Inconsistencies in ICANN New TLD Application Fees

In preparation for Monday's Joint Applicant Support (JAS) Working Group call, I spent some time reviewing various documents in connection with what are ICANN's actual costs in reviewing top-level domain name applications. One thing that caught my attention was the following metric in Rod Beckstrom's most recent CEO Monthly One Page Metric Report. more

Why Overseas Registries Shouldn’t Worry About China’s New Domain Name Regulation

On March 25th, 2016, the Ministry of Industry and Information Technology (MIIT) officially posted its revisions to the "Chinese Measures for the Administration of Domain Names" (2016 edition) for public comment. A decade has gone by since the latest administration measures were introduced in 2004 (2004 edition). Registries and registrars have been longing to see this update for a while, and it is therefore no surprise that the new edition has drawn substantial attention at home and abroad. more

The Mission Has Already Crept

ICANN's mission, and the avoidance of "mission creep", is currently the subject of intense debate in the Internet community. Multiple cross-community working groups are dealing with the proposal by an agency of the United States government, NTIA, to give up the last vestiges of its control of the IANA function. Many of the new organizational structures under consideration purport to deal with ICANN's expanding mission. more

How to Preserve the .org Registry’s Integrity in the ISOC Sale of PIR

This article addresses the issues around the planned sale of the PIR .org registry by ISOC. It examines the history and issues plus looks at several possible paths forward, including PIR becoming a Benefit Corporation (B-Corp) and identifying possible alternative buyers who could retain PIR's non-profit status. Before Tim Bernier-Lee brought the HTML markup language to the Internet, starting in 1989, there were few registered domain names. Access for public registration started in 1986, and by December, there were about five dozen registered .com domain names.  more

Revisiting How Registrants Can Reduce the Threat of Domain Hijacking

Recent events have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted, there are many security controls that registrants can utilize to help strengthen their security posture. Verisign would like to reiterate this advice within the context of the recent domain hijacking reports. Domains are an important element of internet infrastructure; their functionality and security rely upon many factors such as their delegated name servers. more

Global DNS Record Manipulation, Hijacking Campaign at Massive Scale Linked to Iran

A wave of DNS hijacking is reported to have affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. more

Cisco Issues Hight Alert on IPv6 Vulnerability, Says It Affects Both Cisco and Other Products

Cisco today released a high-level alert warning about a vulnerability in IPv6 packet processing functions of multiple Cisco products that could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. more

VoIP: Beyond Digital POTS

I've been involved with VoIP technology since 1996. I've been a public advocate for wideband audio at least since 1997. And I've admired and supported a variety of companies using VoIP to provide innovative services and new user interfaces. But reflecting on the past decade, the only globally significant impact of VoIP has been on prices (by fostering arbitrage). Most VoIP telephony services are just digital POTS... more

Peering into Fast Flux Botnet Activity

Together with Thorsten Holz, I recently published a paper on fast flux botnet behaviors, "As the Net Churns: Fast-Flux Botnet Observations," based on data we gathered in our ATLAS platform. Fast flux service networks utilize botnets to distribute the web servers to the infected PCs... One of the most well known fast flux botnets has been the Storm Worm botnet, which uses the zombies to spam, send out new enticements to infect users, and to host the malicious website which delivers the malcode. more

ICANN’s Auction Piggy Bank Just Got Twice As Big

Kieren McCarthy reports in The Register that an obscure Panamanian company paid $30 million for .BLOG in the January 21 domain auction. ICANN's web site confirms that the domain did go to the Panamanian company. It doesn't report the amount, but Kieren's sources are usually correct. If so, the auction proceeds piggy bank just doubled from $30M to $60M dollars, and ICANN still has no idea what to do with it. more

When Having a Voice Isn’t Enough

In Brussels on Friday, an esteemed panel of experts got together to discuss the challenge of improving ICANN's accountability. It's just too bad nobody from ICANN came by to hear it. ... While their prescriptions varied widely, the panelists were remarkably similar in their diagnoses - namely, that ICANN has yet to meet the fundamental challenge of making its board and staff accountable and answerable to the community that it is intended to serve. more

Will Harding’s Mistakes in International Telecommunication Cooperation be Repeated?

The International Telecommunication Union recently began a well-deserved celebration of one of the real success stories in international cooperation -- the 110th anniversary of the Radio Regulations as a treaty instrument. An ITU publication describes the historical highlights. Global cooperation among governments in managing radio spectrum via the Radio Regulations has been generally regarded as essential from the outset in the early years of the 20th Century and remains so today. more

The Emergence and Consolidation of a Jurisprudence of Domain Names

One of the fallouts of disruptive inventions is the need for new laws to counter their unexpected consequences. As it concerned the Internet, these consequences included a new tort of registering domain names identical or confusingly similar to trademarks and service marks with the intention of taking unlawful advantage of rights owners. Prior to 2000 the only civil remedy for "cybersquatting" or "cyber piracy" was expensive and time-consuming plenary actions in courts of competent jurisdiction under national trademark laws. more

Domain Names Users vs Domain Names Registrants

Antony Van Couvering from names@work writes that ICANN's constituencies are a "bad idea". While I am not sure to agree with him on the general principle, he makes some interesting remarks. Among others, he points out that the Generic Names Supporting Organization (GNSO) includes groups that seem to be redundant (the Business and Intellectual Property constituencies) and others like domainers which are not represented in the ICANN arena, yet are an integral part of the domain name business... more

Starting a New Conversation on Cybersecurity

The cybersecurity debate can be highly confusing at times. There is perhaps an analogy to be made between "Cybersecurity" and "The Economy". We all want to fix the economy but making progress is not an easy task. As soon as you are beyond that statement you notice that there is a lot of nuance. Issues like trust, influence, actors, and affectivity all come to play when you want to fix the Economy. The cybersecurity discourse has similar features. more