DNS

Blogs

Call for Participation - ICANN DNSSEC Workshop at ICANN62, Panama City

Would you like to share information about how you are using DNSSEC with the wider technical community? Do you have an idea for how to make DNSSEC or DANE work better? Or work with new applications? If so - and if you will be attending ICANN 62 in Panama City, Panama from 25-28 June 2018 - then please consider sending in a proposal to participate as a speaker in the ICANN 62 DNSSEC Workshop! more

The Fight Is on to Save Access to WHOIS: A Call to Action for Brand Owners

Late last week, ICANN published the guidance from the Article 29 Working Party (WP29) that we have been waiting for. Predictably, WP29 took a privacy maximalist approach to the question of how Europe's General Data Protection Regulation (GDPR) applies to WHOIS, a tool widely used by cybersecurity professionals, businesses, intellectual property owners, consumer protection agencies and others to facilitate a safer and more secure internet.  more

DNS Complexity Lessons

Recently, Bert Hubert wrote of a growing problem in the networking world: the complexity of DNS. We have two systems we all use in the Internet, DNS and BGP. Both of these systems appear to be able to handle anything we can throw at them and "keep on ticking." But how far can we drive the complexity of these systems before they ultimately fail? Bert posted a chart on the APNIC blog to illustrate the problem. more

GDPR and WHOIS - We've Heard from the Article 29 Working Party, Now What?

Well, here we are on Friday the 13th and I couldn't think of a better way to spend the day than providing an update on GDPR, WHOIS and ICANN. There's lots to cover, so let's dive right in. As we have been talking about for a number of months now, the EU's new General Data Privacy Regulation (GDPR) will become enforceable on May 25th. The ICANN community has been struggling with how GDPR will impact the WHOIS system. more

7th Registration Operations Workshop (ROW), Vancouver, Thursday May 17th 2018

The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system. The 7th ROW will be held in Vancouver, Canada on Thursday, May 17th 2018 in the afternoon, at the end of the GDD Industry Summit, in the same venue. more

Holocaust Remembrance Day

Today is Holocaust Remembrance Day. Today we remember that the Nazis rounded up Jews, Roma, political dissidents, and other "undesirables" using the best data and technology of the day and sent them off to concentration camps. We don't normally deal with this type of political reality in ICANN, but now is the time to do so. In 1995, the recently formed European Union passed the EU Data Protection Directive. more

ICANN IPC & BC to Host Cross-Community Call on Accreditation/Access Model for Non-Public WHOIS Data

The ICANN Intellectual Property Constituency (IPC) and Business Constituency (BC) will be hosting a community-wide discussion regarding the proposed accreditation and access model for non-public WHOIS data, which was first circulated to the community during ICANN 61. The discussion will take place via ICANN-supported remote participation and/or audio bridge this Friday, April 6, 2018, from 1400-1600 UTC. more

Oblivious DNS: Plugging the Internet's Biggest Privacy Hole

The recent news that Mozilla and Cloudflare are deploying their own DNS recursive resolver has once again raised hopes that users will enjoy improved privacy, since they can send DNS traffic encrypted to Cloudflare, rather than to their ISP. In this post, we explain why this approach only moves your private data from the ISP to (yet another) third party. You might trust that third party more than your ISP, but you still have to trust them. In this post, we present an alternative design -- Oblivious DNS -- that prevents you from having to make that choice at all. more

ICANN Cannot Expect the DPAs to Re-Design WHOIS, but Asking for a Reprieve Makes Sense

We are on the brink of the most serious threat to the open and public Internet for decades. ICANN, under pressure from domain name registrars and EU data protection authorities, has proposed an "interim" plan that will hide critical information in WHOIS. Security, threat intelligence, and anti-abuse professionals rely on WHOIS to track down bad guys and keep the Internet as safe and secure as possible. more

Accreditation & Access Model For Non-Public Whois Data

In the current debate over the balance between privacy and Internet safety and security, one of the unanswered questions is: "How will those responsible for protecting the public interest gain access to the non-public data in the WHOIS databases post General Data Protection Regulation (GDPR)?" In an attempt to prevent WHOIS data from going "dark," several community members have been working for the past weeks to create a model that could be used to accredit users and enable access to the non-public WHOIS data. more

