U.S. Office of Management and Budget released a memo today establishing a program to reduce "duplicative efforts, inconsistencies and cost inefficiencies when assessing and authorizing cloud systems." The initiative called, Federal Risk and Authorization Management Program (FedRAMP), is aimed to develop a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services through standardized security requirements and controls. more
On Thursday, December 8, the U.S. Senate Committee on Commerce, Science and Transportation will host a full committee hearing on "ICANN's Expansion of Top-Level Domains." According to the Committee's website, the hearing will "examine the merits and implications of this new program and ICANN's continuing efforts to address concerns raised by the Internet community." more
The Association of National Advertisers (ANA) has shifted its campaign against ICANN's new gTLD program to YouTube with a video from its President accusing the organization of "lying" about having reached a consensus over its plans, reports Kieren McCarthy at .Nxt. "The video ends with a dramatic statement, clearly devised to produce stories such as this one: 'So we'd like to say to ICANN: your claim for consensus it wrong, it is false, it is a lie." more
"There is a serious danger that ICM will establish and monopolize such a distinct market. As consumers seeking adult content become more aware of the .XXX TLD, registering and displaying websites in other generic TLDs may not easily be substituted for registration in the .XXX TLD." No that statement is not from the ICM Registry's sales material. more
Since November of last year we have been discussing the problem of illicit and illegal online pharmacy support by ICANN-accredited Registrars. In several articles and direct contact with the Registrars we have tirelessly tried to convey the seriousness of this problem, many listened, some did not... With the background information already known, the case presented here is much more specific and concerns EvaPharmacy, which was until recently, the world's largest online criminal pharmacy network. more
While Occupy Wall Street and other groups representing the so-called 99% are getting most of the press, the 1% is raising its profile as well, at least when it comes to gTLDs. They are complaining that introducing global choice and competition to the Internet will cost them money. The chief of the Association of National Advertisers (ANA) now says that it has "spent the last few months" considering the new gTLD program, and has found it lacking. They want ICANN to shut the whole thing down. more
In a move that shouldn't come as a surprise to anyone, the EU Commission has given a rather mixed welcome to the IANA bid. While they obviously like a lot of what they are seeing, they're also not overly impressed with the contract only being open to US companies. more
In politics, as in Internet policy, the most effective weapons are also the oldest. So when it came time for hard-line intellectual property advocates to make a desperate last stand against the new gTLD program, it came as no surprise they turned to the atomic bomb of rhetorical devices: FUD. FUD stands for "fear, uncertainty and doubt" and it is the tool of last resort when change is coming and you want to stop it. The theory is simple: the human response to fear is to cling to what's familiar and oppose what's new. So if you can scare enough people about the potential effects of a new policy or law, you stand a pretty good chance of preventing it from ever going into effect. more
In a conference hosted by the Coalition Against Domain Name Abuse (CADNA) on Tuesday, discussions were held concerning ICANN's upcoming new gTLD Program. CADNA President Josh Bourne said: "ICANN has an image problem. Businesses are outright angry with ICANN because of the way that this program has been structured. We are not trying to derail the rollout of new gTLDs altogether, but rather, we are proposing an opportunity for ICANN to make this Program much less detrimental to brands and businesses..." more
Applying for a new generic Top-Level Domain (gTLD) will be expensive and complex. ICANN's Applicant Guidebook comprises 350 pages of dense instructions, spelling out the procedures to apply for a gTLD and to comment or object to the gTLDs applied for by others. Hidden among the forest of criteria and procedures is a problem that, unless solved, could deny good faith applicants the fair notice they deserve. more
For those interested in encouraging innovation in the domain name space -- which presumably includes the ICANN community currently convening in Dakar -- the recent episode in which VeriSign proposed, and then quickly withdrew, a bundle of new services (the VeriSign anti-abuse domain use policy) raises important issues that will be revisited as new gTLDs are introduced. Some of those issues are referenced in a recent blog post by Milton Mueller, but his emphasis on "due process" suggests a regulatory framework that is not friendly to innovation. more
There may be no better illustration of how far we've come in Internet governance, than this: twice in the past 30 days, the global Internet community has gathered in sub-Saharan Africa to plot a path to bring the Internet to its next billion users. Just weeks after wrapping up the sixth annual Internet Governance Forum (IGF) in Kenya, Internet stakeholders from around the world traveled back to Africa for ICANN's 42nd meeting in Dakar, Senegal. more
Mainsleaze is nerdy slang for spam sent by large, well-known, otherwise reputable organizations. Although the volume of mainsleaze is dwarfed by the volume of spam for fake drugs, account phishes, and Nigerian 419 fraud, it causes work for mail managers far out of proportion to its volume... The problem with mainsleaze is that it is generally mixed in with mail that the recipients asked for, and there's no way to tell the difference mechanically. more
Too many techies still don't understand the concept of due process, and opportunistic law enforcement agencies, who tend to view due process constraints as an inconvenience, are very happy to take advantage of that. That's the lesson to draw from Verisign's proposal and sudden withdrawal of a new "domain name anti-abuse policy" yesterday. The proposal, which seems to have been intended as a new service to registrars, would have allowed Verisign to perform malware scans on all .com, .net, and .name domain names quarterly when registrars agreed to let them do it. more
It has been about six months since I got together with four of my friends from the DNS world and we co-authored a white paper which explains the technical problems with mandated DNS filtering. The legislation we were responding to was S. 968, also called the PROTECT-IP act, which was introduced this year in the U. S. Senate. By all accounts we can expect a similar U. S. House of Representatives bill soon, so we've written a letter to both the House and Senate, renewing and updating our concerns. more
A World-Renowned Source for Internet Developments. Serving Since 2002.