/ Recently Commented
Vint Cerf’s Keynote at Domain Roundtable
I had the pleasure of eating breakfast with Vint Cerf, chairman of ICANN's board and Chief Internet Evangelist at Google, prior to his keynote address this morning. It was great to discuss some of the issues domainers are facing with regards to registrar practices, expiring domains, etc. directly with Cerf. Cerf's keynote kept the crowd engaged. I've summarized the topics he covered... Some people have misunderstood Cerf's position with regards to adding new domains. He said he is not opposed to adding new TLDs. What he advocates, however, is having a solid rationale for adding new TLDs. Cerf believes the processes and outcomes of the first two rounds of TLD adds were not satisfactory... more
- Andrew Allemann
- Comments: 5
- Views: 18,392
How Domain Name Traffic Testing/Tasting Works
Starting from an old article (dated July 21st, 2005) published at Computer Business Review, (and following a more recent entry on GoDaddy's Bob Parson's blog) I would like to touch a bit more on the topic of 'traffic testing' or 'traffic tasting' of domains. This topic has been discussed at ICANN meetings since last year and is also referred to by the name of 'add/delete' or 'add/drop' storms... more
- Frank Michlick
- Comments: 4
- Views: 33,309
.XXX as Proposed is Wrong for Families & Kids
On August 23rd, the Internet Governance Project posted a letter Opposing Political Intervention in the Internet's Core Technical Administrative Functions. I disagree. ICANN and Governments should get involved when it comes to protecting children online. Every effort should be made to make it SIMPLE for average parents to let their children run free online without the risk of running across pornography and adult material while doing so. Why continue to let pornographers run free and unchecked on the most exciting tool created in the history of mankind just because they got there first? more
- Joe S Alagna
- Comments: 28
- Views: 93,056
California Frets about Goodmail Email
On Monday the 3rd, California state Senator Dean Flores held a hearing of the E-Commerce, Wireless Technology, and Consumer Driven Programming committee grandly titled AOL: You Have Certified Mail, Will Paid E-mail Lead to Separate, Unequal Systems or is it the Foolproof Answer to Spam?. The senator's office said they were very eager to have me there, to the extent they offered to fly me out from New York, so since I happened to be on the way home from ICANN in New Zealand that weekend, I took a detour through Sacramento. Sen. Florez conducted the hearing, with Sens. Escutia and Torlakson sitting in briefly. Unfortunately, Sen. Bowen, who is very well informed on these topics, wasn't there. There were five panels of speakers, and I got to lead off... more
- John Levine
- Comments: 1
- Views: 15,627
.XXX Puzzle Pieces Start to Come Together: And the Picture is Ugly
Americans who worried about governments somehow "running" the Internet through the United Nations failed to see the Trojan Horses that were rolled into ICANN's structure in 1998: the Governmental "Advisory" Committee and the special US Government powers over ICANN. The attempt by the US Commerce Department to "recall" the delegation of .xxx to ICM Registry due to pressure from deluded right-wing groups in the US who think that it will add to pornography on the Internet is a major inflection point in the history of ICANN, and could represent the beginning of the end of its private sector/civil society based model of governance. more
- Milton Mueller
- Comments: 13
- Views: 83,902
IDN and Homographs Spoofing
There is a published spoofing attack using homographs IDN. By using a Cyrillic SMALL LETTER A (U+430), Securnia is able to pretend to be http://www.paypal.com/. Actually this is well-documented in RFC 3490 under the Security Consideration: "To help prevent confusion between characters that are visually similar, it is suggested that implementations provide visual indications where a domain name contains multiple scripts. Such mechanisms can also be used to show when a name contains a mixture of simplified and traditional Chinese characters, or to distinguish zero and one from O and l..." more
- James Seng
- Comments: 5
- Views: 66,765
Putting Multiple Root Nameserver Issue to Rest
I am often asked what I think of multiple root nameserver systems -- sort of like the Public-Root or the Open Root Server Confederation (ORSC) pushed by others in the past years. Whenever some well meaning person asks me for multiple roots in DNS, I answer: "DNS is a distributed, coherent, autonomous, hierarchical database. It is defined to have a single root, and every one of the hundreds of millions of DNS-speaking devices worldwide has the single-root design assumptions built into it. It would theoretically be possible to design a new system that looked superficially..." more
- Paul Vixie
- Comments: 18
- Views: 51,480
