DNS

Blogs

General Data Protection Regulation and the Future of WHOIS

Why does all of the discussion around potential options for WHOIS in the era of the EU's GDPR (General Data Protection Regulation) feel like déjà vu? Is it because issues around WHOIS never really go away, and become a hot topic every few years? Is it because no one is really happy with the current system? Privacy advocates would be delighted to do away with it altogether, while business and Intellectual Property professionals press for improvements to accuracy and availability, which I fully support. more»

An Overview of the 27th DNS Operations, Analysis, and Research Center Meetings

The DNS Operations, Analysis, and Research Center (DNS-OARC) meetings are an instance of a meeting that concentrates on the single topic of the DNS, and in this case, it delves as deep as anyone is prepared to go! It's two days where too much DNS is barely enough! The hot topic of the meeting was the news that the proposed roll of the Key-Signing-Key of the root zone of the DNS, originally scheduled for October 11, was to be postponed. more»

A Closer Look at Postponing of the Root Zone KSK Rollover Decision

On Sept. 27, Internet Corporation for Assigned Names and Numbers (ICANN) announced that the first root zone Key Signing Key (KSK) rollover - originally scheduled to take place on Oct. 11 - will be postponed. Although this was certainly a difficult decision, we fully agree that erring on the side of caution is the best approach to take. In this blog post, I want to explain some of the involvement Verisign has had in KSK rollover preparations, as well as some of the recently available research opportunities which generated data that we shared with ICANN related to this decision. more»

Lessons Learned from Harvey and Irma

One of the most intense natural disasters in American history occurred last week...You may wish to donate or get involved with hurricane Harvey relief to help the afflicted. That's great, but as we all know, we should be wary of who we connect with online... The FTC warned last week that there are many active relief scams in progress and noted that there always seems to be a spike in registration of bogus domains. more»

Making Sense of the Domain Name Market - and Its Future

With ever more TLDs, where does it make sense to focus resources? After four years and a quadrupling of internet extensions, what metrics continue to make sense in the domain name industry? Which should we discard? And how do you gain understanding of this expanded market? For registries, future success is dependent on grasping the changes that have already come. For registrars, it is increasingly important to identify winners and allocate resources accordingly. The question is: how? more»

The Internet Must Remain Open - Even for Those We Disagree With

Over the past couple of weeks, following the events in Charlottesville, Virginia, there has been significant discussion in social and traditional media about various technology companies removing websites from their servers, or otherwise making them unavailable. As the operators of Canada's Internet domain, we at CIRA are getting numerous inquiries about our stance and policies on this issue. I'd like to use this opportunity to make a couple of clarifications about how CIRA works and what CIRA actually does. more»

Evolution of the Dot Brand Domains in 5 Years

ICANN's last new gTLD application closed in 2012 with more than 600 brands applying for their dot brand. Dot brand domains associate a keyword or keyphrase and a brand name in a complete domain name... To understand better how the evolution of the dotBrand has been throughout these years, number of websites launched, redirects, registries etc, Dot Brand Observatory prepared a few visual graphics. more»

Probability of ROI and Tighter Network Security by Blocking Malicious Subdomains

Failing to block a stealthy malicious host from making connections to your network could cost your company millions of dollars, a damaged reputation, and severe losses in sensitive private data. Threat intel teams have faced on-going problems: Expensive feeds that are slow to catch new threats; Chasing false positives in alerts wastes time and money; and Vendors selling a new appliance for every ill. Would 100% of your users Spot the Bot? more»

The Internet is Dead - Long Live the Internet

Back in the early 2000s, several notable Internet researchers were predicting the death of the Internet. Based on the narrative, the Internet infrastructure had not been designed for the scale that was being projected at the time, supposedly leading to fatal security and scalability issues. Yet somehow the Internet industry has always found a way to dodge the bullet at the very last minute. more»

Supporting New DNS RR Types with dnsextlang, Part II

Previous article introduced my DNS extension language, intended to make it easier to add new DNS record types to DNS software. It described a new perl module Net::DNS::Extlang that uses the extension language to automatically create perl code to handle new RRTYPEs. Today we look at my second project, intended to let people create DNS records and zone files with new RRTYPEs. more»

Is a New Set of Governance Mechanism Necessary for the New gTLDs?

