Later today, Senator Conrad Burns, who chairs the U.S. Senate subcommittee responsible for supervising ICANN, will be holding a hearing on a number of issues.
At the beginning of the year, a press release called "Burns Unveils NexGenTen Agenda For Communications Reform and Security in the 21st Century", had reported:
"U.S. Sen. Conrad Burns (R-Mont.) announced his top priorities for his chairmanship of the Senate Communications Subcommittee during the 108th legislative session. The ten items, called the Burns NexGenTen Tech Agenda, aim to strengthen security and usher reform for 21st Century Communication... more
In response to ICANN's request for proposal (RFP) for the selection of new sponsored Top-Level Domains, Wendy Seltzer for the At-Large Advisory Committee (ALAC) urges ICANN to move quickly beyond "testing" to more open addition of a full range of new gTLDs in the near future and offers some general principles to guide that expansion. more
I have no idea who wrote that wonderful piece, Time for Reformation of the Internet, posted by Susan Crawford. (It wasn't me - I never use the word "netizen".) Elliot Noss of Tucows wrote a partial rebuttal, I must be attending the wrong ICANN meetings. Elliot's company, Tucows, has been a leader in registrar innovation and competition. And Tucows has constantly been among the most imaginative, progressive, responsible, and socially engaged companies engaged in these debates. ...But the points made by Time for Reformation of the Internet go far beyond registries and registrars. more
ICANN's GNSO council had WHOIS on its agenda for today. The options on the table: (1) Accepting the outcome of years of policy development processes; (2) rejecting that outcome (again?), but calling for some kind of fact-gathering to feed into future policy work, in order to keep the space occupied; (3) acknowledging that there is broad dissent in the Internet community, and calling for a sunset on the WHOIS clauses in current agreements, as these clauses are not backed by community consensus any more. Not very surprisingly, motions (1) and (3) failed; (2) was accepted; all that after lengthy discussion, with lots of procedural bells and whistles. more
One of the best sources of information about sites on the web is the Whois database. A trio of patent applications from Go Daddy, published last week at the US Patent and Trademark Office, explores whether adding additional information to the Whois database might help reduce spam, phishing, and other fraudulent practices and improve search engine results. The patent filings from Go Daddy would add reputation information to the published Whois data to let others use it for a number of reasons, including enabling search engines incorporate it into their ranking mechanisms. ...The patent application from Google focuses upon fighting web spam using a wide range of data, including that associated with domain names. ...We can't really be certain that Google is presently using this information, but there are some indications that they may be... more
It's safe to say that with just a week to go before ICANN intended to sign the first contract for a new gTLD, the last thing anyone wanted was a 12-page document from the world's governments with 16 new "safeguards", six of which it wants to see applied to every new extension. But what the industry shouldn't overlook, especially in the face of the expected critical responses this week and next, is that the Governmental Advisory Committee's (GAC's) formal advice from the ICANN Beijing meeting represents an opportunity for the domain name industry to lock-in self-regulation at a critical point in its evolution. more
Earlier this year, I wrote glowingly about the new CIRA whois policy, which took effect today and which I described as striking the right balance between access and privacy. The policy was to have provided new privacy protection to individual registrants - hundreds of thousands of Canadians - by removing the public disclosure of their personal contact information... Apparently I spoke too soon. more
This is the first in a series of releases that tie extensive code injection campaigns directly to policy failures within the Internet architecture. In this report we detail a PHP injection found on dozens of university and non-profit websites which redirected visitor's browsers to illicit pharmacies controlled by the VIPMEDS/Rx-Partners affiliate network. This is not a unique problem, however the pharmacy shop sites in question: HEALTHCUBE[DOT]US and GETPILLS[DOT]US should not even exist under the .US Nexus Policy. more
Given the recent panix.com hijacking, I will give an outline of the current ICANN transfers process for gtlds. In the case of panix.com, evidence so far indicates that a third party that holds an account with a reseller of Melbourne IT, fraudulently initiated the transfer. The third party appears to have used stolen credit cards to establish this account and pay for the transfer. That reseller is analyzing its logs and cooperating with law enforcement. more
On March 13, 2019, I published an article on CircleID, Portrait of a Single-Character Domain Name, that explored the proposed release and auction of o.com, a single-character .com domain name that was registered in 1993 and assigned to the Internet Assigned Numbers Authority (IANA) by Dr. Jon Postel. Although the National Telecommunications and Information Administration (NTIA) has since raised serious objections... more
An industry professional at Abusix is the backbone behind a proposal to improve and create better mitigation of abuse across different global internet networks. Basically, this introduces a mandatory "abuse contact" field for objects in global Whois databases. This provides a more efficient way for abuse reports to reach the correct network contact. Personally - as a Postmaster for a leading, white-label ISP, I applaud this with great happiness for multiple reasons. I also feel people who handle abuse desks, anti-abuse roles, etc. should closely follow this. more
Implementation of European Union's General Data Protection Regulation, or GDPR, is a major concern of our government, said David Redl during a meeting held on Thursday in Washington DC. more
Declan McCullagh recently opined that the "FBI [and the] DEA warn [that] IPv6 could shield criminals from police." His post was picked-up relatively widely in the past few days, with the headlines adding more hyperbole along the way. So just how real is this threat? Let's take a look. more
The Internet Commerce Association (ICA) has posted a position paper and analysis of S. 2661, introduced on 2/25/08 in the US Senate. While we are firmly opposed to phishing and other criminal activities that may utilize domain names we are very concerned about the provisions of the proposal that appear to provide trademark owners with a means to avoid both UDRP and ACPA actions and alternatively bring private claims against domain names with a lower burden of proof and the potential for far higher monetary damages, without even requiring an allegation that the DN was in any way being utilized in a phishing scheme... more
Every time I witness another argument about changing the rules of the Whois system I marvel at how such an important core internet protocol could be so widely misunderstood. I don't mean that the protocol's technical details are not well understood -- it's a very simple device, easy to implement correctly and easy to use even for new users. I mean that the Whois system itself and its purpose in the Internet ecosystem is widely misunderstood. Everybody uses Whois and lots of people argue about Whois but precious few folks know why Whois exists in the first place. more