In our last installment we discussed MIME, Unicode and UTF-8, and IDNA, three things that have brought the Internet and e-mail out of the ASCII and English only era and closer to fully handling all languages. Today we'll look at the surprisingly difficult problems involved in fixing the last bit, internationalized e-mail addresses. more
The OECD held a "high-level" meeting in June 2011 that was intended to build upon the OECD Ministerial on The Future of the Internet Economy held in Seoul, Korea in June 2008. I was invited to attend this meeting as part of the delegation from the Internet Technical Advisory Committee (ITAC), and here I'd like to share my impressions of this meeting. This 2 day meeting, "The Internet Economy: Generating Innovation and Growth", had the objective of exploring a number of current issues in the public policy space... more
In June, I attended the St. Petersburg International Economic Forum ("SPIEF"), organized by the Russian government's Ministry of Economic Development. This was a major event drawing thousands of participants to St. Petersburg... I participated on a panel entitled "Can IP Be Protected in the Internet Age?" Right away, I trust many of you find the titling odd... more
In our last post on CircleID, Measuring World IPv6 Day - First Impressions, we showed exactly when World IPv6 Day participants switched on IPv6 on their networks (by way of announcing DNS AAAA records). Now, a few weeks after World IPv6 Day, it's interesting to see what the longer-term effects have been. more
Back when the Internet was young end servers came with shovels (for the coal), everyone on the net spoke English, and all the e-mail was in English. To represent text in a computer, each character needs to have a numeric code. The most common code set was (and is) ASCII, which is basically the codes used by the cheap, reliable Teletype printing terminals everyone used as their computer consoles. ASCII is a seven bit character code, code values 0 through 127, and it includes upper and lower case letters and a reasonable selection of punctuation adequate for written English. more
ICM Registry announced this week it has struck a deal with McAfee for a free malware scan for every .XXX domain. The deal would include McAfee's "trustmark" and date stamp, ICM said. Every .XXX domain will be scanned for vulnerabilities such as SQL injection, browser exploits and phishing sites, reputational analysis and malware, Stuart Lawley, CEO of ICM Registry, said in a statement. more
Since its launch in October, 2004 Project Honey Pot has made some interesting progress in their war against spam email. The project is a distributed system used to identify spammers and spambots operating across the Internet. To put it simply, Project Honey Pot lays millions of traps around the Internet (66,393,293 as of this writing) baited with specific email addresses that are configured to forward received emails to the Project Honey Pot system. Since these are not email addresses used by real individuals virtually every email received is positively identified as spam. more
Ever since I heard of the new generic Top-Level Domains (gTLDs), I wondered whether they would be prone to abuse. For example, Microsoft might want to register www.microsoft.microsoft, or Sony might want to register www.sony. But isn't this opening up the floodgates for spammers to register their own domains and squat on them? Why couldn't a spammer register www.cit.ibank? They could then send phishing messages and fool people into clicking very legitimate looking domains. But I don't think this will be a problem. more
At the ICANN Public Forum in Singapore yesterday, I likened the ICANN to a community garden: fertile, colorful and above all, worthwhile, but not without a few troublesome weeds. Today's Board vote to adopt the recommendations of the Accountability and Transparency Review Team (ATRT) is a vote to pull those weeds. As good as voting for this weed-pulling exercise is, completing it will be even better. more
The ICANN community is conservative. A considerable number of dedicated ICANN volunteers from various constituencies believe that ICANN should follow the unusual logic of limiting its revenues to the levels of its CURRENT estimates of expenditure. The Board, acting on the advise of the ICANN community brought down the ICANN transaction fee per domain name from 25 cents to 16 cents and in the case of numbers, for various reasons the Address Registry fees that it collects from the Regional Internet Registries have been historically kept at a negligibly low level. more
A favorite Sherlock Holmes story has the detective unraveling the mystery of a murdered horse trainer and the theft of a prized thoroughbred by concentrating on the fact that a dog didn't bark in the night when the horse was stolen. This silence implied for Holmes that it was no stranger who entered the stall. From this he deduced that it was the trainer himself who had removed the horse to fix a race for his profit and that the horse had killed the trainer when he tried to cripple it. ICANN 41 has been afflicted by a similarly curious silence. more
The recent announcement of a 13-year old security flaw found in an Open Source security library has renewed the debate between open source and closed source software. The library, crypt_blowfish, allows for fast two-way password encryption. The flaw introduces the potential for passwords to be easily compromised and affects PHP and a number of Linux distributions that include the crypt_blowfish library. more
A project named S-GPS or Spammer Global Positioning System, by Microsoft researchers uses spammer identification rather than spam identification to identify zombie-based spammers. more
ICANN and internet exchange firm Packet Clearing House (PCH) have joined forces with Infocomm Development Authority of Singapore (IDA) and the National University of Singapore (NUS) to launch the first of three facilities designed to boost the adoption of Domain Name System Security (DNSSEC) among country code Top-Level Domains (ccTLDs). The three new facilities, located in Singapore; Zurich, Switzerland (still under construction) and San Jose, California, provide cryptographic security using the recently deployed DNSSEC protocol. more
The RIPE NCC took active measurements of World IPv6 Day participants before, during and after World IPv6 Day (in cooperation with CAIDA). We selected 53 participants and performed periodical A and AAAA DNS lookups and HTTP fetches from 40 servers worldwide. For HTTP, we fetched data over IPv4 and IPv6. These provide important control points... more