ICANN’s Contract Not Enforceable on WHOIS Accuracy

This may or may not come as a shock to some of you, but ICANN's contract with the Domain Name Registrars, in terms of WHOIS inaccuracy is not enforceable. Bear with me. The ability of ICANN to enforce against a Registrar who fails to correct or delete a domain with false WHOIS does not exist. more

Branding with New gTLDs: The Next Marketing Frontier

New gTLDs can be an efficient way to immediately propel a registrant's online relevance and profitability. Registrants are the companies, organizations and individuals who seek to better utilize the Internet to reach their goals. Marketing Professionals acting on their behalf should understand that protection mechanisms for new gTLDs have been created by ICANN. New gTLDs are powerful and inexpensive marketing tools that have improved measures of online stability and security... more

HTTPS Web Hijacking Goes From Theory to Practice

I've been privately talking about the theoretical dangers of HTTPS hacking with the developers of a major web browser since 2006 and earlier last month, I published my warnings about HTTPS web hacking along with a proposed solution. A week later, Google partially implemented some of my recommendations in an early Alpha version of their Chrome 2.0 browser... This week at the Black Hat security conference in Washington DC, Moxie Marlinspike released a tool called SSL Strip... more

If It’s About to Break, Fix It!

The UN's WSIS Prepcomm in Geneva has ended on a divided note. The US Government's Ambassador Gross pre-announced war-cry "The United Nations will not be in charge of the Internet. Period." had been met by a nearly unanimous global response from nations for some sort of government control of the Internet on a multilateral basis. A raft of proposals to alter the current situation are on the table -- most of them fairly benign, but none supportive of the indefinite continuance of unilateral US control of the root zone authorisation. more

Domain Owners Lose Privacy

As facts unfold, and the NTIA's decision to take away our privacy comes to light, it is interesting to see the NTIA struggling to explain its decision. Keep in mind that an "as yet to be identified" bureaucrat made this decision to take away your privacy, did it without notice, and without holding hearings. Those affected were not given an opportunity to explain how the loss of privacy would negatively affect them. Quite simply, this is NOT how our government is supposed to work. We should be outraged... more

Why ICANN Nominating Committee Has Difficulty Finding Directors

The amount of time one spends actually working for ICANN is enormous. And that limits the people who can actually work for ICANN as directors. I say "work", but you should know that this is not a paid work. Nope. It's being performed for free -- we dedicate our time and skills to ICANN free of charge. Many people ask me "What is it like to be on the Board of ICANN?" Here is my response, with some astonishing data. more

The Future of the Internet Economy: Chapter 2

The OECD held a "high-level" meeting in June 2011 that was intended to build upon the OECD Ministerial on The Future of the Internet Economy held in Seoul, Korea in June 2008. I was invited to attend this meeting as part of the delegation from the Internet Technical Advisory Committee (ITAC), and here I'd like to share my impressions of this meeting. This 2 day meeting, "The Internet Economy: Generating Innovation and Growth", had the objective of exploring a number of current issues in the public policy space... more

Is the Risk Real With the New gTLD Program? (An Interview with Verisign)

It's late in the new gTLD day and the program looks to be inching ever closer to the finish line. Yet last minute hiccups seem to be a recurring theme for this ambitious project to expand the Internet namespace far beyond the 300 odd active TLDs in existence today (counting generics and country codes). A drive for growth which is already underway, with 63 gTLD contracts now signed as of mid September... But will those users find themselves at greater risk because of this namespace expansion? That's what several parties have been asking in recent months. more

Ye Olde DNS

I've been writing about the intrinsic problem with the use of the DNS as both a technical mechanism and as a source of unambiguous meaning and authority. The problems are much worse than most of the posters seem to note. The current approach assures that the Internet will unravel and worse, that URLs become perversely reused. The commercial terms of service associated with the use of ".com" names exacerbates the problem by imposing arbitrary social policies into the plumbing of the Internet. more

Ukrainian Representatives to ICANN Ask for Russia’s Domain to Be Revoked, Local DNS Root Servers Shut Down

A letter sent to ICANN and IANA by a Ukrainian representative to ICANN’s Government Advisory Council (GAC) asks for urgent and strict sanctions against the Russian Federation in “the field of DNS regulation.” The letter urges ICANN to permanently or temporarily revoke Russia’s top-level domains “.ru”, “.рф” and “.su” and to shut down DNS root servers located in Saint Petersburg and Moscow. more

ICANN Launches Russia’s Top-Level Domain in Cyrillic Characters

The first Internet domains using the Cyrillic script were launched on May 13 after Russia was officially assigned the .?? (.rf, for "Russian Federation") domain by the global Internet governing body. Representatives of the Internet Corporation for Assigned Names and Numbers (ICANN) handed Russia its Cyrillic domain administration certificate at an Internet forum that kicked off in Moscow. more

Why Can’t We Make the Internet Secure?

In a discussion about a recent denial of service attack against Twitter, someone asked, "Some class of suppliers must be making money off of the weaknesses. Anybody out there have a prescription for the cure?" Sure, but you're not going to like it. The Internet was originally a walled garden, where its operators knew who all the users were and could eject anyone who misbehaved... more

Time to Renew .coop, .museum, and .aero ICANN

Way back in 2000-2001, ICANN approved a handful of new top level domains, and entered into agreements with their promoters. Three of the sponsored domains, are coming up for renewal next year, so they've sent in their renewal proposals. A sponsored domain is one that restricts who can register to members of a particular community, in this case respectively co-ops, museums, and the airline industry. Let's take a look and see how they're doing. more

Policy Failure Enables Mass Malware: Part II (ICANN and OnlineNIC)

On Wednesday September 29th at 1PM there will be a meeting in the Old Executive Building in Washington D.C. with Registries and domain Registrars to discuss illegal Internet sales of prescription drugs. ICANN was originally invited but declined because citing "inappropriateness" . One "U.S." Registrar who definitely will not be in attendance is OnlineNIC more

How DANE Strengthens Security for TLS, S/SMIME and Other Applications

The Domain Name System (DNS) offers ways to significantly strengthen the security of Internet applications via a new protocol called the DNS-based Authentication of Named Entities (DANE). One problem it helps to solve is how to easily find keys for end users and systems in a secure and scalable manner. It can also help to address well-known vulnerabilities in the public Certification Authority (CA) model. Applications today need to trust a large number of global CAs. more