.EU TLD Comes Closer Than Ever to Becoming a Reality

With much awaited fanfare, .EU is inching ever closer to becoming real! I am a bit reluctant to say it is actually here until the gates are actually open, but I can imagine that there are many who are grateful as I am that the process has gotten as far as it has. On March 23rd, 2005, ICANN announced that they had approved an agreement earlier that week with EURid to have .eu added to the root zone... more

The Ultimate Solution to Internet Governance: Let ITU and ICANN compete

Controversies over ICANN led to the creation of the Working Group on Internet Governance, but so far there have been few specific proposals for change. The Internet Governance Project has entered that breach with a new policy paper: "What to Do About ICANN: A Proposal for Structural Reform." The proposal, by Hans Klein and myself, proposes three clean, clear but probably controversial solutions to the criticisms that have been made of ICANN. more

Spirit of .Pro, Where Art Thou?

On March 2, EnCirca launched its ProForwarding leasing service for .pro domains. When we launched the service, we were sure that the ProForwarding service would appeal to a segment of the internet community not being served well by other extensions: self-employed professionals and other small businesses. Based on the response we've received, it appears we were right. It also caught the attention of ICANN and others, who accused us of "violating the spirit of .pro". Does .pro even have a spirit? And if it does, who gets to decide what it is? more

Shambles at the .Pro Registry

Registration of .Pro domains has descended into shambles as the Registry responsible for their administration has allowed a flood of domain registrations which appear to be in breach of the strict rules restricting who can register a .pro domain and the certified credentials required before any such domain can work. more

Why Restricted TLDs Should Not Be Gatecrashed

In recent weeks, thousands of what ICANN describes as "questionable" registrations have been activated... Let me illustrate: Mr. ICANN decides to hold a party. He has decided that he only wants to ask some of his professional friends to come, so they are asked to bring their party invites with them to prove they've been invited, because poor Mr. ICANN has had trouble before with people gatecrashing his parties. At a sunrise party he'd held a few years ago, all kinds of people had gatecrashed and no-one had asked to see their invites and it was dreadful. So Mr. ICANN hires a bouncer to stand guard at the front door of his house. The bouncer, Johnny Registry, assures Mr. ICANN that no-one will get in without an invite... more

Creating a National Cybersecurity Framework: Need For New Regulation?

The Congressional Research Service (CRS) recently released a major new study examining cybersecurity. The report, "Creating a National Framework for Cybersecurity: An Analysis of Issues and Options" discusses a variety of significant public and private cybersecurity concerns. The CRS analysis lists several broad options for addressing cybersecurity weaknesses ranging from adopting standards and certification to promulgating best practices and guidelines and use of audits among other measures. more

JET Open Letter to Microsoft

We, members of the JET (Joint Engineering Team), send this open letter to request Microsoft Corporation to implement IDN (Internationalized Domain Names) standards[1] in the next version of Internet Explorer. ...IDN is a critical enabling technology that will make the Internet more useable and attractive to the majority of the Chinese, Japanese and Korean population who do not use English in their daily life. In fact, IDN is mentioned as one of the Declaration of Action of the World Summit of Information Society (WSIS). To date, IDN registration has been launched in .cn, .jp, .kr, .tw and many other European country code top level domain as well as other generic top level domain names. More than 1 million IDNs have been registered since 2000. Most of the web browsers, such as Safari, Firefox and Opera have implemented IDN standards. This means that users can use IDN in these web browsers without additional applications or plug-ins... more

Protecting the Internet: Certified Attachments and Reverse Firewalls?

In many respects the internet is going to hell in a hand basket. Spam, phishing, DNS poisoning, DDoS attacks, viruses, worms, and the like make the net a sick place. It is bad enough that bad folks are doing this. But it is worse that just about every user computer on the net offers a nice fertile place for such ill behavior to be secretly planted and operated as a zombie under the control of a distant and unknown zombie farmer. ...Some of us are coming to the converse point of view that the net is being endangered by the masses of ill-protected machines operated by users. more

Whois Privacy vs. Anonymity

The Internet is often a lawless place. Everyone knows that there are many tricks and traps lurking on the Internet, just waiting to prey on unsuspecting and innocent users. Some of these traps will trash your computer while others will turn your PC into a zombie that will broadcast messages at the virus writer's command. ...The list of annoyances and downright criminal activities seem endless. ...To make the Internet a safer place both legislators and law enforcement are now focusing on the Internet. In the crossfire that's taking place there are many ideas that are being offered up. Some of them are good and some are not. One bad decision that was recently forced upon the Internet community (without hearings -- more on this later) was to eliminate private domain name registrations for .US domain names. ...It's important to understand the difference between privacy and anonymity. more

Whither WGIG?

Now, I don't like the word "whither" any more than you do. But this Reuters article was circulating yesterday and it seemed to call for a "whither." It's a short story, so let's do a close reading. "A U.N.-sponsored panel aims to settle a long-running tug of war for control of the Internet by July and propose solutions to problems such as cyber crime and email spam, panel leaders said on Monday." We're going to decide what "internet governance" is by July?  more

Privacy Alert: Watch Out For FOISA

This morning, at 10 am in 2141 Rayburn, the Subcommittee on Courts, the Internet, and Intellectual Property is holding a hearing on "Internet Domain Name Fraud -- New Criminal and Civil Enforcement Tools." At that hearing, the Subcommittee will be considering a new Whois bill creating new penalties for people who provide false data when registering a domain name. We need to raise our collective eyebrows at this bill (which was suddenly dropped the evening before this hearing). The title of the bill is the "Fraudulent Online Identity Sanctions Act." (FOISA) more

Domain Owners Lose Privacy

As facts unfold, and the NTIA's decision to take away our privacy comes to light, it is interesting to see the NTIA struggling to explain its decision. Keep in mind that an "as yet to be identified" bureaucrat made this decision to take away your privacy, did it without notice, and without holding hearings. Those affected were not given an opportunity to explain how the loss of privacy would negatively affect them. Quite simply, this is NOT how our government is supposed to work. We should be outraged... more

Protecting Brands from Phishers No Easy Task

Just in case you've been out of the country for the last 12 months, a new scourge is hitting the Internet and the world of email and it's called phishing. The Anti-Phishing Working Group defines phishing as identity theft "attacks using 'spoofed' e-mails and fraudulent Websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords..." According to various experts, the incidents of phishing are rising at an alarming rate: there were 13,000 unique phishing attacks in January alone - that's a 42 percent surge over the previous month. The real problem is that phishing works. more

IDN Parody on verisign.com

Guilllaume Rischard setup a parody on verisign.com using the IDN spoofing trick. He managed to get one registrar to register verisign.com with a cyrillic S (U+0405) (ie xn--veriign-mog.com :-) This actually started in #joiito a couple of weeks ago after the Eric published the spoofing attack paper. A joke was made that it would be funny if someone did it to verisign.com and so he did. I suppose I could rant why VeriSign should adopt the JET Guideline (or ICANN Guidelines) but this parody would send a louder message. more

URLs: Ontologically Speaking

I was reading David Weinberger's reports on how the New York Times is planning on tackling its "link rot" problem where articles slip behind the pay-wall. Part of their solution appears to be to replace articles with their summaries. As usual, this got me thinking about telephony. Why don't phone calls and callers have URIs or URLs? ...Let's take addressing the endpoints first. Obviously, ENUM is one way of "Internetising" the phone number address space. more