Complete DNSSEC implementation requires that domains are authenticated at the root by the Registry, and that DNS zones and records are authenticated as well. Now before I go any further, let me begin by stating that I fully support the development and deployment of DNSSEC and that the vulnerabilities presented by Cache Poisoning are very real, especially for those websites collecting login credentials or other types of sensitive information. more
You may have seen media reports a few weeks ago describing how servers behind the so-called Great Firewall of China were found delivering incorrect DNS information to users in the rest of the world, thereby redirecting users to edited Web pages. Reports indicate that this apparently occurred due to a caching error by a single Internet Service Provider. While the problem was fairly limited in scope, it could have entirely been prevented in a world where DNSSEC was fully deployed. more
The year 2010 is turning out to be the "year of DNSSEC" from Registry implementations, Registrar implementations, ISP support, to the Root being signed this summer. Because we are dealing with such critical infrastructure, it is important to not lose sight of careful implementations. more
Brian Krebs has a post up the other day on his blog indicating that the amount of spam ending in .cn has declined dramatically due to steps taken by the Chinese government making it more difficult to get a domain ending in .cn... A cursory glance seems to confirm that the amount of spam from .cn as opposed to .ru has switched places. Indeed, if the CNNIC requires people to start writing in application forms, with a business license and identity card, that is seriously going to slow down the rate at which spammers can sign up and register new domains. more
The IDN ccTLD Fast Track program is moving along rapidly, with ICANN's announcement that both the Simplified and Traditional Chinese script versions of .china have passed the string evaluation phase of the IDN ccTLD Fast Track Program. Alongside this, ICANN have also announced the release of a proposed implementation plan for 'Synchronised IDN ccTLDs' that will create the rules by which these variant IDN ccTLDs will coexist. more
In January we presented the glorious history of the MIT spam conference, today we present the schedule for the first day. Opening session will be from this author, Garth Buren with a topic entitled The Internet Doomsday Book, with details be released the same day as the presentation. Followed by Dr. Robert Bruen with a review of activities since the last MIT spam conference... more
The ICANN Board meeting undertaken recently in Nairobi was indeed eventful and there were many vital topics on the agenda, in particular for the new gTLD program that kept many interested parties on the edges of their seats as the meeting unfolded. ... One of the more controversial decisions was in regard to the Expression of Interest (EOI), a program intended to allow potential new gTLD applicants to pre-register for their desired TLD and provide ICANN and the community with invaluable information regarding likely volumes of applications. more
There is an old saying that "bad news comes in threes." Domain name service providers have witnessed two unsettling developments in the past few weeks. The third, still winding its way through the U.S. Congress, could have enormous ramifications. Registries and registrars, in particular, need to speak up or resign themselves to the consequences. more
For those participants that have been working rearranged hours and participating remotely in connection with ICANN's Nairobi meeting, here is a chance to sleep in. While ICANN Board tea leaf reading is not an exact science, there is a great deal of predictability to ICANN's actions so here are my big three predictions for tomorrow. more
The Ninth Circuit affirmed the district court's ruling in Office Depot v. Zuccarini, agreeing that a creditor may levy against a domain name in the jurisdiction where the domain name registry is located. The decision is significant for two reasons. First, it affirms (or reaffirms) that domain names are property subject to the claims of creditors... more
A World-Renowned Source for Internet Developments. Serving Since 2002.