The EU has once again turned its attention to domain name registration data (WHOIS) -- this time reinforcing requirements to collect, maintain, verify, and disclose WHOIS for IP enforcement purposes through its "Commission Recommendation" on measures to combat counterfeiting and enhance the enforcement of IP Rights. Published last month, this regulatory action demonstrates the EU's commitment to restore WHOIS despite... more
During CSG Open Working Session at ICANN79, Members from the ICANN Community were invited to an open meeting to share their experiences with Registration Data Request System (RDRS) from the Requestor side. As President of the Edgemoor Research Institute (ERI), I had the honor to present the keynote address and I am pleased to be able to provide you with ERI's report of the meeting. more
Last November, ICANN launched a ticketing system for those interested in obtaining domain name registration data ("WHOIS"). Titled Registration Data Request Service, or RDRS, the portal aims to direct requests for WHOIS data to participating registrars, who then decide whether or not to disclose the data. more
In 2020, the ICANN Generic Name Supporting Organization (GNSO) Council approved a plan to revamp the WHOIS system as per the recommendations given by the ICANN Expedited Policy Development Process (EPDP). This plan directed ICANN to develop a centralized System for Standardized Access/Disclosure (SSAD) for WHOIS records. After much debate regarding the suitability and cost of such a system, ICANN brought together a group... more
Over the last two years, we've all faced supply shortages on items we previously never thought could be in short supply. Most recently, the baby formula and semiconductor markets were hit. Before that, supply chain attacks on Colonial Pipeline and JBS Foods showed us that an attack on one company through a singular point of compromise has the potential to disrupt an entire network of connected companies, products, partners, vendors, and customers. more
Domain brand squatting can be defined as the unauthorized or dishonest use of a brand or company identifiers in domain names. It is often linked to the use of look-alike domains in bad faith, and we see it all the time. The threat actors behind these domains are called different names, though a prevalent one would be “typosquatters.” The Hot on the Trail of Compulsive Brand Squatters webinar showcased how these people are infiltrating the Internet. The first page of PhishTank’s valid phish search alone as of this writing tells us that domain brand squatting is a real and present danger. more
ICANN has once again acceded to the wants of contracted parties and is at risk of abdicating its duty to act in the global public interest when it comes to WHOIS policy. Its inability or unwillingness to date to reign in bad WHOIS policy, driven by contracted party interests, flies in the face of its previously-expressed policy goal “to ensure the continued availability of WHOIS to the greatest extent possible while maintaining the security and stability of the Internet’s system of unique identifiers.” more
Earlier this year, the Internet Engineering Task Force’s (IETF’s) Internet Engineering Steering Group (IESG) announced that several Proposed Standards related to the Registration Data Access Protocol (RDAP), including three that I co-authored, were being promoted to the prestigious designation of Internet Standard. Initially accepted as proposed standards six years ago, RFC 7480, RFC 7481, RFC 9082 and RFC 9083 now comprise the new Standard 95. RDAP allows users to access domain registration data and could one day replace its predecessor the WHOIS protocol. more
A World-Renowned Source for Internet Developments. Serving Since 2002.