/ Recently Commented

The Cost of an ISO 27001 Certification

Last Comment: May 05, 2014

The first question I often get when talking to IT Service providers on ISO 27001 certification is: "How much does it cost to get it?" I like to reply with a question: "how much does it cost when you don't have it?" The answer to the first question is easy, the answer to the second one is more complicated. As a financial I am interested in the business case. If the cost of not having an ISO 27001 certification is higher than the cost of getting and maintaining one, you can actually make a profitable investment by getting certified. more

Wow! BIND9 9.10 Is out, and What a List of Features!

Last Comment: May 04, 2014

Today the e-mail faerie brought news of the release of BIND9 9.10.0 which can be downloaded from here. BIND9 is the most popular name server on the Internet and has been ever since taking that title away from BIND8 which had a few years earlier taken it from BIND4. I used to work on BIND, and I founded ISC, the home of BIND, and even though I left ISC in July 2013 to launch a commercial security startup company, I remain a fan of both ISC and BIND. more

What Does “Network Neutrality” Mean?

Last Comment: May 03, 2014

A lot of ink and pixels have been spilled about the FCC's new rules for network neutrality. It's impossible to comment sensibly yet about the actual proposal, since as far as I know it's not been published anywhere, but the various news reports have left me confused about just what is being addressed. There are a number of different sorts of behavior that can result in performance differences to the end user... The purpose of this post is to give a simplified (with luck, not too horribly oversimplified) explanation of the different issues here. more

Net Neutrality? Give Me a Break

Last Comment: May 01, 2014

As my learned friend John Levine has noted, rightly, any policy that anyone has come up with thus far regarding net neutrality is based upon a Telco model. Now, think about that for a second. A telephone call costs pretty much the same if you whisper or shout. It costs the same if you make a quick phone-call or you yack for hours. These days, even long distance is trivially inexpensive, because the capacity to carry the world's phone-calls is well beyond any foreseeable demand. There is huge headroom. more

Better Than Best Efforts Routing of Mission Critical Traffic and the FCC

Last Comment: Apr 24, 2014

It appears that the FCC will permit exceptions to the standard, plain vanilla best efforts routing standard for Internet traffic, such as the paid peering arrangement recently negotiated between Comcast and Netflix. In both academic and applied papers I have supported this option, with several major conditions... With no opposition that I have seen, companies like Akamai offer better than best efforts routing of "mission critical" traffic from content source to last mile, "retail" Internet Service Providers. more

NTAG Chair Blog: A Better Auction Framework

Last Comment: Apr 16, 2014

New gTLD Applicants now have a more fair and reasonable ICANN auction framework. A collaborative negotiation between the New TLD Applicant Group (NTAG) Auctions Working Group and ICANN Staff resulted in changes that improve the auction rules and bidder agreement. The indemnification and waivers in the agreement are now aligned with breaches that applicants can control. Applicants also now have an indemnification from Power Auction for third party claims related to IP infringement. more

Yahoo Addresses a Security Problem by Breaking Every Mailing List in the World

Last Comment: Apr 09, 2014

DMARC is what one might call an emerging e-mail security scheme. It's emerging pretty fast, since many of the largest mail systems in the world have already implemented it, including Gmail, Hotmail/MSN/Outlook, Comcast, and Yahoo. DMARC lets a domain owner make assertions about mail that has their domain in the address on the 'From:' line. It lets the owner assert that mail will have a DKIM signature with the same domain, or an envelope return (bounce) address in the same domain that will pass SPF validation. more

Interconnection Disputes Are Network Neutrality Issues (of Netflix, Comcast, and the FCC)

Last Comment: Apr 09, 2014

A lot of people have been talking about the "interconnection" deal between Comcast and Netflix and whether that deal is related to network neutrality. (It is.) This question comes partly because the FCC's 2010 Open Internet Order (also known as the network neutrality order) was recently struck down. So network neutrality lands back at the FCC, with a new Open Internet proceeding, at the same time Netflix starts working so poorly on Comcast that Netflix had to cut a special deal with Comcast. more

Black Helicopters for the DNS: What Happens In 2025?

