Privacy / Recently Commented

Whois Policy Reform Advances

The Associated Press reports this week on ICANN developments involving the Whois reform. The Whois database, which displays domain name registrant information including names, addresses, phone numbers, postal and email addresses, has been the subject of years of debate within ICANN as many in the Internet community have expressed concerns about the mandatory disclosure of such personal information. The Generic Names Supporting Organization (GNSO) has successfully pushed for reform, though it is uncertain how the ICANN board will respond. more

.XXX is Back on the Radar Screen

The DoC seems to have finally realized it went too far by using ICANN to serve the interests of some conservative groups, as mentioned in a previous post. The new story is now that the ICANN board did not reject the .XXX application as such, but only the agreement negotiated between ICM Registry and the ICANN staff at that time. How subtle these things are... more

The DNSSEC “Onus of Reality Check” Shifted to gTLD Administrations by ICANN

Last month, there was an exchange of letters between a gTLD administration and ICANN about DNSSEC deployment. This gTLD administration is PIR or Public Interest Registry, the gTLD administration for the .org TLD. Interestingly, PIR is a non-profit organization that makes significant contributions to ISOC (Internet Society) initiatives: thus, both ICANN and PIR are organizations dedicated to the well-being of the Internet. more

New WHOIS Definition Survives Marrakech ICANN Meeting

For now, it appears that the new, more technically focused and privacy-friendly definition of the purpose of Whois survived the Marrakech meeting. The U.S. Government and the copyright and law enforcement interests mounted a major onslaught against the Generic Names Supporting Organization (GNSO) action, using the Governmental Advisory Committee (GAC) as their pressure point.  more

DNSSEC Deployment at the Root

The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer. more

Why Don’t GAC Representatives Follow Their Own National Law?

A few weeks ago ICANN's domain name policy making organ (the GNSO) decided that the purpose of Whois was domain name coordination and not compulsory surveillance of domain name registrants. The US and Australian governments expressed their opposition. The US government's lack of concern for privacy is well known. But what about Australia? The Australian ICANN Governmental Advisory Committee (GAC) representative, Ashley Cross, tried to use his authority as "a government" to intimidate the GNSO, sending it a message announcing that "Australia" supports a broader definition of Whois purpose that gives ICANN a blank check... What does "Australia" really support, however? more

Help! This is Not an Emergency

I like the drift of the Pulver/Evslin proposal on emergency communications, and wish there was as vigorous a debate going on over here. I just hope we in the UK aren't jerked out of complacency by some major disaster -- although widespread use of pre-paid cellular means the problem of sunken landlines isn't as acute. Yet I can't help but wonder why the poor public has to wait for a disaster before they're given partial control over how their number maps to different destinations and services. Why can't I get a voicemail service from someone other than my connectivity provider? Why is ENUM hostage to the telcos, whose interest lies in ensuring that new services can only come from them? more

Examining Two Well-Known Attacks on VoIP

VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more

ENUM: Mapping the E.164 Number Space into the DNS

Many communications networks are constructed for a single form of communication, and are ill suited to being used for any other form. Although the Internet is also a specialized network in terms of supporting digital communications, its relatively unique flexibility lies in its ability to digitally encode a very diverse set of communications formats, and then support their interaction over the Internet. In this way many communications networks can be mapped into an Internet application and in so doing become just another distributed application overlayed on the Internet. From this admittedly Internet-centric perspective, voice is just another Internet application. And for the growing population of Voice over IP (VoIP) users, this is indeed the case... more

Telecom Policy Review Panel Calls For Net Neutrality Legal Safeguards

The Telecommunications Policy Review Panel report [Canada] was released yesterday and while the immediate reaction will no doubt focus on the recommendations for a market-oriented approach with significant changes to the CRTC, I would call attention to three other recommendations gleaned from reading the executive summary (the full document is nearly 400 pages). more

Examining the Reality of Convergence

If there is one word in the telecommunications that has suffered from over-abuse for many years now, it's convergence. The term has been liberally applied to each successive generation of communications technology for their supposed ability to solve a myriad of service delivery problems within a single unifying converged carriage and service delivery solution. Unfortunately, the underlying reality has always been markedly different from these wondrous promises, and we continue to see an industry that deploys a plethora of service delivery platforms and an equally diverse collection of associated switching and service delivery technologies. One can't help but wonder at the collective gullibility of an industry that continues to herald the convergent attributes of each new generation of communications technology, while at the same time being forced to admit that previous convergent promises have never been realized. more

The FTC Authentication Summit

The Federal Trade Commission and NIST had a two-day Authentication Summit on Nov 9-10 in Washington DC. When they published their report explaining their decision not to create a National Do Not Email Registry, the FTC identified lack of e-mail authentication as one of the reasons that it wouldn't work, and the authentication summit was part of their process to get some sort of authentication going. At the time the summit was scheduled, the IETF MARID group was still active and most people expected it to endorse Microsoft's Sender-ID in some form, so the summit would have been mostly about Sender-ID. Since MARID didn't do that, the summit had a broader and more interesting agenda. more

An Analysis of Microsoft’s MARID Patent Applications

The IETF MARID working group has been slogging away all summer trying to produce a draft standard about e-mail sender verification. They started with Meng Wong's SPF and Microsoft's Caller ID for E-mail, which got stirred together into a hybrid called Sender ID. One of the issues hanging over the MARID process has been Microsoft's Intellectual Property Rights (IPR) in Caller ID and Sender ID. The IETF has a process described in RFC 3668 that requires contributors to disclose IPR claims related to their contributions. more

A Closer Look at the Domain Name Controversy

Every time an individual logs on to the Internet a pornographer is able to copy the stream of digital bits created by the computer user's Internet connection. The data bits are used to compile a database of information about Internet user buying habits and sexual tastes. These pornographers use the information secretly collected from logged in computers to alter the category or type of pornographic images uploaded onto various websites. Pornographers, for example, know that as a result the pornography in Cyberspace is of an extremely disturbing sort when compared to porn found in "real-space." Internet users are primarily known fans of sexual images of incest, bestiality, and torture. Cyber porn -- as it is often called -- is bigger, badder, and more extreme.  more

Survey of Global Internet Jurisdiction

The American Bar Association/International Chamber of Commerce (ABA/ICC) recently released a survey on global Internet jurisdiction. The survey, co-chaired by Professor Michael Geist, involved nearly 300 companies in 45 different countries. It found that U.S. companies were far more concerned and pessimistic about Internet jurisdiction risk than European and Asian companies. The study has also found that an "Internet jurisdiction risk toolkit" is emerging where companies target low risk jurisdictions and take steps to avoid doing business in perceived high risk jurisdictions. more