Will a Global TAR Make DNSSEC Stick?

Two US Government contractors and the National Institute of Science and Technology have released a white paper, "Statement of Needed Internet Capability," detailing possible alternatives and considerations for a Trust Anchor Repository (TAR) to support DNSSEC deployment. The document was released through the DNSSEC-Deployment Group this week with a request that it be circulated as widely as possible to gather feedback. A Trust Anchor Repository (TAR) refers to the concept of a DNS resource record store that contains secure entry point keys... more

Domain Name Registries Must Do More to Protect Highly-Trafficked Domains

With the recent attacks against high-profile New Zealand domain names including Coca-Cola.co.nz and F-Secure.co.nz, fingers are naturally pointing to Domainz, the registrar of record for these domains, as the party responsible for this lapse in security. While domain name registrars certainly need to ensure the security and stability of their systems, domain name registries must also step up and take responsibility for mitigating risks posed by hackers... more

An IPv6 Update for 2020

The Australian Domain Name Administration, AUDA, recently published its quarterly report for the last quarter of 2020. The report contained the interesting snippet: "The rapid digitization of our lives and economy -- necessitated by COVID-19 -- continued to underpin strong growth in .au registrations. New .au domains created in December 2020 were up 23 percent from December 2019, while total domains under management were up more than 2.1 percent over the same period." more

ICANN Accountability: Beware the Bridge Too Far

Yesterday I had the privilege of delivering the keynote address at the inaugural Internet Society (Canada) Symposium. In my remarks, I took the opportunity to talk about my thoughts on the current status of the IANA stewardship transition and enhancing ICANN accountability processes. Fact is I'm getting increasingly concerned. As we head into what will be a critical meeting of the CCWG-Accountability in Los Angeles today, I fear that the Internet governance community is headed for a showdown, the consequences of which could prove detrimental. more

IPv4: Business As Usual

This year, we expect that the RIPE NCC's pool of unallocated IPv4 addresses will reach the "last /8", meaning that we have 16,777,216 IPv4 addresses left in the available pool. At that point it will no longer be possible for RIPE NCC members to obtain the amount of IPv4 addresses they will require to expand their current and future networks. When we hit the last /8, the RIPE NCC will only be able to distribute IPv6 addresses and a one-off allocation of IPv4 address space... Has this caused a last minute rush? more

Trademarks vs Domain Names: Dictionary Words, Common, Combinations, and Arbitrary Letters

The typical daily accounting of decisions filed in disputes under the Uniform Domain Name Dispute Resolution Policy (UDRP) may include an award or two dismissing complaints (three is particularly noteworthy: weddingfleamarket.com, dme.com, and scheduleflow.com from the Forum for January 20, 2018), but overwhelmingly complaints are granted not dismissed. Let us imagine a trademark or service mark that is neither a dictionary word nor composed of common combinations, would anyone be surprised when the Panel rules in Complainant's favor? more

What Are New gTLD Governance Councils?

Many generic, community and other geographic new domain name extensions (also called "gTLDs" or "generic Top Level Domains") will soon become a focal point for the industry or sector they represent. These simple denominators which define a vertical sector, profession, geographic, ethnic or other delineated group on the Internet have not existed on the Internet until now. These new domain name extensions are moving from the realm of science fiction to science fact: in fact a domain name ending in ".science" will soon exist on the Internet and will clearly contain web sites with a relationship to science. more

Intelligence Exchange in a Free Market Economy

The U.S. Government is causing a huge disservice to protection and defense in the private sector (80%+ of CIKR) by creating an ECS that contains monetary incentive for a few large players to exert undue control over the availability, distribution, and cost of security threat indicators. While there may be a legitimate need for the federal government to share classified indicators to entities for protecting critical infrastructure, the over-classification of indicator data is a widely recognized issue that presents real problems for the private sector. ECS as currently construed creates monetary incentives for continued or even expanded over-classification. more

FCC Accused of Intentionally Lying to Media Saying Net Neutrality Comment Flood Was Cyberattack

The US Federal Communications Commission (FCC) has been accused of purposely misleading several news organizations by claiming that the comment submission section of its website aimed to solicit opinions on net neutrality was taken offline by a cyberattack. more

Current Difficulties With Displaying Internationalized Top-Level Domains

Earlier this week, we inserted eleven new top-level domains in the DNS root zone. These represent the term "test" translated into ten languages, in ten different scripts (Chinese is represented in two different scripts, and Arabic script is used by two different languages). This blog post is not about that. (If you're interested about it, read our report on the delegations.) What I would like to talk about is some of the difficulties we face today in expressing scripts in a consistent way over the Internet... more

Death and Your Online Identity

How large is your digital footprint? If you pulled together your email account, web site, blog, social networking accounts, and every other virtual identity you have online, just how well known are you on the Internet? Have you ever stopped to consider what happens to your online identity when you die? How would your online friends know? What would happen to your accounts and your content? more

The UK Seeks to Enforce Tougher Standards on MSPs

The UK government is proposing new regulations to strengthen cyber resilience in the private sector. Their intention is to expand cybersecurity rules for critical infrastructure (CI) operators to include managed service providers (MSPs), more stringent breach notification requirements, and legislation to establish the UK Cyber Security Council as the standards development organization for the cybersecurity profession. This is a welcomed development, but more details about implementation and enforcement are needed. more

The Future of .COM Pricing

When you've been around the domain industry for as long as I have, you start to lose track of time. I was reminded late last year that the 6-year agreement Verisign struck with ICANN in 2012 to operate .com will be up for expiration in November of this year. Now, I don't for a second believe that .com will be operated by any other party, as Verisign's contract does give them the presumptive right of renewal. But what will be interesting to watch is what happens to Verisign's ability to increase the wholesale cost of .com names. more

New gTLD Brand Congress Emphasizes Consumers and Innovation

The New gTLD Brand Congress held earlier this week in New York provided terrific insight into how brands and New gTLD businesses are approaching the space. We saw evidence of forward movement and decision making. Here are some of the main takeaways from the event. more

Video on How the DNS Works

CENTR, the Council of European National Top Level Domain Registries, has produced the following video to help explain the functioning of the Domain Name System (DNS). more