Takeaways from the DNS-OARC's 28th Workshop

March has seen the first of the DNS Operations, Analysis, and Research Center (OARC) workshops for the year, where two days of too much DNS is just not enough! These workshops are concentrated within two days of presentations and discussions that focus exclusively on the current state of the DNS. Here are my impressions of the meeting. more

ICANN Proposed Interim GDPR Compliance Model Would Kill Operational Transparency of the Internet

ICANN has consistently said its intention in complying with the European Union's General Data Protection Regulation (GDPR) is to comply while at the same time maintaining access to the WHOIS domain name registration database "to greatest extent possible." On February 28, ICANN published its proposed model. Strangely, while ICANN acknowledges that some of the critical purposes for WHOIS include consumer protection, investigation of cybercrimes, mitigation of DNS abuse, and intellectual property protection, the model ICANN proposes provides no meaningful pathway to use WHOIS in those ways. more

Have We Reached Peak Use of DNSSEC?

The story about securing the DNS has a rich and, in Internet terms, protracted history. The original problem statement was simple: how can you tell if the answer you get from your query to the DNS system is 'genuine' or not? The DNS alone can't help here. You ask a question and get an answer. You are trusting that the DNS has not lied to you, but that trust is not always justified. more

Preparing for GDPR's Impact on WHOIS - 5 Steps to Consider

With GDPR coming into effect this May, it is almost a forgone conclusion that WHOIS as we know it today, will change. Without knowing the full details, how can companies begin to prepare? First and foremost, ensuring that brand protection, security and compliance departments are aware that a change to WHOIS access is on the horizon is an important first step. Just knowing that the ability to uncover domain ownership information is likely to change in the future will help to relieve some of the angst that is likely to occur. more

How Do You Turn a Typesetting Language Into an Identifier System? (Not Easily)

Unicode's goal, which it meets quite well, is that whatever text you want to represent in whatever language, dead or alive, Unicode can represent the characters or symbols it uses. Any computer with a set of Unicode typefaces and suitable layout software can display that text. In effect, Unicode is primarily a typesetting language. Over in the domain name system, we also use Unicode to represent non-ASCII identifiers. That turns out to be a problem because an identifier needs a unique form, something that doesn't matter for typesetting. more

News Briefs

DNS Server Hijacking Results in Funds Being Stolen from Popular Crypto Website, MyEtherWallet

APNIC Labs Partners with Cloudflare for Joint DNS Research Project

ICANN Spearheading Launch of Virtual DNS Entrepreneurship Center of the Caribbean

ICANN Cancels .CORP, .HOME, and .MAIL TLDs Indefintley Due to Collision Concerns

Hackers Hijack DNS Server for Cyrptocurrency Wallet BlackWallet, Over $400K Stolen From Users

Puerto Rico Disaster Stands Alone: A Look at Prolonged and Widespread Impact on Its Internet Access

Russia in Talks to Create Independent DNS

IBM Launches Quad9, a DNS-based Privacy and Security Service to Protect Users from Malicious Sites

EFF Warns ICANN Not to Engage in Censorship, Says It Should Stick to Technical Role

ICANN Delays Plans to Change DNS Cryptographic Key, Says Near 750 Million People at Risk if Rushed

The Impacts of Hurricanes Harvey, Irma, and Maria on the Internet

Canadian Internet Registration Authority Launches Cloud-Based DNS Firewall Service

Study Finds $9.8B Opportunity In Universal Acceptance of All New Generic and Internationalized TLDs

Upcoming Event: DNS Measurements Hackathon 2017

Thick Whois Policy for .COM Goes Live

Dyn Acquired by Oracle

Could Trump Administration Reverse ICANN Independency? ITIP Chief Weighs In

NIST Publishes Guide for DNS-Based Email Security, Draft Open for Public Comments

Google Announces Nomulus, Open Source Top-Level Domain Name Registry

UK's National Cyber Security Centre Reveals Plans to Scale Up DNS Filtering

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Participants – Random Selection