DNS

Blogs

Fairness & Due Process Require Changes to ICANN's "Updated Supplementary Procedures" to the IRP

The Updated Supplementary Procedures for Independent Review Process ("IRP Supplementary Procedures") are now up for review and Public Comment. Frankly, there is a lot of work to be done. If you have ever been in a String Objection, Community Objection, or negotiated a Consensus Policy, your rights are being limited by the current way the IRP Supplementary Procedures proposal is structured. With timely edits, we can ensure that all directly-impacted and materially-affected parties have actual notice of the IRP proceeding... more»

New Report on "State of DNSSEC Deployment 2016" Shows Continued Growth

Did you know that over 50% of .CZ domains are now signed with DNS Security Extensions (DNSSEC)? Or that over 2.5 million .NL domains and almost 1 million .BR domains are now DNSSEC-signed? Were you aware that around 80% of DNS clients are now requesting DNSSEC signatures in their DNS queries? And did you know that over 100,000 email domains are using DNSSEC and DANE to enable secure email between servers? more»

CircleID's Top 10 Posts of 2016

The new year is upon us and it's time for our annual look at CircleID's most popular posts of the past year and highlighting those that received the most attention. Congratulations to all the 2016 participants and best wishes to all in the new year. more»

Curious Statement About 2012 gTLD Round Name Collision Fears at IGF

During his presentation at IGF on 7 December in Guadalajara, Akram Atallah, President of ICANN's Global Domain Division, said the following: So when you look at that, you'll see that we are left with only 20 to go. There are a few that need to be withdrawn that haven't withdrawn... This surprised me, but since the meeting was about possible new application procedures and not the handling of the last round's persistent problems, I decided not to ask at that point. more»

Call for Participation - ICANN DNSSEC Workshop at ICANN58 in Copenhagen

Do you have new information about DNSSEC or DANE that you would like to share with the wider community? Have you created a new tool or service? Have you found a way to use DNSSEC to secure some other service? Do you have new statistics about the growth or usage of DNSSEC, DANE or other related technology? If so, and if you will be in Copenhagen, Denmark, for ICANN 58 in March 2017 (or can get there), please consider submitting a proposal to speak at the ICANN 58 DNSSEC Workshop! more»

DNSSEC Activities at ICANN 57 in Hyderabad on 4-7 November 2016

Friday marks the beginning of the ICANN 57 meeting in Hyderabad, India. As per usual there will be a range of activities related to DNSSEC or DANE. Two of the sessions will be streamed live and will be recorded for later viewing. Here is what is happening. All times below are India Standard Time (IST), which is UTC+05:30. Please do join us for a great set of sessions about how we can work together to make the DNS more secure and trusted! more»

ICANN57 Preview: What to Expect in Hyderabad

The domain name industry descends on Hyderabad this week for ICANN's 57th annual public meeting, with a mixed sentiment of excitement and determination as ICANN stands on its own two feet absent US Government oversight. We'll have to get used some new acronyms as a result: PTI -- Public Technical Identifier; and the CSC -- Customer Standing Committee, but otherwise I don't think many of us will notice the difference. more»

The Effects of the Forthcoming FCC Privacy Rules on Internet Security

Last week, the Federal Communications Commission (FCC) announced new privacy rules that govern how Internet service providers can share information about consumers with third parties. One focus of this rulemaking has been on the use and sharing of so-called "Consumer Proprietary Network Information (CPNI)" - information about subscribers - for advertising. The Center for Information Technology Policy and the Center for Democracy and Technology jointly hosted a panel exploring this topic last May... more»

Taking a Closer Look at the Recent DDoS Attacks and What it Means for the DNS

The recent attacks on the DNS infrastructure operated by Dyn in October 2016 have generated a lot of comment in recent days. Indeed, it's not often that the DNS itself has been prominent in the mainstream of news commentary, and in some ways, this DNS DDOS prominence is for all the wrong reasons! I'd like to speculate a bit on what this attack means for the DNS and what we could do to mitigate the recurrence of such attacks. more»

Trust Isn't Easy: Drawing an Agenda from Friday's DDoS Attack and the Internet of Things

