DEFCON 1 Status at ICANN

Defense Readiness Condition (DEFCON) is a measure of the activation and readiness of the United States armed forces. The DEFCON scale is a numerical ranking from 5 (standard peacetime protocol) to DEFCON 1 (expectation of actual imminent attack). Today ICANN should find itself at a DEFCON 1 status with the announced pending departure of Doug Brent, ICANN's Chief Operating Officer, effect at the end of July. more

The Real Issue About ICANN and .XXX

Way back in 2004, ICANN invited applications for a round of new TLDs. They got quite a few. Some were uncontroversial, such as .JOBS for the HR industry. Some were uncontroversial but took a long time, such as .POST which took five years of negotiation, entirely due to the legal peculiarities of the registry being part of the UN. But one was really controversial, .XXX. By 2005, the applicant, ICM registry, had satisfied all the criteria that ICANN set out in the 2004 round to get .XXX approved, and ICANN has been stalling them ever since... more

By the way… Your IDN is Live.

Just when you think ICANN has got it right, it shoots itself in the foot as only ICANN can. Unfortunately it seems this is yet another case of one step forward and two steps back. While we should be celebrating the fact that Internationalised Domain Names (IDN's) have finally been entered into the Root Zone, we are instead left shaking our heads at the seemingly nonexistent process lines nor communication lines between ICANN and its technical off-shoot IANA. more

“Thin Brand Line” Breaks as Canon Announces Plans for .CANON

Until today's announcement by Canon, no large brand had broken the "thin brand line" by revealing their plan to apply for their own new top-level domain. Now with Canon's announcement, other major companies have been challenged to either announce their TLD plans or else state that they plan to forgo the chance to brand themselves at the top level of the domain name space. more

Why Aren’t There More Spam Lawsuits?

The CAN SPAM act has been in place for five and a half years. Compatible state laws have been in place nearly as long. Anti-spam laws in the EU, Australia, and New Zealand were enacted years ago. But the number of significant anti-spam lawsuits is so small that individual bloggers can easily keep track of them. Considering that several billion spams a day are sent to people's inboxes, where are all the anti-spam lawsuits? more

The Domain Aftermarket Redux: Are Domainers “Investors” Yet?

What better way to kick things off than to review the domain aftermarket, three years after my then infamous "Domain Aftermarket Overdue For An Asset Repricing" article which caused a bit of a stir at the time. I said then that there was a big recession coming, in it everything would suffer severe price declines, and that domain names would not be exempt. I went on to say that the low-hanging fruit in the domain industry had been picked: type-in activity would go into secular decline over time, and that domainers would face increasing competition from other avenues such as DNS resolvers, ISPs and web browsers. It didn't go over well. more

Say No to WIPO’s Proposal to Amend the PDDRP to Create New Law

A number of comments to ICANN's proposed Post Delegation Dispute Resolution Process for new gTLD Registry Operators support a proposal by the World Intellectual Property Organization (WIPO) to hold a registry operator accountable for trademark infringement that occurs within a TLD if it "knowingly permitted, or could not have reasonably been unaware of" infringing domain names within the TLD. more

Resources for Cleaning Your Network

The first step (but certainly not the last) towards saving the internet from spam, malware, and other abuse is to keep your own network clean. A friend of CAUCE, who wishes to remain anonymous, offers these tips and resources to help you identify problem traffic emanating from your network, and clean it up. Though primarily written for ISPs, many of the items below should apply equally well to any network owner. more

ICANN Documentary Information Disclosure Policy Request

Listed below is correspondence that I have submitted to ICANN's general counsel in connection with the organization's stated documentary information disclosure policy. more

Old Dog, New Tricks: Gift Card Scams in Social Networks

In the past few months, a flurry of gift card scams leveraging such high-profile brands as Best Buy, Whole Foods and IKEA have emerged on Facebook. These scams often use the brand's logo, website URL, or general "look and feel" on Facebook "fan" pages to give the impression that these offers are legitimate. Some scams are even bold enough to include bogus, non-interactive fan comments to add a greater sense of authenticity to the gift card offer. To date, these scams have been successful at tricking tens of thousands of consumers. In just one day, for example, a fan page titled "IKEA Get a FREE $1000 IKEA Gift Card! (ONLY AVAILABLE 1 DAY)" registered 40,000 fans before being shut down. more

How To Build A Cybernuke

The Internet infrastructure has been having a bad month. Not as bad as, say, the world's aviation infrastructure, but bad enough. First, Chinese Internet censorship leaked out to a few massively unlucky users of the I root server. Then China Telecom failed to filter someone who leaked thousands of hijacked routes to other people's networks through them, probably by accident. And then, inexplicably, Forbes went where no one had gone before... more

Take That Down Right Now - and Give Me That Too

Google has released a government requests tool. It's highly illuminating and may end up being quite disruptive. That's what surprising data visualizations can do for us. ... The tool allows us to see the number of requests from different countries that Google received during the last six months of 2009. More than 3600 data requests from Brazil during those six months and more than 3500 from the US. But just 40 or so from Canada and 30 from Israel. more

DNSSEC Status Report: Signing Infrastructure Well Underway, User Experience Still Needs Work

The registries (gTLDS) are all moving towards signing in about a year. PIR and .org is going to be first with .edu, .biz, and others closely behind. The root is scheduled to be signed in the beginning of July (end of June looking at the holiday calendar) being the biggest milestone. Some of the roots already contain DNSSEC information. Other ccTLDs continue to turn DNSSEC on with countries on every continent signed. more

Operational Challenges When Implementing DNSSEC

As a reader of this article, you are probably familiar with the DNS cache poisoning techniques discovered a few years ago. And you have most likely heard that DNSSEC is the long term cure. But you might not know exactly what challenges are involved with DNSSEC and what experience the early adopters have gathered and documented. Perhaps you waited with our own rollout until you could gather more documentation over the operational experience when rolling out DNSSEC. This article summarizes authors' experiences and learnings from implementing the technology in production environments as well as discusses associated operational issues. more

Military Asserts Rights to Return Cyber Attacks

The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks... This is an interesting point of view, and it extends from the United States's policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons... more