How the First White House Website Came to Be

In doing a recent search, there it was: the first White House website archived at the U.S. Archives. It ended up changing the direction of markets and network development, if not world politics. How it came to be is known only to the few people involved. It is a great example of individual initiative, collective whimsy, serendipity, and unintended consequences... When Bill Clinton arrived at the White House on 20 January 1993, he brought with him a kind of rag-tag team who had helped him get there.  more

Domain Enforcement in a Post-GDPR World

The implementation of the General Data Protection Regulation (GDPR), and ICANN's conservative temporary policy, which favors privacy and limits registrar liability, has made domain enforcement against cybersquatters, cyber criminals and infringement more difficult, expensive and slow. With heightened concerns over privacy following high-profile breaches of consumer data and its subsequent illicit use and distribution, there is no question that consumer data protection practices would come under scrutiny. more

“Internet Drivers License” - A Short History Lesson

The press, the blogosphere, CircleID - everybody has been discussing Craig Mundie's comment on the need for an "Internet Driver's License". Most of the reaction has been from privacy advocates fearing that this is simply another way to kill anonymity on the Internet. Oh well... that's the usual set of reactions. Now... the fun part is, a driver's license also shows that you have the competence to drive... more

These Countries Have Adopted the UDRP

The Uniform Domain Name Dispute Resolution Policy (UDRP) is certainly the most frequently used tool to combat cybersquatting -- but, it is not always an option. Many countries have adopted their own domain name dispute policies -- or none at all -- in lieu of the UDRP. For example, domain names in the United Kingdom's .uk country-code top-level domain (ccTLD) are subject to Nominet's Domain Dispute Resolution Service, which applies a different test... more

Securing the DNS in a Post-Quantum World: Hash-Based Signatures and Synthesized Zone Signing Keys

In my last article, I described efforts underway to standardize new cryptographic algorithms that are designed to be less vulnerable to potential future advances in quantum computing. I also reviewed operational challenges to be considered when adding new algorithms to the DNS Security Extensions (DNSSEC). In this post, I'll look at hash-based signatures, a family of post-quantum algorithms that could be a good match for DNSSEC from the perspective of infrastructure stability. more

The Tempest in the TLD Teapot

At its recent meeting in Seoul ICANN announced with great fanfare that it's getting ever closer to adding lots of new Top Level Domains (TLDs). Despite all the hype, new TLDs will make little difference... I agree with my old friend Lauren Weinstein that this is a tempest in a very expensive teapot, because all of the purported reasons that people want new TLDs have been proven false, and the one actual reason that a new TLD would be valuable has no public benefit. more

A Possible Missing Piece of Net Neutrality Puzzle: Backbones and Peering?

I remember being told three years ago that, in general, internet backbone issues weren't really a subject for regulatory involvement, and didn't need to be. Although the last mile was a problem, the upstream fat-pipe relationships weren't - they were all competitive and thriving. Or at least that's what people thought. Over the last couple of days I've been looking around trying to figure out what the facts are about backbones and peering. It seems that we don't even know what we don't know... more

2012 Global Phishing Trends: Uptime Down, Numbers Up

Despite security advances over the past year, including the increased deployment of DNSSEC, pirates continue to wreak havoc on the Internet. But before you decide that Internet security innovations are futile, consider this: online criminals are just like burglars in the physical world; they don't take new ways of blocking their best efforts lying down. They come up with new and, in some cases, stronger plans of attack. more

DotSpam? Certain New gTLDs Rapidly Outpacing Legacy TLDs in Terms of Abuse

Would you like to hear about how to treat your psoriasis? Where to get a cheap oil change? How to flatten your belly? Achieve a stronger sexual life? Cheap toner? Annuities? Herpes? Bed bugs? Free energy? Varicose-Veins? Herpes? Saggy skin? Arthritis? Overactive bladder? Drug addiction? Herpes? No? Well, that's too bad, because that you are going to hear about it whether you like it or not. Many of the messages about these and other subjects are being carried to you via new gTLDs. more

A Programmer’s Perspective on the IANA Transition

Earlier this week, I posted from Singapore on the challenges we face in designing the transition of IANA functions from the US government to the global multistakeholder community. Now, let's consider how a programmer would design new mechanisms to accomplish this transition. For starters, a programmer would need something more than high-level principles. Coding requires use cases for routine interaction and especially for cases where users don't follow the expected routine and where the real world intervenes with inconvenient problems. more

Digging Through the Problem of IPv6 and Email - Part 1

Recently, a couple of anti-spam (or at least email security related) bloggers have written some articles about IPv6 and the challenges that the email industry faces regarding it. John Levine, who has written numerous RFCs and a couple of books about spam fighting, writes the following in his article "A Politically Incorrect Guide to IPv6, part III". more

IoT Developments: NIST Issues Tech Guidance while NTIA Seeks Broad Input, Global Efforts Percolate

As the federal government grapples with Internet-connected devices and applications that make up the Internet of Things (IoT), the National Institute of Standards and Technology (NIST) is forging ahead to provide "technical leadership" for "the operation, trustworthiness, and lifecycle of IoT". Such efforts complement - and contrast - recent policy efforts at the National Telecommunications and Information Administration (NTIA) and elsewhere to promote IoT innovation while addressing security, privacy, and interoperability.  more

CENTR Reports on Latest ccTLD Stats

The Council of European National Top level Domain Registries (CENTR) has released its 7th edition of DomainWire Stat Report with special focus on European country code Top-Level Domains (ccTLDs). According to the report, the top 20 largest ccTLDs currently represent roughly 82% of all ccTLD registrations globally and 37% of all domain names globally (gTLDs, ccTLDs etc). more

DNSSEC Baby Steps Reported at ICANN 41

The Internet is slowly beginning to adopt the new DNSSEC domain names standard, but significant challenges remain. That was the main takeaway from a four-hour workshop on the technology held during the recent ICANN 41 public meeting in Singapore, which heard from many domain registries, registrars and other infrastructure providers. more

Web3 - What Brand Protection Pros Need to Know

Avivah Litan, the storied Gartner analyst, laid it down succinctly for insiders in her blog two and one-half years ago. She said, "Web 3.0 will transform us from Web 2.0's monetization via surveillance capitalism and advertising to monetization built directly into the protocol that is equally available to any connected user." Translated, that means we'll control our destiny by owning and managing our credentials for logging into systems, content, financial resources, and, importantly, our data. And, we are told, blockchain technology will enable all that. more