How DANE Strengthens Security for TLS, S/SMIME and Other Applications

The Domain Name System (DNS) offers ways to significantly strengthen the security of Internet applications via a new protocol called the DNS-based Authentication of Named Entities (DANE). One problem it helps to solve is how to easily find keys for end users and systems in a secure and scalable manner. It can also help to address well-known vulnerabilities in the public Certification Authority (CA) model. Applications today need to trust a large number of global CAs. more

Designing Secure Networks with Cisco Technology, Part 4

In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more

Vox Populi Registry Says “Enough” About .SUCKS Accusations

Vox Pop Registry, the .sucks TLD operator, broke its silence today and has sent a letter to ICANN and government agencies in response to the extortion accusations."There has been much said lately about Vox Pop Registry, the company bringing dotSucks names to the Internet, not all of it flattering, some of it outright false and defamatory," says John Berard, CEO of Vox Populi.  more

UNESCO Director-General on Linguistic Diversity on the Internet: Main Challenges Are Technical

Today, Irina Bokova, Director-General of UNESCO has released a statement concerning the linguistic diversity on the Internet stating: "UNESCO's experience and the 2012 study of the use of internationalized domain names undertaken with EURid show that the main challenges are technical. Obstacles lie with Internet browsers that do not consistently support non-ASCII characters, with limited e-mail functionality, and with the lack of support of non-ASCII characters in popular applications, websites and mobile devices." more

Freedom of Expression Part 1: Hate Speech, Linehan, Trans as a Protected Class in California

Graham Linehan was banned from Twitter last week. Graham Linehan is an Irish writer and creator of Father Ted and Black Books. Twitter closed Graham Linehan's account for tweeting "men aren't women though" which twitter perceived as "hate speech" and offensive to the Trans community. Context always shapes meaning, and so I thought it would be useful to explore how hate speech is interpreted in California and then to see how it is treated in Fiji. more

Analyzing Data for Business and Security Signals

Domain name registries and registrars play a critical role in the functioning of the internet, serving as gatekeepers to the DNS. As such, they have an important responsibility to ensure the security and stability of the DNS but also to promote the use of a domain name in a meaningful way for the end user. To be more efficient in achieving these goals, the domain name industry has started to become more open to the idea of leveraging their own internal data to gain insights about their current business. more

Akamai Reports 460 Times Increase in IPv6 Requests Over Its Platform Since Last Year

In its latest State of the Internet report, Akamai has highlighted industry numbers showing imminent global exhaustion of IPv4 addresses. Report has also identifies 460 times increase in IPv6 requests over Akamai's platform from June 2011 – June 2012. A fair amount of the IPv6 request growth is attributed to the "World IPv6 Launch" event held on Jun 6, 2012 organized by the Internet Society. more

President of Tucows in Response to SiteFinder

I have been thinking a lot about stewardship lately in my role as CEO of Tucows and how that relates to employees, a board of directors and investors. Where I've got to, which is not necessarily relevant for this post, is that stewardship needs to exist at EVERY level of a company and a life. With the recent dustup created by Verisign's new Sitefinder service it has crystallized for me what has always bothered me about the .com/.net registry and the way Verisign has approached it.
 more

The Ultimate Solution to Internet Governance: Let ITU and ICANN compete

Controversies over ICANN led to the creation of the Working Group on Internet Governance, but so far there have been few specific proposals for change. The Internet Governance Project has entered that breach with a new policy paper: "What to Do About ICANN: A Proposal for Structural Reform." The proposal, by Hans Klein and myself, proposes three clean, clear but probably controversial solutions to the criticisms that have been made of ICANN. more

2050: The Internet Odyssey - How We Lost It and a Way to Get It Back

The Internet was replaced by a dual system created in 2014: a fiber optic network called "Net2Cash". It has a speed of one hundred Petabits per second (equivalent to 100 million Gigabits per second or 100,000 million Megabits per second). We no longer talk about Megabytes or Gigabytes because that is old school. Nowadays a couple of Exabites store the content of all written by man, from books and newspapers to Sumerian clay tablets; from Inca quipus and Egyptian hieroglyphs to all homework made by kids registered in elementary school. more

Finally the .com Discussion is Over…

Well, at least one part of it. As ICANN has announced, the Board approved the VeriSign Settlement Agreement. Now, there will be many questions, many pros and contras, but for me the main question is that finally this discussion is over. Here's what I think about my vote and the agreement itself.  more

Why Isn’t Mobile Malware More Popular?

This is a followup to Wout de Natris' as usual excellent piece on the Enisa botnet report -- pointing out the current state of mobile malware and asking some questions I started off answering in a comment but it grew to a length where I thought it'd be better off in its own post. Going through previous iterations of Mikko's presentations on mobile malware is a fascinating exercise. more

Perfect Information: Involving Registrants in the Expiring Domain Names Market

This proposal outlines the creation of a new market for the efficient disposal of domain names that are about to expire and how Registrants are best included as an integral part of this process. This document does not make any proposals regarding the existing primary or secondary markets for domain names. Further, this proposal is not intended to criticise, condemn or make any declarations about the appropriateness of any particular primary or secondary market business models. more

“It’s Always DNS!” Why DNS Is the Biggest Single Point of Failure in the New Norm

Many in the network security field may be familiar with the phrase: "It's always DNS."  This is a popular meme within the industry, often making reference to the internal domain name system (DNS), the dynamic host configuration protocol (DHCP) part of a company's online network, that whenever there is a network issue, it's always an issue with DNS. more

A Safe Pharmacy Environment in the Digital Age

Today's ever-evolving, digital world has fundamentally changed, enhanced and challenged the way in which businesses all over the world must operate. For organizations and professions that have existed for centuries, this has created the opportunity and the test of adapting to change to remain successful and relevant. The National Association of Boards of Pharmacy (NABP) was founded in 1904, at a time when there was little uniformity in the practice of, or standards for pharmacy. more