The Rise of Cyrillic Domain Names

This week, on a cruise ship navigating Russia's Neva river, around 250 domain registrars and resellers are gathered for the RU-CENTER annual domain conference. RU-CENTER is the largest Russian registrar in a market that is dominated by three companies. RU-CENTER and competitor Reg.Ru both manage around 28% of domains registered in the country's national suffix... RU-CENTER is also a figurehead for Russia's drive to make Internet use more palatable for those who are not natural ASCII writers. more

ICANN Meetings in Luxembourg

The ICANN Meetings are in full flow here in sunny Luxembourg. The venue is immense and located a cab, bus, or shuttle ride from the various hotels. So far, the big topics are the .Net finalization (focusing on the readjustment of the pricing verbiage), the USDOC root announcement, the shell registrar accreditations used in the batch pool for the purposes of getting dropped names, and the practice of registrars exploiting the 5 day add grace period to register in excess of 50000 names to watch how much web traffic they have, and returning the ones that do not at no cost... more

An Afnic Study of the Global Domain Name Market in 2020, COVID Impact on ccTLDs

Afnic, the French Network Information Centre and manager of the .fr TLD, has just published its Afnic's Global Domain Name Market in 2020 Report on the global domain market in 2020. The study is based on ICANN statistics, information from registries, specialized websites, and its own research. This is an overview of global trends and an analysis of the mechanisms at work during the health crisis. more

The London Process Arrived in Budapest: Another Travel Circus for the Internet Community?

The Budapest Conference on Cyberspace brought together nearly 20 heads of states and ministers plus 700 high level experts from various stakeholder groups from 60 countries. However, after two days of discussion there is less clarity where the so-called "London Process" - established by the British Foreign Minister William Hague in November 2011 in London - will go. The next meeting is scheduled for October 2013 in Seoul. Another flying circus for another Internet Governance talking shop? more

Microsoft’s Size Means Malicious Cyber Actors Thrive

Last month, the Russian state-sponsored hacking group "Midnight Blizzard" gained access to the email accounts of Microsoft leadership, even exfiltrating documents and messages. The group reportedly used a simple brute-force style attack to access a forgotten test account and then exploited the permissions on that account to access the emails of employees in the cybersecurity and legal teams. more

Close to Half of US East Coast Fuel Supply Shutdown Due to Ransomware Cyberattack

Colonial Pipeline, which accounts for close to half of the United States East Coast's fuel, has shut down its operations due to a cyberattack. The incident, believed to be the largest successful cyberattack on oil infrastructure in the U.S., was disclosed over the weekend. more

Copyright Infringement and ccTLDs

.tk was once designated as the riskiest ccTLD. .ru is often said to be, after .com, the most used in the content of spam messages. But is there a ccTLD that is a favorite destination for copyright infringement? The question is worth asking in view of the growing trend for .com domain names seizures related to copyright infringement. more

The Future of Home Networking: A Problem Statement

I'm a network engineer, and like many engineers I often gravitate to the big projects; large networks with problems of scale and complexity in my case. However, I also consider myself a student of Occam's razor and often quote Antoine de Saint-Exupéry: "perfection is reached not when there is nothing left to add, but when there is nothing left to take away." In this spirit of "less is more" I have recently become intrigued by the problems appearing in home networking. more

DNSSEC Deployment at the Root

The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer. more

Preliminary Thoughts on the Equifax Hack

As you've undoubtedly heard, the Equifax credit reporting agency was hit by a major attack, exposing the personal data of 143 million Americans and many more people in other countries. There's been a lot of discussion of liability; as of a few days ago, at least 25 lawsuits had been filed, with the state of Massachusetts preparing its own suit. It's certainly too soon to draw any firm conclusions... but there are a number of interesting things we can glean from Equifax's latest statement. more

Putting String Similarity into Context: Bulgaria’s IDN (.??) vs. Brazil’s ccTLD (.br)

Bulgaria is a nation which is directly impacted by the current Fast Track automatic disqualification when Top-Level Domain (TLD) strings are "confusingly similar" to other TLDs, in this case an Internationalized Domain Name (IDN) country code Top-Level Domain (ccTLD). Bulgaria has already been declined twice (in late 2009, and in May of 2010) to register the *.?? Cyrillic IDN on the premise that it looks confusingly similar to Brazil's *.br ASCII TLD. Being a native Bulgarian, I did not see how these two strings are similar more

Why Are the EU Data Protection Authorities Taking Away Our Fundamental Right to be Safe?

What if we created a rule that gave everyone - good or bad - the right to hide their license plate, where they live, who they are, and just go incognito? What if we made it a right to walk into any building in the world, and simply say "No, thank you" when the security guards asked for one's identification? The criminals would celebrate, and we'd all be utterly alarmed. We would immediately be afraid for our personal safety. more

Examining Actual State of IPv6 Deployment

There have been quite a number of recent articles about various IPv6 issues. Thus the question: how far along is the actual IPv6 deployment? This is a quick-and-dirty survey that focuses mainly on the content provider side. What domains were surveyed? Alexa offers country depended TopSites listings. Domains listed are frequently visited by users from that country, not necessarily hosted there... more

Botnets Shift Focus to Credential Abuse, Says Latest Akamai Report

Akamai's Fourth Quarter, 2017 State of the Internet, was released today in which it states that the analysis of more than 7.3 trillion bot requests per month has found a sharp increase in the threat of credential abuse, with more than 40 percent of login attempts being malicious. more

ICANN Needs a Good Root

It's not been the best of years for ICANN. Leaving aside for a few seconds the controversy about xxx, and the allegations of improper behavior about the .Net assignment, ICANN has had a lot to deal with. The troubles began with the UN Working Group on Internet Governance hell bent on fixing ICANN, even though ICANN says nothing is broke. That trouble remains and isn't likely to go away for some time. And then, just when it seemed that the UN and ITU was the cause of all ICANN's problems, the old ally, US Government's DOC, decided that it was going to be in charge of ICANN. ...This could be the beginnings of a distinct change where the centralized DNS as we know it gradually gives way to some next generation structure which is far more decentralized. The coming 12 months may see some significant changes in this area. more