Last Comment: Apr 05, 2014

When Steve delBianco from NetChoice testified (April 2, 2014) in the Subcommittee on Communications and Technology of the US House of Representatives on "Ensuring the Security, Stability, Resilience, and Freedom of the Global Internet", he proposed a stresstest for new mechanisms which could substitute the role of the NTIA in overseeing the IANA contract with ICANN. Stresstests are good. It is good for cars, it is good for banks and it is good for new mechanisms... more

Vint Cerf: Ask Your ISPs What Their Plan Is for IPv6

Last Comment: Apr 04, 2014

Vint Cerf joined TWiT TV host Leo Laporte yesterday in Google+ Hangout urging that we need to stop running the experimental version of the Internet and move to the production version of the Internet running IPv6! He also made a great request to everyone watching to ask their Internet Service Providers (ISPs) about when the ISPs would have IPv6 available. more

A Programmer’s Perspective on the IANA Transition

Last Comment: Mar 31, 2014

Earlier this week, I posted from Singapore on the challenges we face in designing the transition of IANA functions from the US government to the global multistakeholder community. Now, let's consider how a programmer would design new mechanisms to accomplish this transition. For starters, a programmer would need something more than high-level principles. Coding requires use cases for routine interaction and especially for cases where users don't follow the expected routine and where the real world intervenes with inconvenient problems. more

What the US Government Said About IANA in Singapore

Last Comment: Mar 27, 2014

Two weeks ago, the US government announced it would transition its role in the IANA functions to the global Internet community. It tasked ICANN with the job of arriving at a transition plan and noted that the current contract runs out in 18 months' time, 30 September 2015. This week, ICANN started that process at its meeting in Singapore. And on the ground were the two key US government officials behind the decision. more

Proceedings of Name Collisions Workshop Available

Last Comment: Mar 27, 2014

Keynote speaker, and noted security industry commentator, Bruce Schneier (Co3 Systems ) set the tone for the two days with a discussion on how humans name things and the shortcomings of computers in doing the same. Names require context, he observed, and "computers are really bad at this" because "everything defaults to global." Referring to the potential that new gTLDs could conflict with internal names in installed systems, he commented, "It would be great if we could go back 20 years and say 'Don't do that'," but concluded that policymakers have to work with DNS the way it is today. more

Netflix Has Buyer’s Remorse Over Its Paid Peering Deal With Comcast

Last Comment: Mar 25, 2014

Soon after capitulating to Comcast's surcharge demand for improved treatment of its traffic, Netflix got better downstream delivery speeds. Apparently Comcast did not have to undertake a major bandwidth expansion program. Much to the immediate relief of Netflix, Comcast merely needed to allocate more ports for Netflix traffic. So with a reallocation of available bandwidth, Comcast solved Netflix's quality of service dilemma apparently without degrading service to anyone else, upstream or downstream. more

Finishing What We Started: A Level Playing Field for New gTLDs

Last Comment: Mar 22, 2014

While the Internet governance debate devours headlines, it's almost easy to forget that ICANN is in the midst of the most audacious and important policy process it has ever undertaken. And while many new generic top-level domains are now live, the process of ensuring the best opportunity to fulfill their potential is not yet complete. We recently reached the milestone of 280,000 registrations in the Donuts gTLDs that are currently generally available. more

Industry Updates

A New DNS Validation Method for Simplified Certificate Automation

Hard Data on DDoS, DNS, and the Race for Resilience

Going DNS Deep Diving Into GhostCall and GhostHire

.store and MrBeast Campaign Surpasses 500 Million Views Across Platforms

COLDRIVER’s MAYBEROBOT in the DNS Spotlight

IPv4 Address Prices Continue Their Descent, But Demand Remains Resilient

Burrowing Into the Beamglea Campaign DNS Infrastructure

Chasing After RacoonO365 IoCs Using DNS and Domain Intelligence

Spelunking Into SVG Phishing: Amatera Stealer and PureMiner DNS Deep Dive

2025 .US Town Hall Registration Open: Explore Industry Trends & Policy Insights

Global Domain Activity Trends Seen in Q3 2025

DNIB Reports 378.5 Million Domain Name Registrations in Q3 2025

IPv4 Market Update: Prices Decline, but Market Fundamentals Remain Resilient

Scouring the DNS for Traces of the Hiddengh0st and Winos SEO Poisoning Campaign

Understanding DNSSEC: Best Practices and Implementation Challenges

View More