Who Should Bear Domain Name Risk?

Domain owners are bearing tremendous risk that someone else is better equipped to absorb. In this post, I outline the motivation of risk ownership, the sources of risk associated with owning a domain name, and the ways by which some of these risks have been transferred to institutions that are better equipped to handle them. I close by pointing out that we would be better served by having a trademark risk-management entity. more

WIPO Proposal for Paperless UDRP

The World Intellectual Property Organization (WIPO) has sent to ICANN a letter proposing Paperless Uniform Domain Name Dispute Resolution Policy (UDRP)... This would save considerable amounts of paper, reduce courier charges (as the notice weighs far less than the full complaint), and thus would be good for the environment. more

Julius Genachowski, FCC, and White Spaces: The Good and Not So Good News

Julius Genachowski, Obama's nominee to head the FCC, is a friend of Fred Wilson. Fred gives ten reasons why he likes the nominee on his blog. Genachowski was a top technology advisor to Obama during his campaign and reportedly advised the campaign on its superb use of the Internet. He is also a supporter of "net neutrality" although the devil is in the details on that issue. Even though the nominee is a lawyer, he has business experience as a VC, as an Internet executive, and as a board member of various Internet companies -- all good reasons to be hopeful about this very important policy post. That's the good news. The bad news from several days ago... more

ICANN Uses For-Profit Companies as “Comparables” in Its Employee Compensation

According to page 123 of ICANN's annual report: "...Commitment to continued payment in the salary span of 50th to 75th percentile of for-profit market place of companies of a similar size and complexity to ICANN..." Note that the comparables have been "for-profit". This is obviously ridiculous, given the purported non-profit nature of ICANN, with its inherent job security... more

Reply-All Creates a DDoS Attack?

One can read in an Associated Press article that the US State Department have their email system bogged down due to too many people use the Reply-All function in their email client. IT Departments have asked people to not use Reply-All and also threaten with disciplinary action. To me, that is the wrong path forward. more

PIR’s Anti-Abuse Policy for .ORG Offers No Due Process for Innocent Domain Registrants

PIR, the registry operator for .org, has sent notices to registrars that it is implementing an anti-abuse policy that offers no due process for innocent domain registrants... While it's good intentioned, there is great potential for innocent domain registrants to suffer harm, given the lack of appropriate safeguards, the lack of precision and open-ended definition of "abuse", the sole discretion of the registry operator to delete domains, and the general lack of due process. more

ICANN Should Pay Even More and Increase Its Spending Several Fold

Where does this idea that the employees of all non-profit organizations alike shall lead a public-transportation lifestyle come from? ICANN's monetary resources do not come from war widows and pensioners, for ICANN to feel guilty about every penny that it spends on administration. Nor does its resources, wherever they come from, are any that are earmarked to be spent on famine relief or on basic health care for the most unfortunate. more

An Early Look at the State of Spam in 2009, Social Networking Spam on the Rise

As recently reported, spam volumes indicate spam has nearly jumped back up to its pre-McColo shutdown levels. However, Symantec's The State of Spam report has also observed that in recent days spammers are increasingly piggybacking on legitimate newsletters and using the reputation of major social networking sites to try and deliver spam messages into recipients' inboxes... In its special URL investigation the report also indicates that on average approximately 90 percent of all spam messages today contain some kind of a URL. Additionally, analysis of data from past recent days, according to Symantec, have shown that 68% of all URLs in spam messages had a '.com' Top-Level Domain (TLD), 18% had a China's '.cn' ccTLD and 5% had a '.net'. more

ICANN’s gTLD Proposal Hits a Wall: Now What?

ICANN's plan to begin accepting applications for new generic top-level domains (gTLDs) in mid-2009 may have been derailed by last week's outpouring of opposition from the global business community and the United States Government (USG). Having been involved with ICANN for over a decade and having served on its Board for three years, I've never seen such strong and broad opposition to one of ICANN's proposals. more

A Telegraph-Era TLD?

While doing research for a paper on telegraph codebooks, I was reminded of something I had long known: one could have short addresses for telegrams. A short article in The New Yorker described how it worked in New York City. Briefly, one could pick more or less any name that wasn't in use, and list it with the Central Bureau for Registered Addresses... more

Gaza Conflict Spilling Over Into the Internet, Cyberwar Underway

Whatever your personal perspective of the rights and wrongs of the current Arab-Israeli war in Gaza, there is a second front being fought on the Internet, says Jart Armin of HostExploit.com in a blog post today. "This form of warfare is a battle of words and often vivid imagery engaged by hackers from either side of the divide." more

What is Good Policy for a Domain Name Registry?

Back from the holidays I must admit I was thinking quite a bit on what is good policy for a registry? Of course I have my own personal favorites that I can not walk away from easily, but instead of thinking for too long, I decided to write down now immediately what is in my head. The main reasons for this are two: the decision by ICANN to change the rules for change in policy regarding the Add Grace Periods. more

Ladies and Gentlemen, China’s Netizen Day…

Just after the government announces a crackdown on Internet smut. Yesterday, they announced plans for "Netizen Day" on September 14th, which apparently marks 15 years since the first e-mail message was sent from China in 1987. The new celebratory day (I don't think it's an official holiday) was unveiled at an official ceremony presided over by Chinese government officials and Internet execs, many of whose companies - including Google, Sina, and Sohu, who were named in the smut crackdown just 24 hours before. more

The Problem With HTTPS SSL Runs Deeper Than MD5

The recent research highlighting the alarming practice of Secure Socket Layer (SSL) Certificate Authority (CA) vendors using the MD5 hashing algorithm (which was known to be broken since 2005) has shown a major crack in the foundation of the Web. While the latest research has shown that fake SSL certificates with MD5 hashes can be forged to perfection when the CA (such as VeriSign's RapidSSL) uses predictable certificate fields, the bigger problem is that the web has fundamentally botched secure authentication. more

WiMAX vs. WiFi

In fact WiFi (technically standard 802.11) and WiMAX (802.16) don't compete for broadband users or applications today. That's partly because WiFi is widely deployed and WiMAX is still largely an unfulfilled promise and partly because the two protocols were designed for very different situations. However, if WiMAX is eventually widely deployed, there will be competition between them as last mile technologies. Some people describe the difference between WiFi and WiMAX as analogous to the difference between a cordless phone and a mobile phone... more