In order to be able to reply to the question of whether a new set of governance mechanisms are necessary to regulate the new Global Top Level Domains (gTLDs), one should first consider how efficiently the current Uniform Domain-Name Dispute-Resolution Policy (UDRP) from the Internet Corporation for Assigned Names and Numbers (ICANN) has performed and then move to the evaluation of the Implementations Recommendations Team (ITR) recommendations. more»

Supporting New DNS RR Types with dnsextlang, Part I

The Domain Name System has always been intended to be extensible. The original spec in the 1980s had about a dozen resource record types (RRTYPEs), and since then people have invented many more so now there are about 65 different RRTYPEs. But if you look at most DNS zones, you'll only see a handful of types, NS, A, AAAA, MX, TXT, and maybe SRV. Why? A lot of the other types are arcane or obsolete, but there are plenty that are useful. more»

CAICT Holds ICANN 59 China Internet Community Readout Session

In afternoon of 14th July, the China Academy of Information and Communication Technology (CAICT) and ICANN Beijing Engagement Center jointly held the ICANN 59 China Internet Community Readout Session. Mr. Zhang Ya, Deputy Director of Information and Communication Authority under the Ministry of Industry and Information Technology (MIIT), made his presence and gave opening remarks on the meeting. Over 40 representatives from the Cyberspace Administration, the Ministry of Foreign Affairs, domain name registries and registrars, industrial organizations, institutes and universities participated in the seminar. more»

Nation Scale Internet Filtering — Do's and Don'ts

If a national government wants to prevent certain kinds of Internet communication inside its borders, the costs can be extreme and success will never be more than partial. VPN and tunnel technologies will keep improving as long as there is demand, and filtering or blocking out every such technology will be a never-ending game of one-upmanship. Everyone knows and will always know that determined Internet users will find a way to get to what they want, but sometimes the symbolic message is more important than the operational results. more»

Phishing: the Worst of Times in the DNS

The Anti-Phishing Working Group has released its latest Global Phishing Survey, written by myself and Rod Rasmussen. This report comprehensively examines a large data set of more than 250,000 confirmed phishing attacks detected in 2015 and 2016. By analyzing this cybercrime activity, we have learned more about what phishers have been doing, and how they have done it. Unfortunately, there's more phishing than ever, and phishers are registering more domain names than ever. more»

News Briefs

ICANN Delays Plans to Change DNS Cryptographic Key, Says Near 750 Million People at Risk if Rushed

The Impacts of Hurricanes Harvey, Irma, and Maria on the Internet

Canadian Internet Registration Authority Launches Cloud-Based DNS Firewall Service

Study Finds $9.8B Opportunity In Universal Acceptance of All New Generic and Internationalized TLDs

Upcoming Event: DNS Measurements Hackathon 2017

Thick Whois Policy for .COM Goes Live

Dyn Acquired by Oracle

Could Trump Administration Reverse ICANN Independency? ITIP Chief Weighs In

NIST Publishes Guide for DNS-Based Email Security, Draft Open for Public Comments

Google Announces Nomulus, Open Source Top-Level Domain Name Registry

UK's National Cyber Security Centre Reveals Plans to Scale Up DNS Filtering

US Congress Website Recovers from a Crippling 3-Day DNS Attack

US Department of Commerce Reports on Open Internet, Privatization of DNS

Neustar Announces Intention to Separate Into Two Independent and Publicly Traded Companies

Sweden Makes its TLD Zone File Publicly Available

Large Volume of DNSSEC Amplification DDoS Observed, Akamai Reports

GNU C Library Found Vulnerable to Rogue DNS Server Attacks

91.3% of Malware Use DNS as a Key Capability

Internet Root Servers Hit with Unusual DNS Amplification Attack

Hacking Increasingly Becoming a Physical Concern

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Participants – Random Selection