Last week, millions of infected devices directed Internet traffic to DNS service provider Dyn, resulting in a Distributed Denial of Service (DDoS) attack that took down major websites including Twitter, Amazon, Netflix, and more. In a recent blog post, security expert Bruce Schneier argued that "someone has been probing the defences of the companies that run critical pieces of the Internet". This attack seems to be part of that trend. This disruption begs the question: Can we trust the Internet? more»

How Did We Get Here? A Look Back at the History of IANA

October 2016 marks a milestone in the story of the Internet. At the start of the month, the United States Government let its residual oversight arrangements with ICANN over the operation of the IANA lapse. No single government now has a unique relationship with the governance of the protocol elements of the Internet, and it is now in the hands of a community of interested parties in a so-called Multi-Stakeholder framework. This is a unique step for the Internet and not without its attendant risks. How did we get here? more»

A Great Collaborative Effort: Increasing the Strength of the Zone Signing Key for the Root Zone

A few weeks ago, on Oct. 1, 2016, Verisign successfully doubled the size of the cryptographic key that generates DNSSEC signatures for the internet's root zone. With this change, root zone DNS responses can be fully validated using 2048-bit RSA keys. This project involved work by numerous people within Verisign, as well as collaborations with ICANN, Internet Assigned Numbers Authority (IANA) and National Telecommunications and Information Administration (NTIA). more»

.US Hosts its Annual Town Hall Meeting

Neustar, a leading provider of registry services, is hosting a Town Hall meeting this month for the United States' country code Top-Level Domain, .US. Neustar introduced the .US Town Hall last year to reflect our commitment -- and the Commerce Department commitment to the bottom-up, multistakeholder model of DNS management. The public forum is an important part of ensuring that .US continues to be a vibrant namespace that reflects America's diversity, creativity, and innovative spirit. more»

How to Handle an Outage Like a Pro

In just the last two weeks, there were three major DNS outages between Google, Microsoft Azure, and Fonality. But only one of these companies was able to make even bigger waves with the way they handled their blunder. Fonality, who sells VoIP services and business phone systems, offered a very rare and transparent analysis of their outage. In a detailed statement from Chief Marketing Officer Jeff Valentine, readers were given crucial insight on how to prevent the same mistakes from happening to other companies. more»

The Wild West Of Performance Measurement: Using Data To Ensure Optimal Vendor Selection

Data-driven decision making relies on contextual understanding of how data is gathered and the type of analysis used to arrive at an outcome. The popularity of data-driven decision-making has increased the number of companies using statistics to support a preference or vendor selection. The Internet Performance Management (IPM) market hasn't been spared, but, unlike other markets where institutions have codified a standard for qualification and quantification, such as the FDA's nutrition labels, Insurance Institute for Highway Safety, or the Coffee Quality Institute, the IPM market is still in the Wild West stage. more»

News Briefs

Dyn Acquired by Oracle

Could Trump Administration Reverse ICANN Independency? ITIP Chief Weighs In

NIST Publishes Guide for DNS-Based Email Security, Draft Open for Public Comments

Google Announces Nomulus, Open Source Top-Level Domain Name Registry

UK's National Cyber Security Centre Reveals Plans to Scale Up DNS Filtering

US Congress Website Recovers from a Crippling 3-Day DNS Attack

US Department of Commerce Reports on Open Internet, Privatization of DNS

Neustar Announces Intention to Separate Into Two Independent and Publicly Traded Companies

Sweden Makes its TLD Zone File Publicly Available

Large Volume of DNSSEC Amplification DDoS Observed, Akamai Reports

GNU C Library Found Vulnerable to Rogue DNS Server Attacks

91.3% of Malware Use DNS as a Key Capability

Internet Root Servers Hit with Unusual DNS Amplification Attack

Hacking Increasingly Becoming a Physical Concern

IANA Contract Extended by One Year, Announces Department of Commerce

Group Working on Securing Email Using DNS

New Report on Performance Measurements of the DNS Root Service in China

M3AAWG Releases Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

Comparing Root Server Performance Around the World

AFRINIC Partners With ICANN on AFRICA DNS Business Exchange Programme

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Participants – Random Selection