Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In Part 1 and Part 2 of this series of blog posts I described the need for a registration operations industry association. At the end of Part 2, I wrote that Part 3 will describe "an opportunity for everyone that's interested in discussing this topic in a live environment." The large number of people attending ICANN 51 in Los Angeles presents the best chance of discussion with many potential participants being in the same place at the same time. Let's take advantage of that proximity. more
ICANN Compliance now has two conflicting answers on record concerning the enforceability of RAA 378 on WHOIS inaccuracy. This is a topic of extreme importance and one we are trying to get to the bottom of. ...inconsistency needs to be resolved as it directly impacts the current RAA negotiations and certainly before new gTLDs are deployed. more
Internationalized (non-ascii) domain names (IDN) are a key issue for ICANN. Yesterday, the Board completed two days of workshop presentations about various matters (IANA, security, GAC relationships), and we were briefed on the IDN testing that is planned. I thought it might be useful to make clear the distinction between the tests (which are testing mechanisms for IDNs) and the very difficult policy questions that confront ICANN. As several people explained to me yesterday, they're different. more
The new gTLD program and the introduction of 1200+ new domain name registries has significantly altered the marketplace dynamics. New domain name registries must navigate an environment that is, to an extent, stacked against them. This article recommends creation of some improvements and a general de-regulation of the marketplace to encourage innovation and promote its overall health. ICANN, or a combination of Registry Operators, should fund a brief, thorough study of the current marketplace because of the changes that have occurred from the original marketplace for which current regulations were developed. more
Today on Dave Farber's IP list, someone revived the ancient argument that ICANN imposes limits on the number of top level domains (TLDs) because to have more than a few will cause DNS to wobble and cause the internet to collapse. Although long discredited, that argument hangs around like a zombie. ICANN has never been able to adduce a shred of proof that there is anything to support that assertion... more
NameSmash has interviewed Garth Bruen, Internet security expert and creator of Knujon, on some key issues under discussion during the recent ICANN meetings in San Francisco. Topics include Whois, DNS Security Extensions (DNSSEC) and generic Top-Level Domains (gTLDs) -- issues of critical importance particularly with ICANN's expected roll-out of thousands of new gTLDs in the coming years. more
I've been watching at the excitement build in the domain community, where a lot of people seem to believe that at next month's Singapore meeting, by golly, this time ICANN will really truly open the floodgates and start adding lots of new Top-Level Domains (TLDs). I have my doubts, because there's still significant issues with the Governmental Advisory Committee (GAC) and the US Government and ICANN hasn't yet grasped the fact that governments do not defer to NGOs, but let's back up a little and ask is this a good idea. more
Earlier this year, the Internet Engineering Task Force’s (IETF’s) Internet Engineering Steering Group (IESG) announced that several Proposed Standards related to the Registration Data Access Protocol (RDAP), including three that I co-authored, were being promoted to the prestigious designation of Internet Standard. Initially accepted as proposed standards six years ago, RFC 7480, RFC 7481, RFC 9082 and RFC 9083 now comprise the new Standard 95. RDAP allows users to access domain registration data and could one day replace its predecessor the WHOIS protocol. more
Earlier this year, I wrote glowingly about the new CIRA whois policy, which took effect today and which I described as striking the right balance between access and privacy. The policy was to have provided new privacy protection to individual registrants - hundreds of thousands of Canadians - by removing the public disclosure of their personal contact information... Apparently I spoke too soon. more
Over this past week both Namejet.com and Godaddy.com ran auctions of re-branded ccTLD's and I think the results are a preview of what's to come for new gTLD's that attempt the same strategy. Namejet.com ran an auction of .PW single character domain names; single letter domains and single numbered domain names. Arguably single letter and single numbered domains such as; o.co, 8.asia, and z.com, are some of the most valuable inventory any registry will ever have, especially in the new gTLD world when two letter domains are going to require ICANN approval. more
Over the last 5 years, hacktivists have continued the practice of redirecting well-known domain names to politically motivated websites utilizing tactics such as SQL injection attacks and social engineering schemes to gain access to domain management accounts -- and that, in and of itself, is not surprising. But what IS surprising is the fact that less than 15% of the 500 most highly trafficked domains in the world are utilizing Registry Locking. more
When it comes to building a robust globe-spanning network of crimeware and making the victims dance to a tune of the cyber-criminals' choosing, you're guaranteed to find domain name abuse at the heart of the operation. DNS provides the critical flexibility and underlying scalability of modern command-and-control (C&C) infrastructure. Cyber-criminals that master DNS (and manage to maintain the stream of new domain registrations that keep it fed) tend to find themselves in command of the largest and most profitable crimeware networks. more
In a Message from RegistryPro Advisory Board to Tina Dam on 24 October 2003, it is noted that .Pro is, again, asking ICANN to allow for the registration of 2nd level domains. I am, again, of mixed opinion on this. On the one hand, a registry should be able to do what it wants, within reason. This clearly falls into that category. On the other hand, .Pro has been denied once already on the grounds that registering 2nd level domains is not the proposal upon which they were approved in the "testbed" procedure of November 2000. more
Every time I witness another argument about changing the rules of the Whois system I marvel at how such an important core internet protocol could be so widely misunderstood. I don't mean that the protocol's technical details are not well understood -- it's a very simple device, easy to implement correctly and easy to use even for new users. I mean that the Whois system itself and its purpose in the Internet ecosystem is widely misunderstood. Everybody uses Whois and lots of people argue about Whois but precious few folks know why Whois exists in the first place. more
This is the first in a series of releases that tie extensive code injection campaigns directly to policy failures within the Internet architecture. In this report we detail a PHP injection found on dozens of university and non-profit websites which redirected visitor's browsers to illicit pharmacies controlled by the VIPMEDS/Rx-Partners affiliate network. This is not a unique problem, however the pharmacy shop sites in question: HEALTHCUBE[DOT]US and GETPILLS[DOT]US should not even exist under the .US Nexus Policy. more
A World-Renowned Source for Internet Developments. Serving Since 2002.