Hypertext Mail Protocol (a.k.a. Stub Email): A Proposal
Back in the days of dial-up modems and transfer speeds measured in hundreds of bits per second, unwanted email messages were actually felt as a significant dent in our personal pocketbooks. As increases in transfer speeds outpaced increases in spam traffic, the hundreds of unwanted emails we received per week became more of a nuisance than a serious financial threat. Today sophisticated spam filters offered by all major email providers keep us from seeing hundreds of unwanted emails on a daily basis, and relatively infrequently allow unwanted messages to reach our coveted Inboxes. So, to some degree, the spam problem has been mitigated. But this "mitigation" requires multiple layers of protection and enormous amounts of continually-applied effort. more
- Nathan Cheng
- Comments: 11
- Views: 45,690
Phishing: An Interesting Twist on a Common Scam
After Two Security Assessments I Must Be Secure, Right? Imagine you are the CIO of a national financial institution and you've recently deployed a state of the art online transaction service for your customers. To make sure your company's network perimeter is secure, you executed two external security assessments and penetration tests. When the final report came in, your company was given a clean bill of health. At first, you felt relieved, and confident in your security measures. Shortly thereafter, your relief turned to concern. ...Given you're skepticism, you decide to get one more opinion. ...And the results were less than pleasing. more
- Darren W. Miller
- Comments: 4
- Views: 14,553
Europe is to the US Controlled GPS as Europe is to the US Controlled DNS Root?
An Analogy: Europe is to the US controlled GPS as Europe is to the US controlled DNS root? That's not a very good title is it? But it does express the point I want to make. This week the European Union launched the first satellite of its own global positioning system, Galileo. One has to wonder why the Europeans feel they need to do this. Isn't the GPS system run by the United States a perfectly good system? more
- Karl Auerbach
- Comments: 12
- Views: 28,012
Should the Government Prepare a Preemptive Cyber-Attack?
The House Committee on Science recently held a hearing to "examine the extent of U.S. vulnerability to cyber attacks on critical infrastructure such as utility systems, and what the federal government and private sector are doing, and should be doing, to prevent and prepare for such attacks." Specific issues addressed at the hearing included whether: 1) the U.S. is able to detect, respond to, and recover from cyber-attacks on critical infrastructure; and 2) is there a clear line of responsibility within the federal government to deal with cybersecurity... more
- Bruce Levinson
- Comments: 3
- Views: 18,713
We Hate Spam Except, Of Course, When It’s Inconvenient to Do So
Paul Graham is a smart guy who popularized naive Bayesian spam filtering in 2002 with A Plan for Spam and has organized a series of informal spam conferences at MIT. Earlier this month he was shocked and horrified to discover that his web site, hosted at Yahoo where he used to work, had appeared on the widely used Spamhaus blacklist... more
- John Levine
- Comments: 14
- Views: 29,352
Security by Obscurity?
Ah yes, 'Security by obscurity': "Many people believe that 'security through obscurity' is flawed because... secrets are hard to keep." I'm glad the guys guarding the A Root Servers are up on the latest security trends. Of course, you could hide the A Root Servers at the heart of the Minotaur's maze, but they're still going to be "right over there" in cyberspace, at 198.41.0.29 more
- Robert Alberti, CISSP
- Comments: 4
- Views: 27,168
Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homographs Spoofing
Mozilla Foundation has announced changes to Firefox concerning Internationalized Domain Names (IDN) to deal with homograph spoofing attacks. According to the organization, "Mozilla Foundation products now only display IDNs in a whitelist of TLDs, which have policies stating what characters are permitted, and procedures for making sure that no homographic domains are registered to two different entities." Following is a statement explaining the current status of the Mozilla changes to Firefox regarding IDN... more
- CircleID Reporter
- Comments: 1
- Views: 28,578
Ask Vint Cerf: The Road Ahead for Top-Level Domains
As most readers are no doubt aware, when it comes to the topic of Top-Level Domains (TLDs), Internet Corporation for Assigned Names and Numbers (ICANN) takes center stage. Vint Cerf, Google's VP and Chief Internet Evangelist, who has served as chairman of the board of ICANN since the November of 1999 has accepted CircleID's invitation to directly respond to your questions on the topic. This is your opportunity to have your Top-Level Domain related questions responded by Vint Cerf. more
- CircleID Reporter
- Comments: 46
- Views: 79,867