DNS

Blogs

Quo Vadis ICANN?

The short history of Internet Governance is full of errors, failures, and - mainly - omissions. Despite the shortcomings, we also must acknowledge the achievements of past and present internet governance efforts. In particular, ICANN and its stakeholder constituencies have delivered on the mandate of a stable, secure and resilient Internet. Working with the IANA, IAB and IETF, the operational functions of IP addresses, and the Protocol Assignment and DNS must be seen as an unqualified success. more

The Future of Internet Governance? Comments on IGF 2018 Speech by French President Emmanuel Macron

Macron has declared the Internet to be under threat. Without stepping back to question and explore the underlying causes of those threats, he uses them as a justification to propose a different approach to, albeit limited, current Internet Governance processes. Here we explore his proposals and some of the issues they generate. He acknowledges that Civil Society and the private sector have been core drivers in the creation of the Internet. He argues that its benefits and existence are endangered by predatory practices. more

A Look at ICANN's Creation

My story begins in ancient times when dinosaurs ruled the earth. It was a time when you could download a movie onto your desktop computer through your 56k dial-up connection if you had a few days. It was a time when more people were on the Minitel in France than on the Internet globally and when the Republic of Korea could fit all of its internet users into one small hotel room. I know because I met them all in that room. more

M3AAWG and APWG Do the Best Survey Yet on WHOIS Redaction

M3AAWG, the Messaging, Malware, and Mobile, Anti-Abuse Working Group and APWG, the Anti-Phishing Working Group, surveyed their members about recent WHOIS changes. With over 300 results from security researchers, it's the broadest report yet on WHOIS use. The survey results confirm our concerns that WHOIS was a vital resource for security research, and its loss is a serious and ongoing problem. more

"In the Public Interest"

Prior to November 30th of this year, the National Telecommunications and Information Administration (NTIA) must decide whether to renew or allow to expire its Cooperative Agreement with Verisign, the private-sector corporation that operationally controls the root of the Internet.. The Cooperative Agreement is unusually obscure, especially considering its central role in the operation of the Internet's Domain Name System (DNS). more

Addressing Infringement: Developments in Content Regulation in the US and the DNS

Over the course of the last decade, in response to significant pressure from the US government and other governments, service providers have assumed private obligations to regulate online content that have no basis in public law. For US tech companies, a robust regime of "voluntary agreements" to resolve content-related disputes has grown up on the margins of the Digital Millennium Copyright Act (DMCA) and the Communications Decency Act (CDA). more

KSK Rollover, Elliptical Curve Vulnerabilities, Surveillance and Privacy. Are We Building Trust?

ICANN just recently performed a Root Zone DNS Security Extensions (DNSSEC) Key Signing Key (KSK) Rollover. The recent KSK Rollover that took place on the 11th October 2018. The KSK Rollover has been successful and congratulations are in order. The Root Zone DNSSEC Key Signing Key "KSK" is the top most cryptographic key in the DNSSEC hierarchy. The KSK is a cryptographic public-private key pair. more

How to Prepare for the DNSSEC Root KSK Rollover on October 11, 2018

Are you ready? Are your systems prepared so that DNS will keep functioning for your networks? One week from today, on Thursday, October 11, 2018, at 16:00 UTC ICANN will change the cryptographic key that is at the center of the DNS security system - what we call DNSSEC. The current key has been in place since July 15, 2010. This is a long-planned replacement. more

The Road Less Traveled: Time Is Running Out for NTIA-Verisign Cooperative Agreement

It is remarkable  -  for all the wrong reasons  -  that only two months remain before the National Telecommunications and Information Administration (NTIA) must make a fateful decision on how it will address its' long-standing Cooperative Agreement with Verisign  -  the private-sector corporation that edits the authoritative address book of the Internet's Domain Name System (DNS), maintains two of the DNS root servers, and operates the .com and .net registries of the Internet, undoubtedly one of the most lucrative concessions ever granted. more

The Root KSK Rollover? What Does It Mean for Me?

