Wednesday in the House Judiciary Subcommittee on Courts, Intellectual Property, and the Internet, as lawmakers heard feedback from a diverse group of stakeholders about the National Telecommunications and Information Administration (NTIA) plan to relinquish its historical oversight of key technical Internet functions. more
In 1998, the United States government might have taken a different path in asserting its control over the technical administration of the DNS. It might have asserted full U.S. governmental control, or it might have turned over the functions to an international body such as the International Telecommunications Union. Instead, it created a "private-public partnership", incorporated as a California "nonprofit public benefit corporation", with a charter giving the company a dual mission of quasi-governmental functions combined with responsibility for operational stability of the Internet. more
After looking at the state of DNSSEC in some detail a little over a year ago in 2006, I've been intending to come back to DNSSEC to see if anything has changed, for better or worse, in the intervening period... To recap, DNSSEC is an approach to adding some "security" into the DNS. The underlying motivation here is that the DNS represents a rather obvious gaping hole in the overall security picture of the Internet, although it is by no means the only rather significant vulnerability in the entire system. One of the more effective methods of a convert attack in this space is to attack at the level of the DNS by inserting fake responses in place of the actual DNS response. more
Many of my friends in the civil-liberties and Internet-law communities have been criticizing the Internet Society's agreement to sell the Public Interest Registry, which administers the .ORG top-level domain. I'm a free-speech guy, so I support their right to raise all these criticisms. But they often ask me directly – knowing that my track record as an Internet civil-libertarian is longer than most – why as a member of the Internet Society (a.k.a. ISOC) board I decided to join the board's unanimous approval of the deal. more