For the last couple of years, the most common attack vector against the DNS system is the attack against the registrar. Either the attack is on the software itself using weaknesses in the code that could inject DNS changes into the TLD registry, or social engineering the registrar support systems and the attacker receives credentials that in turn allows the attacker to perform malicious changes in DNS. DNSSEC is the common security mechanism that protects the DNS protocol, but by using the registrar attack, any changes will result in a proper working DNS delegation. more
It is not often I go out to my driveway to pick up the Washington Post -- yes, I still enjoy reading a real physical paper, perhaps a sign of age -- and the headline is NOT about how the (insert DC sports team here) lost last night but is instead is about an IT technology. That technology is the Border Gateway Protocol (BGP), a major Internet protocol that has been around for more than a quarter century, before the Internet was commercialized and before most people even knew what the Internet was. more
Benjamin Franklin once said, "By failing to prepare, you are preparing to fail." As we consider how Internet domain and address registration data is managed and accessed in a post-WHOIS era, and given the long history of failure in addressing the shortcomings of WHOIS, it is extremely important to start preparing now for the eventual replacement of WHOIS. This is the fundamental purpose of the next Registration Operations Workshop (ROW) that is scheduled for Sunday, July 19, 2015, in Prague, Czech Republic. more
The .build domain namespace opened in General Availability in April 2014, as a domain name designed specifically for the online needs of the building industry and beyond. As the appointed technical provider for .build, ARI Registry Services powered the launch and continued technical operations for this global domain name. A year into the life of the namespace, ARI Registry Services' Head of Global Consulting Tony Kirsch caught up with George Minardos, CEO of .build to talk about his insights to date, what he's learnt about the domain name industry, and a look at where he thinks it is heading. more
29 July 2015 is a big day for .brands. It's the date when all ICANN Registry Agreements (RA) must be signed. Once the RA is signed, the fees to ICANN and your Registry Services Provider kick in. As certain as you can be that ICANN will begin sending invoices, you can also expect to receive increased scrutiny internally. Questions are inevitable. People will want answers; what is the plan for this thing? How does it fit into our long term corporate goals? Do marketing have a plan to use the TLD in the upcoming launch of our new product? more
If you are like the majority of Registry Operators we have spoken to, you may now be thinking that compliance with your new gTLD Registry Agreement is much more difficult than first envisaged -- especially if you are one of the lucky operators which have been chosen for ICANN's latest round of registry audits! You may also be surprised at the number of questions and requests that you need to respond to. more
Perceptions can be difficult to change. People see the world through the lens of their own experiences and desires, and new ideas can be difficult to assimilate. Such is the case with the registration ecosystem. Today's operational models exist because of decisions made over time, but the assumptions that were used to support those decisions can (and should) be continuously challenged to ensure that they are addressing today's realities. Are we ready to challenge assumptions? Can the operators of registration services do things differently? more
On March 31, Swedish regulatory overview office, Post and Telecom Authority published a 54 pages report on revision of the Swedish Top-Level Domain (TLD) law for internet. The report contains proposals for revision of policy and Swedish law regulating top level domains. This is not a surprise. The issue has been simmering for ten years, at least. However, with increasing dependency of information society, public regulators are increasingly inclined to revise public regulation in the area. more
Now that new gTLD registries have been operating for more than a year, a few registries have already experienced going through an audit and a few more are now receiving notifications that they are next in line. For all, the process of going through an ICANN audit is a first. Once you receive the Request for Information (RFI), you will have 15 days to respond, or seek an extension of time. Extensions may be available on a case by case basis. more
This Sunday, March 22, 2015, the second Registration Operations Workshop (ROW) will be taking place at the Fairmont Dallas hotel from 12:30 -- 4:30 pm CDT. Discussion will include extensions to EPP, new encryption initiatives and also suggestions for ways to further automate DNS interactions between registries, registrars and DNS operators, including a need to do this for DNSSEC. more