Next Steps in Preparing for Post-Quantum DNSSEC

In 2021, we discussed a potential future shift from established public-key algorithms to so-called "post-quantum" algorithms, which may help protect sensitive information after the advent of quantum computers. We also shared some of our initial research on how to apply these algorithms to the Domain Name System Security Extensions, or DNSSEC. In the time since that blog post, we've continued to explore ways to address the potential operational impact of post-quantum algorithms on DNSSEC, while also closely tracking industry research and advances in this area. more

Core Internet Institutions Abandon the US Government

Milton Mueller from Internet Governance Project writes: "In Montevideo, Uruguay [last week], the Directors of all the major Internet organizations -- ICANN, the Internet Engineering Task Force, the Internet Architecture Board, the World Wide Web Consortium, the Internet Society, all five of the regional Internet address registries -- turned their back on the US government. With striking unanimity, the organizations that actually develop and administer Internet standards and resources initiated a break with 3 decades of U.S. dominance of Internet governance..." more

Verisign iDefense Analysis of XcodeGhost

At Verisign we take our Internet stewardship mission very seriously, so when details emerged over the past week concerning the XcodeGhost infection, researchers at Verisign iDefense wanted to help advance community research efforts related to the XcodeGhost issue, and leveraging our unique capabilities, offer a level of public service to help readers determine their current and historical level of exposure to the infection. more

Another Year of the Transition to IPv6

I bet that nobody believed in 1992 that thirty years later, we'd still be discussing the state of the transition to IPv6! In 1992 we were discussing what to do about the forthcoming address crunch in IPv4, and having come to terms with the inevitable prospect that the silicon industry was going to outpace the capacity of the IPv4 address pool in a couple of years, we needed to do something quickly more

Good News from Three Spam Cases in the U.S.

They say (whoever "they" are) that good things come in threes, and that certainly seems true for law enforcement against spammers this week. In New York, Adam Vitale was sentenced to 30 months in prison and ordered to pay $183,000 in restitution for a week of spamming AOL back in 2005... In Illinois, an FTC settlement requires Spear Systems and company executives Bruce Parker and Lisa Kimsey to give up $29,000, stop making "false or unsubstantiated claims about health benefits" of their products, and bars them from violating CAN-SPAM ever again... And finally, in Seattle, the Robert Soloway case continues... more

DNSAI Compass: Six Months of Measuring Phishing and Malware

The DNS Abuse Institute recently published our sixth monthly report for our project to measure DNS Abuse: DNSAI Compass ('Compass'). Compass is an initiative of the DNS Abuse Institute to measure the use of the DNS for phishing and malware. The intention is to establish a credible source of metrics for addressing DNS Abuse. We hope this will enable focused conversations, and identify opportunities for improvement. more

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

EFF's Senior Legislative Counsel, Ernesto Falcon, in a post on Monday has argued that major ISPs in the U.S. -- the likes of Comcast, AT&T;, and Verizon -- are aggressively influencing legislators to stop the deployment of DNS over HTTPS (DoH), "a technology that will give users one of the biggest upgrades to their Internet privacy and security since the proliferation of HTTPS." more

Addressing Anticompetitive Behavior in Internet Standards Bodies

A significant focus is emerging today on the anticompetitive behaviour of Silicon Valley companies directed at dominating critical sectors of the on-line marketplace, and a U.S. Congressional hearing is scheduled. Such practices can be pursued in many ways. One of the more elusive, but very effective anticompetitive playbooks - known legally as the "antitrust conspiracy" - can occur in internet standards bodies. more

Industry Makes Rapid Progress on DNSSEC

DNSSEC is being rolled out quickly in top-level domain registries around the world, but there's still some way to go to encourage other Internet stakeholders to adopt the new security technology. That was one of the key takeaways from a day-long, comprehensive session on Domain Name System Security Extensions implementation worldwide, held during ICANN's public meeting in Cartagena, Colombia, last week. more

Alternative Insights on Article 28 of the NIS2 Directive

On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states. more

Google Ends Domain-Fronting Feature Used by Censorship Tools

A recent change in Google's network architecture has put a stop to a so-called "domain-fronting" feature that allowed services use Google's network to get around state-level internet blocks. more

Disclaimer in Trademark Registration Sinks UDRP Action

A trademark owner who notices that someone else has registered a domain name incorporating the owner's mark can file an arbitration action under the Uniform Domain Name Dispute Resolution Policy (UDRP for short). This often serves as a quicker and less expensive alternative to pursuing the cybersquatter in court. To be successful under the UDRP, the "Complainant" has to show all of the following three elements... more

A Single Price Index for Domain Names Is Misleading

Having a single price index for the domain name industry would be worse than useless. Such an index is presented in a recent study by Thies Lindenthal. The index is intended to be a benchmark for domain owners and investors. But it's out of line with other studies and the common sense of how a market operates. A much better barometer to follow is average prices for groups of domain names with similar characteristics. more

Estimating Trademark Claims Notice Suppression of Non-Infringing New gTLD Registrations

On February 2nd ICANN staff announced the release of a Draft Report: Rights Protection Mechanisms Review that is open for public comment until May 1st. This Draft Report is preliminary to an Issues Report requested by the GNSO Council that is due to be delivered by September 30th, and that may set the stage for a Policy Development Process (PDP) on Rights Protection Mechanisms (RPMs) that could commence in 2016. Such a PDP could consider comprehensive reform of these RPMs as well as of the Uniform Dispute Resolution Policy (UDRP). more

China Accuses Washington of Damaging Global Trade With Huawei Sanctions

Today, China accused Washington of damaging global trade with sanctions against the tech giant Huawei and says it will protect Chinese companies. more