All those Internet Governance pundits who track ICANN the way paparazzi track Paris Hilton are barking up the wrong tree. They've mistaken the Department of Street Signs for the whole of the state. The real action involves words like rbldnsd, content filtering, and webs of trust. Welcome to the Internet! What's on the menu today? Spam, with some phish on the side! We've got email spam, Usenet spam, IRC spam, IM spam, Jabber spam, Web spam, blogs spam, and spam splogs. And next week we'll have some brand new VoIP spam for you. Now that we're a few years into the Cambrian explosion of messaging protocols, I'd like to present a few observations around a theme and offer some suggestions. more
As a long time supporter of the universal namespace operated by IANA, it may come as a surprise that I have joined the Open Root Server Network project (ORSN). I'll try to explain what's going on and what it all means. ...If one of my kids, or anybody anywhere, sits down in front of a web browser and keys in a URL, it ought to just work. They ought to see the same web page that anybody else would see, no matter what country they're in or what their ISP wants or what their local church or government wants. This universality of naming is one of the foundations on which the Internet was built, and it is how the Internet fosters economic growth and social freedoms. It's what makes the Internet different from old Compuserve, old AOL, old MSN, old Minitel, and everything else that has come -- and gone -- before... more
You may have seen a new proposal for a "mobile" top-level domain name for use by something called "mobile users" whatever they are. (The domain will not actually be named .mobile, rumours are they are hoping for a coveted one-letter TLD like .m "to make it easier to type on a mobile phone.) Centuries ago, as trademark law began its evolution, we learned one pretty strong rule about building rules for a name system for commerce, and even for non-commerce.
Nobody should be given ownership of generic terms. Nobody should have ownership rights in a generic word like "apple" -- not Apple Computer, not Apple Records, not the Washington State Apple Growers, not a man named John Apple. more
If a UDRP panelist believes domainers are the same thing as cybersquatters, is he fit to arbitrate? I came across an editorial on CNET today by Doug Isenberg, an attorney in Atlanta and founder of GigaLaw.com, and a domain name panelist for the World Intellectual Property Organization. The guest editorial focuses on Whois privacy and why it's imperative to maintain open access to registrant data for intellectual property and legal purposes. That's a common opinion I've read a million times. Nothing groundbreaking there. But then I was shocked to read that Isenberg generalizes domainers as cybersquatters: "Today, cybersquatters have rebranded themselves as 'domainers.' Popular blogs and news sites track their activities..." more
As the WHOIS debate rages and the Top-Level Domain (TLD) space prepares to scale up the problem of rogue domain registration persists. These are set to be topics of discussion in Costa Rica. While the ICANN contract requires verification, in practice this has been dismissed as impossible. However, in reviewing nearly one million spammed domain registrations from 2011 KnujOn has found upwards of 90% of the purely abusive registrations could have been blocked. more
At last week's meeting, the ICANN board uncharacteristially did something and voted to make their fee of 20 cents per domain-year nonrefundable. They expect this to stop both domain tasting and NSI's frontrunning, which it certainly will. It's not clear when this change will go into effect, but it might be within a month. more
Five years ago today, the ICANN Board committed to opening a second application window for the New gTLD Program as expeditiously as possible. The same resolution also directed the ICANN CEO to publish a document describing the work plan required prior to initiating a second application window. Ask a Board member or ICANN staff when they expect the next application window to open, and they will inevitably suggest 2020 -- another three years away. more
The recent research highlighting the alarming practice of Secure Socket Layer (SSL) Certificate Authority (CA) vendors using the MD5 hashing algorithm (which was known to be broken since 2005) has shown a major crack in the foundation of the Web. While the latest research has shown that fake SSL certificates with MD5 hashes can be forged to perfection when the CA (such as VeriSign's RapidSSL) uses predictable certificate fields, the bigger problem is that the web has fundamentally botched secure authentication. more
Gartner, the well known IT consulting company, has published a report on the new top level domains that will appear some time next year. The report totally misses the mark. In a pure US centric vision, it focuses on ".com" as the must-have TLD, totally overlooking the fact that a ".com" is mostly worthless e.g. in Germany, where ".de" is the TLD one must have to succeed locally... more
In the coming months, ICANN will ambitiously expand the number of top-level domains (TLDs). ICANN could add ".movie" and ".paris", among others, to the existing ranks of ".com", ".org", ".gov", and ".edu". Here's another they should consider: a new ".pol" TLD that is reserved exclusively for political candidates and entities. A ".pol" TLD is needed to alleviate problems linked to a now-common phenomenon called political cybersquatting... more
One of the consistent chants we've always heard from ICANN is that there has to be a single DNS root, so everyone sees the same set of names on the net, a sentiment with which I agree. Unfortunately, I discovered at this week's ICANN meeting that due to ICANN's inaction, it's already too late. Among the topics that ICANN has been grinding away at is Internationalized Domain Names (IDNs) that contain characters outside the traditional English ASCII character set... ICANN has tied itself with the issue of homographs, different characters that look the same or mean the same thing. Once people noticed that IDNs let you register different names that look the same, the intellectual property crowd that has always had a mysteriously great influence on ICANN went into a tizzy and they went into lengthy discussions on what to do about them... more
Registration of .Pro domains has descended into shambles as the Registry responsible for their administration has allowed a flood of domain registrations which appear to be in breach of the strict rules restricting who can register a .pro domain and the certified credentials required before any such domain can work. more
For several years, many within ICANN circles have raised concerns about the escalating nature of domain name system (DNS) abuse. While some strides were made toward a safer DNS, new data - this time from a comprehensive study of DNS abuse by the European Union - demonstrates that abuse remains a frustratingly obstinate problem that requires urgent attention. We've seen some registries and registrars testing innovative industry-led initiatives in an effort to address the issues. more
According to National Journal, Susan Crawford is joining the Obama administration in a significant new role... This does not make me happy. Crawford is not a technologist, and the job that's been created for her needs to be filled by a person with deep knowledge of technology, the technology business, and the dynamics in research and business that promote innovation... more
As founder and CTO of Ellacoya Networks, a pioneer in Deep Packet Inspection (DPI), and now having spent the last year at Arbor Networks, a pioneer in network-based security, I have witnessed first hand the evolution of DPI. It has evolved from a niche traffic management technology to an integrated service delivery platform. Once relegated to the dark corners of the central office, DPI has become the network element that enables subscriber opt-in for new services, transparency of traffic usage and quotas, fairness during peak busy hours and protection from denial of service attacks, all the while protecting and maintaining the privacy of broadband users. Yet, DPI still gets a bad rap... more