For now, it appears that the new, more technically focused and privacy-friendly definition of the purpose of Whois survived the Marrakech meeting. The U.S. Government and the copyright and law enforcement interests mounted a major onslaught against the Generic Names Supporting Organization (GNSO) action, using the Governmental Advisory Committee (GAC) as their pressure point. more
A recent statement released by the U.S. Federal Trade Commission emphasized that the Whois databases should be kept "open, transparent, and accessible," allowing agencies like the FTC to protect consumers and consumers to protect themselves: "In short, if ICANN restricts the use of Whois data to technical purposes only, it will greatly impair the FTC's ability to identify Internet malefactors quickly -- and ultimately stop perpetrators of fraud, spam, and spyware from infecting consumers' computers," the statement states." more
A few weeks ago ICANN's domain name policy making organ (the GNSO) decided that the purpose of Whois was domain name coordination and not compulsory surveillance of domain name registrants. The US and Australian governments expressed their opposition. The US government's lack of concern for privacy is well known. But what about Australia? The Australian ICANN Governmental Advisory Committee (GAC) representative, Ashley Cross, tried to use his authority as "a government" to intimidate the GNSO, sending it a message announcing that "Australia" supports a broader definition of Whois purpose that gives ICANN a blank check... What does "Australia" really support, however? more
In a recent article, eWeek reports on researchers at Microsoft revealing large-scale, typo-squatting schemes that use "multi-layer URL redirection to game Google's AdSense for domains program". According to this report, the Microsoft Research Systems Management Research Group succeeded in tracking a ring of typo-squatters registering misspelled domain names that generated traffic for serving advertising from Google. more
In the recent court decision of CyBerCorp Holding v. Allman case, although the registrant of the domain name 'cybertraderlive.com' did lose the Uniform Domain Name Dispute Resolution Policy (UDRP) case and was found to have acted in bad faith (having been a former customer of complainant), the decision is noteworthy as it finds that registrant's use of proxy service to keep contact information private, in and of itself is not evidence of bad faith... more
In response to ICANN's request for proposal (RFP) for the selection of new sponsored Top-Level Domains, Wendy Seltzer for the At-Large Advisory Committee (ALAC) urges ICANN to move quickly beyond "testing" to more open addition of a full range of new gTLDs in the near future and offers some general principles to guide that expansion. more
Bruce Young tells a story of an Internet user who gets into trouble because "his" domain name was registered in the name of a web hosting provider that went bankrupt later on...As far as registrars are concerned, ICANN is currently doing its homework on domain name portability. As far as web hosting companies are concerned, though, these suggestions only look appealing at first sight. Upon closer inspection, they wouldn't be good policy... more
Later today, Senator Conrad Burns, who chairs the U.S. Senate subcommittee responsible for supervising ICANN, will be holding a hearing on a number of issues.
At the beginning of the year, a press release called "Burns Unveils NexGenTen Agenda For Communications Reform and Security in the 21st Century", had reported:
"U.S. Sen. Conrad Burns (R-Mont.) announced his top priorities for his chairmanship of the Senate Communications Subcommittee during the 108th legislative session. The ten items, called the Burns NexGenTen Tech Agenda, aim to strengthen security and usher reform for 21st Century Communication... more
At a workshop held in late June in Montreal (Canada) -- Karl Auerbach had submitted some live coverage to CircleID --, the Internet Corporation for Assigned Names and Numbers (ICANN) had an in-depth look at various aspects of the Internet's WHOIS databases. These databases associate social information (like holders' names and contact information) with network identifiers, such as IP addresses and domain names. Current policy for these databases -- in particular in the generic top level domain area -- is part of ICANN's contracts with domain name retailers ("registrars") and database operators ("registries"), and permits for use of the data by arbitrary parties for arbitrary purposes. more
The Internet Corporation for Assigned Names and Numbers (ICANN) recently launched organizing of the individual Internet user community (At-Large) for increasing global participation and representation in ICANN. Under a framework approved by ICANN's Board of Directors, local and regional groups may now form in Latin America to involve their members in critical issues that effect their use of the Internet's domain name system. more
In 2020, the ICANN Generic Name Supporting Organization (GNSO) Council approved a plan to revamp the WHOIS system as per the recommendations given by the ICANN Expedited Policy Development Process (EPDP). This plan directed ICANN to develop a centralized System for Standardized Access/Disclosure (SSAD) for WHOIS records. After much debate regarding the suitability and cost of such a system, ICANN brought together a group... more
Over the last two years, we've all faced supply shortages on items we previously never thought could be in short supply. Most recently, the baby formula and semiconductor markets were hit. Before that, supply chain attacks on Colonial Pipeline and JBS Foods showed us that an attack on one company through a singular point of compromise has the potential to disrupt an entire network of connected companies, products, partners, vendors, and customers. more
Domain brand squatting can be defined as the unauthorized or dishonest use of a brand or company identifiers in domain names. It is often linked to the use of look-alike domains in bad faith, and we see it all the time. The threat actors behind these domains are called different names, though a prevalent one would be “typosquatters.” The Hot on the Trail of Compulsive Brand Squatters webinar showcased how these people are infiltrating the Internet. The first page of PhishTank’s valid phish search alone as of this writing tells us that domain brand squatting is a real and present danger. more
ICANN has once again acceded to the wants of contracted parties and is at risk of abdicating its duty to act in the global public interest when it comes to WHOIS policy. Its inability or unwillingness to date to reign in bad WHOIS policy, driven by contracted party interests, flies in the face of its previously-expressed policy goal “to ensure the continued availability of WHOIS to the greatest extent possible while maintaining the security and stability of the Internet’s system of unique identifiers.” more
Earlier this year, the Internet Engineering Task Force’s (IETF’s) Internet Engineering Steering Group (IESG) announced that several Proposed Standards related to the Registration Data Access Protocol (RDAP), including three that I co-authored, were being promoted to the prestigious designation of Internet Standard. Initially accepted as proposed standards six years ago, RFC 7480, RFC 7481, RFC 9082 and RFC 9083 now comprise the new Standard 95. RDAP allows users to access domain registration data and could one day replace its predecessor the WHOIS protocol. more
A World-Renowned Source for Internet Developments. Serving Since 2002.