It’s “Verisign vs. Users”

But even if the collateral damage is left out of the picture, the very idea behind SiteFinder is user-unfriendly, and that's the second half of the ALAC's note: SiteFinder is, ultimately, about short-cutting other error handling methods, and redirecting any users that enter non-existing domain names into a web browser to Verisign's own service, for commercial purposes. SiteFinder is designed so it becomes difficult to deploy superior error handling services that would compete with it -- because errors aren't flagged. more

Registrant Freedom Day

After almost four years, ICANN has announced that they have adopted a new domain name transfer policy that make it much easier for domain name registrants to do business with the ICANN accredited Registrar of their choosing. Highlights from this new policy include; streamlined definition of responsibilities as it relates to the management of the domain name. Under the new policy, only the Administrative Contact or Registrant can authorize a domain name transfer to a new service provider... more

Ameritrade Leaks User Information Yet Again, Blames Hacker X

OK, you know things are getting bad when Ameritrade leaks its customer information yet again, and I don't even bother to report it because it's not news anymore. Well, recent updates to the story have prompted me to correct that omission. Yes, it happened again. Roughly a month ago, correspondents began to receive pump-n-dump spam to tagged email addresses which they had given only to Ameritrade... This now marks the third major confirmed leak of customer information from Ameritrade. In addition, the Inquirer reported the loss of 200,000 Ameritrade client files in February 2005. One correspondent informs me that this has happened to him on four or five previous occasions. more

Analysis of the IDN New gTLD Applications

There has been a lot of excitement since ICANN revealed the list of 1930 applications for new gTLD yesterday at an event in London yesterday. Even some of the strongest opponents of the ICANN's new gTLD program have acknowledged there is a case to open up new gTLDs for Internationalized Domain Names (IDNs). I am going to focus here on the analysis of the IDN applicants. more

ICANN Explains Why Judge Should Dismiss VeriSign’s Lawsuit

In a 33-page motion filed on Monday, April 5, 2004, ICANN has asked a federal judge in Los Angeles to dismiss VeriSign's recent lawsuit filed against the non-profit organization. More specifically, the filed motion has asked the court to "dismiss VeriSign's first six claims for relief with prejudice," which are... more

Finding Good ICANN Board Candidates

In the late summer of 2006, the ICANN Nominating Committee will convene to select three members to the ICANN Board of Directors, and four members to various councils. Depending on the global visibility of the nominees, and the current political and technical currents pulling at the Internet community, these nominations will be both pilloried and lauded in different circles. This process of selecting a good ICANN board member is astonishingly complex; I should know, having served on the founding NomCom in 2003, and the succeeding NomComs in 2004 and 2005. By far the biggest challenge is finding good candidates... more

Swedish Regulator Bans Inclusion of Letters “b”, “a”, “n”, “k” in Domain Names Under .SE

Swedish Regulator PTS have today notified .SE, the Swedish (.SE) TLD registry that they have to change the rules... In short, the decision implies that any form of the sequence of the characters "b", "a", "n", "k" are illegal in domain names in Sweden. Further that checks of what domain names are registered are to be checked before registration. more

2018 Domain Name Year in Review

Well, it's that time of year again. The time of year when I look back at all of the biggest domain news stories from the last twelve months, and also reflect on my predictions from last year. As expected, GDPR has had a major impact on the ability to access domain ownership information. And we did indeed see a number of M&A transactions over this last year. However, there wasn't a lot of new .Brand activity. This is one prediction where I may have missed the mark... more

Can We Create a Secure Caller ID For VoIP?

Can we create a "secure Caller ID" for IP-based communications, a.k.a. voice-over-IP (VoIP)? And specifically for VoIP based on the Session Initiation Protocol (SIP)? Can we create a way to securely identify the origin of a call that can be used to combat robocalling, phishing and telephony denial-of-service (TDOS) attacks? That is the challenge to be undertaken by the "Secure Telephone Identity Revisited (STIR)" group meeting tomorrow morning, July 30, 2013, at 9:00 am in Berlin, Germany, as part of the 87th meeting of the Internet Engineering Task Force (IETF). more

The Future of Domain Name Dispute Policies: The Journey Begins

A just-launched ICANN "working group" (of which I am a member) will - eventually - help to determine the future of the Uniform Domain Name Dispute Resolution Policy (UDRP), the 17-year-old domain name arbitration system that has been embraced by trademark owners and criticized by some domainers; as well as the Uniform Rapid Suspension System (URS), the new (and limited) arbitration process that applies to the new gTLDs. more

Why WIPO Does Not Like the UDRP

The World Intellectual Property Organization (WIPO) -- the same organization whose head recently equated intellectual property infringement with terrorism -- has been pressing ICANN to add domain name monopolies on the names of countries, and the names and acronyms of inter-governmental organizations, into the Uniform Domain Name Dispute-Resolution Policy (UDRP). Despite the fact that no-one but WIPO seems to want these new exclusions, a working group has nonetheless been convened to study their recommendations. more

Think China Is the Highest Spamming Country? Think Again

In my department, we block about 92% of our total email (around 2.5 billion per day) at the network edge without accepting the message. When we do that, we don't see any traffic from that IP anymore and don't keep stats on it due to the overwhelming volume of mail. However, we do keep stats on mail that we block with our content filter. I decided to go and calculate how much spam we receive from each country by mapping the source IP back to its source country... more

RIPE NCC Distributed Last IPv4 Address Space from the Available Pool

On Friday 14 September, 2012, the RIPE NCC, the Regional Internet Registry (RIR) for Europe, the Middle East and parts of Central Asia, distributed the last blocks of IPv4 address space from the available pool. more

Donuts to Acquire Afilias

Donuts and Afilias announced today that Donuts is acquiring Afilias in a deal that is expected to close in December 2020 for an undisclosed amount. The combined entities will support over 25 million domain names spanning well over 400 TLDs. The deal will not include certain Afilias businesses, such as the mobile software and registrar businesses, which will remain with Afilias' original group of investors. more

IPv6 Security Myth #2: IPv6 Has Security Designed In

Today we continue with part 2 of the 10 part series on IPv6 Security Myths by debunking one of the myths I overhear people propagating out loud far too much: That you don't need to worry about security because IPv6 has it built into the protocol. In this post, we'll explore several of the reasons that this is in fact a myth and look at some harsh realities surrounding IPv6 security. more