In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). If you are a Domain Name System (DNS) and DNSSEC expert already engaged globally on the topic, you are certainly both well aware and ready for the rollover. This article is probably not for you! If however, you are out there focused on your day to day running or managing a DNS infrastructure... more

Lessons Learned from the Namejuice/DROA/DROC Outage

Last week an ICANN registrar, Namejuice, went off the air for the better part of the day -- disappearing off the internet at approximately 8:30 am, taking all domains delegated to its nameservers with it, and did not come back online until close to 11 pm ET. That was a full business day and more of complete outage for all businesses, domains, websites, and email who were using the Namejuice nameservers -- something many of them were doing. more

(DNS) Security Protocols Do What They Say on the Tin

DNS-over-TLS has recently become a welcome addition to the range of security protocols supported by DNS. It joins TSIG, SIG(0) and DNSSEC to add privacy, and, in the absence of validating stub resolvers, necessary data integrity on the link between a full-service resolver and the users' stub resolver. (The authenticated source feature of TLS may also offer some additional benefits for those of a nervous disposition.) Good stuff. What is not good stuff is... more

ICANN at 20: Looking Back Forward

This year, the Internet Corporation for Assigned Names and Numbers (ICANN), marks its 20th anniversary since inception. ICANN was birthed as a result of the infamous DNS Wars - in 1994, the U.S National Science Foundation, the then overseer of the Internet infrastructure decided to sub-contract the management of the Domain Name System (DNS) to a private U.S company called Network Solutions INC (NSI). This move was not well received by the Internet community, culminating in the so-called "DNS Wars" more

Call for Participation - ICANN DNSSEC Workshop at ICANN63 Barcelona

Do you have a great idea about DNSSEC or DANE that you'd like to share with the wider community? If so, and you're planning to be in Barcelona, Spain for ICANN63 in October 2018, submit a proposal to present your idea at the DNSSEC Workshop! Send a brief (1-2 sentence) description of your proposed presentation to dnssec-barcelona@isoc.org by Friday, 07 September 2018. more

DNSSEC and DNS over TLS

The APNIC Blog has recently published a very interesting article by Willem Toorop of NLnet Labs on the relationship between Security Extensions for the DNS (DNSSEC) and DNS over Transport Layer Security. Willem is probably being deliberately provocative in claiming that "DoT could realistically become a viable replacement for DNSSEC." If provoking a reaction was indeed Willem's intention, then he has succeeded for me, as it has prompted this reaction. more

News Briefs

DNS Inventor Impressed With Innovative Effort Behind .LUXE TLD to Integrate DNS With Blockchain

EU Should Not Be Setting US WHOIS and Privacy Policy, Says MPAA

ICANN Facing Critical Choice for Plan to Change DNS Cryptographic Key

Large-Scale Study by Security Researchers in China Sheds Light on the Scope of DNS Interception

Anti-Phishing Working Group Proposes Use of Secure Hashing to Address GDPR-Whois Debacle

European Data Regulators Throw ICANN Back to the Drawing Board for a Third Time on Whois Privacy

DNS Firewall Market Expected to Grow From $90.5 Million in 2018 to $169.7 Million by 2023

A Short-Term Suspension of GDPR Enforcement on WHOIS May Be Necessary, Says U.S. Government

DNS Server Hijacking Results in Funds Being Stolen from Popular Crypto Website, MyEtherWallet

APNIC Labs Partners with Cloudflare for Joint DNS Research Project

ICANN Spearheading Launch of Virtual DNS Entrepreneurship Center of the Caribbean

ICANN Cancels .CORP, .HOME, and .MAIL TLDs Indefintley Due to Collision Concerns

Hackers Hijack DNS Server for Cyrptocurrency Wallet BlackWallet, Over $400K Stolen From Users

Puerto Rico Disaster Stands Alone: A Look at Prolonged and Widespread Impact on Its Internet Access

Russia in Talks to Create Independent DNS

IBM Launches Quad9, a DNS-based Privacy and Security Service to Protect Users from Malicious Sites

EFF Warns ICANN Not to Engage in Censorship, Says It Should Stick to Technical Role

ICANN Delays Plans to Change DNS Cryptographic Key, Says Near 750 Million People at Risk if Rushed

The Impacts of Hurricanes Harvey, Irma, and Maria on the Internet

Canadian Internet Registration Authority Launches Cloud-Based DNS Firewall Service

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Participants – Random Selection