One Year Later: Lessons Learned from the Target Breach

As the autumn leaves fall from naked trees to be trampled or encased in the winter snow, it reminds us of another year quickly gone by. Yet, for organisations that were breached and publicly scrutinised for their security lapses, it's been a long and arduous year. It was about this time last year that the news broke of Target's mega breach. Every news outlet was following the story and drip feeding readers with details, speculation and "expert opinion" on what happened, why it happened and who did it. more

Wait and See Approach on Abuse

Wait and see approach on abuse attracts ICANN Stakeholder attention: A few weeks ago I made a detailed argument as to why product safety applies to domains, just like it does to cars and high chairs. I also argued that good products equal good business or "economically advantaged" in the long run. Then I really made a strong statement, I said if we don't actively engage other Internet stakeholders -- those that interact with our products, we would eventually lose the opportunity to self-regulate. more

Breaking: U.S. Government Funding Bill Delays IANA Transition

On the evening of Tuesday, September 9th, Congressional leaders unveiled a 1,603 page, $1.01 trillion FY 2015 appropriations bill to fund the U.S. government through the end of September 2015. One provision of the omnibus bill would delay the IANA transition until after the September 30, 2015 expiration of the current contract between the NTIA and ICANN. more

Section 3.18 of the 2013 RAA: Reasonable Investigations, Appropriate Responses

Section 3.18 of the ICANN 2013 Registrar Accreditation Agreement (RAA) contains language requiring registrars to investigate and respond to abuse complaints. Nearly one year into the new RAA's effective period, what do we know about Section 3.18? If a person or entity wants to submit a complaint, what should they keep in mind? This article reviews the meaning of Section 3.18, how to leverage it, offers a list of do's and don'ts for complainants, and offers a few recommendations for registrars. more

Call For Participation - ICANN 52 DNSSEC Workshop on 11 Feb 2015 In Singapore

If you will be at ICANN 52 in Singapore in February 2015 (or can get there) and work with DNSSEC or the DANE protocol, we are seeking proposals for talks to be featured as part of the 6-hour DNSSEC Workshop on Wednesday, February 11, 2015. The deadline to submit proposals is Wednesday, December 10, 2015... The full Call For Participation is published online and gives many examples of the kinds of talks we'd like to include. more

ICANN New gTLD Auction Proceeds Approaching $30 Million

While the debate continues as to whether most new gTLDs are a sound long-term investment for their registry operators, there's no disputing that the program has been an economic boom for ICANN. The 1,930 first round applications each required an application fee of $185,000, which added up to a tidy $357 million. Even after refunds for withdrawn applications ICANN still cleared about a third of a billion dollars from the first round before a single string was delegated. more

Community Statement Presented at Wuzhen Summit

China is holding the First Internet Conference in the rivertown of Wuzhen, calling for global Internet interconnectivity and shared governance by all. Founders of China's top three Internet companies Alibaba, Tencent and Baidu as well as executives from global giants including Apple, Amazon, Google and Facebook all joined the gala. more

Banks Under e-Pressure

Back in the early 1980s we witnessed the launch of the first e-payments systems by French banks in Biarritz. A similar project was launched in Japan and a year or so later Berlin also launched their pilot service. In Biarritz the whole town received smartcards and all the shops were given devices to handle e-cash. Over the next 30 years very little happened -- nowhere did banks build on this initiative to take a leadership role in e-payments. more

The EFF and Hanlon’s Razor

The EFF has just posted a shallower than usual deeplink alleging an "email encryption downgrade attack" by ISPs intent on eavesdropping on their customers. They, along with VPN provider Golden Frog, have additionally complained to the FCC reporting this. Here, they've just noticed something that's common across several hotel / airport wifi networks... more

Domain Name Abuse Is a 4 Letter Word

There has been a lot of back and forth recently in the ICANN world on what constitutes domain abuse; how it should be identified and reported AND how it should be addressed. On one side of the camp, we have people advocating for taking down a domain that has any hint of misbehaviour about it, and on the other side we have those that still feel Registries and Registrars have no responsibility towards a clean domain space. (Although that side of the camp is in steady decline and moving toward the middle ground). more

Enhanced Confusion: The European Council and the Governance of the Internet

On November 1, 2014, the new European Commission started its work. One of the priorities of its new president, Jean Claude Juncker, is the digital agenda. The European Union wants to be a leader in the Internet world of tomorrow. Vice President Andrus Ansip from Estonia (some people spell the country name "e-stonia") and Commissioner Günter Oettinger from Germany will have special responsibilities to implement the big plans. Juncker was elected by the European Parliament, although the green light for his nomination came from the European Council. more

Some Thoughts on the ICANN EWG Recommended Registration Directory Service (RDS)

It has been my distinct pleasure to serve on ICANN's Expert Working Group on gTLD Directory Services (EWG). We put in many long months and what seemed like countless hours of research, discussion, meetings, and deliberations on how to tackle a clean-slate approach to gTLD directory services, popularly known as "WHOIS". In our Final Report, the Expert Working Group (EWG) recommended a Registration Directory Service (RDS) to replace today's WHOIS, providing a next-generation system to better meet the needs of the evolving global Internet with greater accuracy, privacy, and accountability. more

Getting gTLDs Into the Marketing Mix

For those of us in the domain space, the hype and fanfare in the years leading up to new gTLDs was loud and pervasive. As early as 2010 or 2011, we saw news of their impending launch propagating through marketing and advertising publications, and even popping up on occasion in mainstream press. Yet somewhere along the way (perhaps in the confusion over procedure, dates and deadlines that seemed to plague the process), we seem to have lost the attention of a group vital to the implementation of the new extensions -- marketers. more

Big Data Stress? Go Zen With These 5 Technologies

The promise of "big data" -- real-time insights, predictive analytics and a better understanding of customer behaviors -- has many companies jumping into this near-bottomless information pool with both feet. But the sheer volume of data can cause serious stress for IT professionals trying to balance C-suite expectations, legacy tech limitations and corporate workloads. What's more, the data market is rapidly evolving. more

Bringing Order to Chaos

If we were to apply themes to Internet governance world, the narrative for 2014-15 is definitely 'change'. The governance ecosystem is knee deep in the IANA transition, with a few meetings and teleconferences of the IANA Transition Coordinating Group behind us, and a ramping up of activity around ICANN accountability and governance. While the IANA transition and ICANN accountability processes are being conducted in parallel and independently, it's important to note that not only are they related, they are dependent on one another. more