DNS |
Sponsored by |
|
According to RFC1034, "cnn.com" and "cnn.com." should be the same domain names. However, it doesn't appear that programmers always understand that trailing dots can be added to domain names. Web servers also can't seem to agree what to do with a period at the end of a host name. IIS, thttp, and Akamai's Web server all get confused while Apache doesn't seem to care. How much other software behaves incorrectly because of a trailing period on a domain name? Can spam-filtering software be bypassed with dotted email addresses? Here is a situation when bad things can happen -- "WebShield SMTP infinite loop DoS Attack"... more
Network Penetration conducted a survey at the start of 2003 to check the status of the UK's DNS infrastructure. The second scan of the year has just been completed and the results are much more positive. There are however still some serious holes in major areas...Here is a look at what was tested, the results, some sample zone transfers and recommendations. more
The "delegation-only" patch to BIND that was released for Internet Service Providers and others who wanted to block Site Finder service is reported to be disrupting emails to .name emails (that look like '[email protected]'). As a result, the Global Name Registry has submitted a letter to ICANN stating... more
There is a worldwide interest in the extension of the namespace to include new Top-Level Domains (TLDs) and select new registries to run them. If these New TLDs are to be selected objectively, and without partisan favours to insiders, then there is a clear need for criteria and careful evaluation of lessons gained from previous TLD launches. This was the principle behind the "Proof of Concept" approach, promised by ICANN, and yet ICANN appears to have retreated to a lightweight in-house evaluation, carried out obscurely, in the hands of selected individual under a 6-month contract 4 months ago. What have we learned about Sunrise, about Landrush, about abuse of process, about implementation and enforcement of agreements, about registrars who game the system to warehouse names for themselves, about proposed marketing budgets which evaporate into thin air? more
In response to ICANN's request for proposal (RFP) for the selection of new sponsored Top-Level Domains, Wendy Seltzer for the At-Large Advisory Committee (ALAC) urges ICANN to move quickly beyond "testing" to more open addition of a full range of new gTLDs in the near future and offers some general principles to guide that expansion. more
After attending the afternoon ICANN Security & Stability Committee meeting, I realized that the issues involved fall into several related but independent dimensions. Shy person that I am *Cough*, I have opinions in all, but I think it's worthwhile simply to be able to explain the Big Picture to media and other folks that aren't immersed in our field. In these notes, I'm trying to maintain neutrality about the issues. I do have strong opinions about most, but I'll post those separately, often dealing with one issue at a time. more
EDUCAUSE, the exclusive registry operator and registrar of .edu domain names under a Cooperative Agreement with the U.S. Department of Commerce, is preparing a mass purge of .edu domain names. The organization says it is part of the final phase in a year long project to improve the accuracy of the WHOIS database for the .edu space. more
After roughly 19 days of its introduction, VeriSign's Site Finder service was finally shutdown on October 4, 2003 following a "Formal Deadline" issued by ICANN (previously reported here). With the plug pulled, the Internet appears to be returning to its regular status ending a historic event that can be best described as a 'Hurricane' -- a Cyber-Hurricane. What follows is a collection of commentaries and questions raised around the Net in response to this event during and after the final hours of VeriSign's deadline... more
ICANN today has made a formal demand stating: "Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations." What follows is a collection of commentaries made around the net and by experts in response to today's announcement...
more
Attention so far has been focusing on the ethics of the move (positively satanic), its effects on DNS and non-Web applications (Considered Harmful), and on possible technical responses (Software Aimed at Blocking VeriSign's Search Program). On the legal side of the fence, though, we're not just talking about a can of worms. We're talking about an oil drum of Arcturan Flesh-Eating Tapeworms. more
A World-Renowned Source for Internet Developments. Serving Since 2002.