Enabling Privacy Is Not Harmful

The argument for end-to-end encryption is apparently heating up with the work moving forward on TLSv1.3 currently in progress in the IETF. The naysayers, however, are also out in force, arguing that end-to-end encryption is a net negative... The idea of end-to-end encryption is recast as a form of extremism, a radical idea that should not be supported by the network engineering community. Is end-to-end encryption really extremist? Is it really a threat to the social order? more

End-to-End Email Encryption - This Time For Sure?

Phil Zimmerman's Pretty Good Privacy (PGP) and its offspring have been encrypting and decrypting email for almost 25 years -- but require enough knowledge and determination to use them that adoption has never taken off outside the technoscenti. Now initiatives from several quarters aim to fix that -- but will it all "just work," and will end users adopt it even if it does? more

Protecting an Enterprise from Cyber Catastrophe

We are suffering an epidemic of cyberattacks while in a viral pandemic. This post is for those who have responsibility for assuring that the IT-based services offered by their enterprise can quickly recover in the case of successful cyber-attack or other disaster. University of Vermont Medical Center (UVMMC) is an excellent hospital. I owe my life to treatment there and am grateful for both the skill and the kindness of UVMMC staff. They have been devastated by a cyber-attack. more

Good is Better than Perfect in ICANN Accountability

In the next few months, ICANN will have a concrete opportunity to improve its accountability and transparency by enacting the recommendations of the Accountability and Transparency Review Team (ATRT). Those recommendations may not be perfect, but if the history of the ICANN process is any indication, we can't afford to let the perfect be the enemy of the very good. more

IPv6 Adoption Grows By 1900% - Primarily Due to Domain Name Registrar Support

The percentage of zones under .com, .net and .org that support IPv6 has increased by 1,900% over the past 12 months according to a new census conducted by the Measurement Factory, sponsored by Infoblox. According to the census, this dramatic increase can be primarily attributed to the introduction of support of IPv6 by a single domain name registrar, Go Daddy. more

Privacy and Security - Five Objectives

It has been a very busy period in the domain of computer security. With "shellshock", "heartbleed" and NTP monlink adding to the background of open DNS resolvers, port 445 viral nasties, SYN attacks and other forms of vulnerability exploits, it's getting very hard to see the forest for the trees. We are spending large amounts of resources in reacting to various vulnerabilities and attempting to mitigate individual network attacks, but are we making overall progress? What activities would constitute "progress" anyway? more

Censorship, Email and Politics

Spamfiltering blocks email. This is something we all know and understand. For most people, that is everyone who doesn't manage an email server or work in the delivery field or create spamfilters, filtering is a totally unseen process. The only time the average person notices filters is when they break. The breakage could be blocking mail they shouldn't, or not blocking mail they should. more

Appearing Respondents Called Out as Cybersquatters

UDRP complainants prevail in the range of 85% to 90% which approximately correlates with the percentage that respondents default in responding to complaints. The annual number of complaints administered by ICANN providers has been hovering around 4,000 +. Astonishingly, the number has remained steady for a good number of years despite the phenomenal increase... Compared to the whole, there are a relatively small number of contested disputes, perhaps in the annual range of 400 to 500, and of those a larger percentage are called out as cybersquatters. more

Innovation Today is IN the Network

The largest and most important global information infrastructure today by any measure is clearly the global mobile network and all of its gateways, services, and connected devices. That network is standardized, managed, and energized by a combination of the 3GPP and GSMA. The level of 3GPP industry involvement and collaboration today probably exceeds all other telecom, internet, and assorted other bodies put together... and then some. more

Cuba Getting Faster YouTube Access in Next 24 Hours, Thanks to Deal Signed in December

In the December of last, Cuba singed a deal with Google to enable faster access to content served via its popular platforms such Gmail and YouTube. more

GDPR and What Comes Next: The Parade of Horribles

The compliance deadline for the European Union's General Data Protection Regulation (GDPR) is nearly upon us, the unveiling of a proposed model to bring WHOIS into compliance is said to come from ICANN next week, and everyone is scrambling to understand all that's involved. Implementation of a revised WHOIS model is clearly on the horizon, but what comes after may be the real story! Specifically, if WHOIS information becomes more than nominally restricted, what's the consequence to the data controllers (ICANN and the contracted parties) who implement this revised model? more

The Internet’s Obesity Crisis

In 2001, I published a report on website weights and their impacts on website performance. Why you might ask, was I researching website weights all the way back in 2001... At the time, in the United States and many other countries, homes and businesses were in the process of upgrading from dial-up internet connections to broadband connections. Because businesses were on the leading edge of this upgrade, many web teams designed fancy new websites that relied heavily on images and this fancy new technology known as Flash. more

A Three-Step Process to Chase Compulsive Domain Brand Squatters

Domain brand squatting can be defined as the unauthorized or dishonest use of a brand or company identifiers in domain names. It is often linked to the use of look-alike domains in bad faith, and we see it all the time. The threat actors behind these domains are called different names, though a prevalent one would be “typosquatters.” The Hot on the Trail of Compulsive Brand Squatters webinar showcased how these people are infiltrating the Internet. The first page of PhishTank’s valid phish search alone as of this writing tells us that domain brand squatting is a real and present danger. more

When No Action Is the Wisest Action (ICANN Does Good)

Although ICANN is now getting a lot of ridicule for the "glitch" in its TLD application System, it deserves some praise and respect for the results of its April 10 board meeting. In that meeting, the board showed the involved community - and the rest of the world - that it is no longer going to be stampeded by extra-procedural political pressure to make yet another round of hasty amendments to its new TLD program's policies and procedures. more

ICANN Must Now Decide String Similarity Question

Yesterday, a decision on a string confusion objection was reached by a dispute resolution provider that resulted in a scenario that ICANN and the Applicant Guidebook had not addressed - conflicting opinions have been rendered by expert panelists ruling on the exact same pair of strings. One of our applications now hangs in the balance. The expert panelist for the International Centre for Dispute Resolution (ICDR) assigned to decide the string confusion objection filed by VeriSign against United TLD's .CAM application, issued a decision sustaining VeriSign's objection that .CAM and .COM are confusingly similar. more