You may have seen a new proposal for a "mobile" top-level domain name for use by something called "mobile users" whatever they are. (The domain will not actually be named .mobile, rumours are they are hoping for a coveted one-letter TLD like .m "to make it easier to type on a mobile phone.) Centuries ago, as trademark law began its evolution, we learned one pretty strong rule about building rules for a name system for commerce, and even for non-commerce.
Nobody should be given ownership of generic terms. Nobody should have ownership rights in a generic word like "apple" -- not Apple Computer, not Apple Records, not the Washington State Apple Growers, not a man named John Apple. more
COICA (Combating Online Infringement and Counterfeits Act) is a legislative bill introduced in the United States Senate during 2010 that has been the topic of considerable debate. After my name was mentioned during some testimony before a Senate committee last year I dug into the details and I am alarmed. I wrote recently about interactions between DNS blocking and Secure DNS and in this article I will expand on the reasons why COICA as proposed last year should not be pursued further in any similar form. more
Everyone is probably well aware of the Kashpureff-style DNS cache- poisoning exploit (I'll call this "classic cache poisoning"). For reference, see the original US-CERT advisory prompted by this exploit. Vendors patched their code to appropriately scrub (validate) responses so that caches could not be poisoned. For the next 7-8 years, we didn't hear much about cache poisoning. However, there was still a vulnerability lurking in the code, directly related to cache poisoning. ...On April 7, 2005, the SANS ISC (not to be confused with Internet Systems Consortium) posted an update detailing how Microsoft Windows DNS servers were still being poisoned, even though the "Secure cache against pollution" option was set. The SANS ISC found that Windows DNS servers using BIND4 and BIND8 servers as forwarders were being poisoned. But how could this be? more
The Wall Street Journal's dubious story about Iran's use of Deep Packet Inspection (DPI) for spying, censorship and disinformation appears in a highly charged atmosphere. The US Republican right wing wants the US to talk tougher to Iran, to bomb-bomb-bomb, invade, or commit "regime change." More questions than mine have surfaced about the WSJ's story... more
Fueled by the lack of public IP addresses, 70% of Fortune 1000 companies have been forced to deploy NATs (Source: Center for Next Generation Internet). NATs are also found in hundreds of thousands of small business and home networks where several hosts must share a single IP address. It has been so successful in slowing the depletion of IPv4 addresses that many have questioned the need for IPv6 in the near future. However, such conclusions ignore the fact that a strategy based on avoiding a crisis can never provide the long-term benefits that solving the underlying problems that precipitated the crisis offers. more
One topic does not appear to have a compellingly obvious localization solution in the multi-lingual world, and that is the Domain Name System (DNS). The subtle difference here is that the DNS is the glue that binds all users' language symbols together, and performing localized adaptations to suit local language use needs is not enough. What we need is a means to allow all of these language symbols to be used within the same system, or "internationalization". more
As some readers probably know, I spend quite a bit of my time working on Internet policy related matters. Some of it may appear incredibly boring, but it matters. (If you really want me to explain why it matters I'd be happy to do so!) Since earlier this year I've been part of a small team of people drawn from the four corners of the globe and asked to re-examine "whois". more
Since the launch of the New gTLD Program in 2012, it has become evident that new gTLD registries overestimated the demand for new Top-Level Domain name extensions. Furthermore, new gTLD registries did not anticipate the hurdles in raising awareness, not to mention creating adoption for new domains. Even the most pessimistic New gTLD Program critic did not expect such uninspiring results. It was a wake up call for many in the domain industry. The New gTLD Program currently lacks credibility. No new gTLD has yet to go mainstream and capture the world's imagination. more
Cell phone carriers have seen a huge growth in wireless data usage. The iPhone is selling like hotcakes, and its users generate large amounts of traffic. Not surprisingly, as cellular providers deploy faster network technologies, users generate even more data... more
During the 2+ weeks for which Site Finder was operational, a number of ISPs took steps to disable the service. A study just released reveals details and analysis, including specific networks disabling Site Finder during its operational period. For example, China blocked the traffic at its backbone, and Taiwan's Chunghwa Telecom and Korea's DACOM also disabled the service. US ISPs seem to have been slower to act, in general -- but US ISP Adelphia disabled the service September 20-22 before re-enabling it on September 23. more
For some time now we've been tracking the progress of the deployment of DNSSEC in the Internet. Its been a story of an evolution of the measurement technique... In the process we've learned perhaps more than we had wanted to about the behaviour of Flash engines, Apache web servers and FreeBSD system tuning, and also learned much more than we had anticipated about the finer details of Google's online ad presentation behaviour. But one thing we did not see in all of this was any large scale jumps in the level of client use of DNSSEC validation over this period at the start of the year. more
I have discovered that VeriSign's SiteFinder service breaks Microsoft's Outlook and Microsoft's Outlook Express email readers as well as many of the standard Windows Networking Utilities by providing misleading error messages, temporary lockups, and incorrect status information. more
In follow-up to recent announcement on the release of the latest edition of the very popular DNS and BIND book -- often referred to as the bible of DNS -- CircleID has caught up with Cricket Liu, co-author and a world renowned authority on the Domain Name System. In this interview, Cricket Liu talks about emerging issues around DNS such as security and IPv6 support, and important new features such as internationalized domain names, ENUM (electronic numbering), and SPF (the Sender Policy Framework). "Cricket Liu: We're now seeing more frequent attacks against DNS infrastructure. ...Turns out that name servers are terrific amplifiers -- you can get an amplification factor of nearly 100x. These attacks have raised awareness of the vulnerability of Internet name servers, which is possibly the only positive result..." more
In a move that flies in the face of established international guidelines, the New York Senate is pushing through a bill that would forbid registering the name of a living person with the purpose of selling the domain to that person. The New York Senate's bill is called "domain names cyber piracy protections act" and is championed by State Senator Betty Little (S2306). Generally speaking, registering a person's name solely to sell the domain to that person is a losing cause in UDRP arbitrations. But the New York bill is scary for a few reasons... more
Mobile WiMAX, with the release of 2×2 MIMO chips in 2008, gives WiMAX a lead of two or so years on its major competitor -- the 3GPP's LTE. However, 3G cellphones using 3GPP UMTS technologies, extended to higher speeds with HSPA, is widely used in handsets in many countries. In North America, 3GPP2 CDMA2000 and EV-DO are widely used, but these are likely to be replaced over time by LTE and to some extent WiMAX. more
Sponsored byCSC
Sponsored byVerisign
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byDNIB.com
A World-Renowned Source for Internet Developments. Serving Since 2002.