IANA: The World Loses if the Technical Industry Checks Out

On Friday, 14 March 2014, the U.S. Department of Commerce National Telecommunications and Information Administration (NTIA) announced its intention to transition the IANA functions to the global multistakeholder community. As expected, the announcement has sent adrenaline coursing through the veins of Internet governance experts and government policy people the world over. I'd argue, however, that it is an important point for the Internet's technical experts to sit up and take notice, as well: the fact that you are probably saying "what problem does this solve?" is a testimony to how much works well today, and we want to make sure it continues to work well in any future arrangements. more

SpaceX Starlink in Ukraine – a Week Later

Last week I wrote about the arrival of a truckload of SpaceX Starlink terminals in Ukraine and their potential value to government and resistance leaders. A lot has happened in the ensuing week - this is an update. Last week, using Mike Puchol's Starlink tracking service, I found that users in Kyiv would have 100 percent uptime with connections through as many as nine satellites to ground stations in Turkey, Poland, and Lithuania. more

Protecting Your Brand in the New World of NFTs

Months ago, while watching a Saturday Night Live skit about non-fungible tokens (NFT) featuring a parody of Janet Yellen speaking to a high school economics class, I realized what an NFT is and how they work. What they represent, how they are minted, and how their value is exchanged became clear while watching Pete Davidson in a boy wonder unitard rap about the latest crypto-phenomena. It was only later that I realized that NFTs have plenty of practical applications. more

ITU’s Landmark Decisions

The ITU, through its Council acting as the executive body of the Member States, made a "landmark decision" to make available to the public "the main [WCIT] conference preparatory document" and to establish a publicly accessible page "where all stakeholders can express their opinions" on the preparatory document or other WCIT-related matters. more

IANA Checkmate - Fool Me Once, Shame on You, Fool Me Twice Shame on Me

In connection with the recent publication of the IANA RFP, there have been some commenters that have proclaimed that removing the requirement of the Contractor to document the consensus of relevant stakeholders in connection with the delegation of new gTLDs from the original draft Statement of Work as a win for ICANN. However, when reading the recently revised IANA RFP language in light of the Government Advisory Committee (GAC) Dakar Communiqué, a rather compelling legal case can be made... more

Leveraging Trademark Data to Drive Domain Name Strategy

For years, corporate domain name portfolio managers have struggled with determining whether or not their portfolios were the "right" size. Managers of mature domain name portfolios have often felt that their portfolios were bloated, containing domains that were no longer needed. Conversely, domain managers of newer portfolios have sometimes known that gaps existed. Regardless, the question remains -- just how many domains should a corporate portfolio contain? more

Growth in IPv6-Capable DNS Infrastructure

In our last post on CircleID we showed encouraging growth in the number of IPv6-enabled networks. But announcing an IPv6 prefix is only one of the first steps a network operator should take when deploying IPv6. For a full IPv6 deployment, IPv6 needs to be enabled on network infrastructure and made available to end users. One key piece of infrastructure for which we can measure IPv6 capabilities are DNS resolvers. more

Ending Cyber-Hubris

Hurricane Katrina will lead the endless finger pointing about what should have been done to strengthen the levees before the storm. However, as a former senior FEMA official under the Clinton Administration explained, "There's only two kinds of levees. Ones that have failed and those that will fail." The same is true for cyber-levees.  more

Managing Internet as a Shared Resource: Reasonable Technical Constraints?

The internet is a shared resource. Different access providers begin mixing traffic at different places, but sooner or later, my internet gets mixed into yours. The Canadian Association of Internet Providers (CAIP) application to the Canadian Radio-television and
Telecommunications Commission (CRTC) seems to acknowledge this shared nature with its reference (at paragraph 50 of its application) to the description of the Gateway Access Service its members resell, a description complete with a graphic of a cloud -- a sign that the resource is being shared... more

Another Free Registry Software Option

Google has recently announced the release of Nomulus, its free, open source registry software, triggering discussion of its impact on the industry. Afilias has over 15 years of experience in registry operations, and offers the following initial thoughts... First, free registry software is not new.CoCCA has offered this option for years, and TLDs such as .CX (Christmas Island) and .KI (Kiribati) use it. It is supported on a "best efforts" basis and appears to meet the limited needs of a few small operators. more

The Dubai Debacle: Does It Matter?

The second phase of the Dubai Debacle is now well underway. The first of the ITU-T bodies, the World Telecommunication Standardization Assembly (WTSA) finished its ten day meeting. The second body, the World Conference on International Communication (WCIT) completed its second day. WTSA shapes the ITU T organization and detailed agenda, while the WCIT gives it a treaty-based construct with regulatory mandates. WTSAs occur every four years; WCITs every twenty-five - although there is a proposal to hold them more frequently. more

Should You Whitelist Your Vulnerability Scanning Service Provider?

Unlike consultant-led penetration testing, periodic or continual vulnerability scanning programs have to operate harmoniously with a corporation's perimeter defenses. Firewalls, intrusion prevention systems, web proxies, dynamic malware analysis systems, and even content delivery networks, are deployed to protect against the continuous probes and exploit attempts of remote adversaries -- yet they need to ignore (or at least not escalate) similar probes and tests being launched by the managed security service providers an organization has employed to identify and alert upon any new vulnerabilities within the infrastructure or applications that are to be protected. more

Top 3 New Requirements to the TLD Evaluation Criteria and What They Mean for Applicants

Three sections of the redlined version of the Draft Evaluation Criteria for new Top-Level Domains (TLDs) caught my attention. It seems ICANN wants to ensure it has information to not only evaluate and score responses, but to conduct a post-launch analysis of the program's success in terms of expanded competition, consumer choice and trust. That additional information means more work by both the applicant and for ICANN. But it's a good move because pre-launch preparation and thought staves off mishaps and misfortunes later. more

More Than Half Top-Level Domains Not Really on Top of IPv6

At the recent ISOC Asia conference in Kuala Lumpur a rather innocuous coffee break question was raised: could any one around the table name some of the major Top-Level Domains (TLDs) still delinquent in their IPv6 support? Nobody could answer on the spot but the question intrigued me. A logical place to start looking for an answer was ICANN. more

The Untold History of the First Cyber Moonshot

A dialogue between Michael Warner (Historian, United States Cyber Command) and Tony Rutkowski (Cybersecurity engineer, lawyer and historian). Michael is chairing a cyber history panel at the October biennial Symposium on Cryptologic History hosted by the National Security Agency; his panel will include discussion of the almost unknown key role of cryptologist Ruth Nelson leading a team in the 1980s in a major initiative to secure public internet infrastructure. more