DNS

DNS / Recently Commented

Global Paradigms We Relied Upon Were Destroyed Overnight - How Prepared Are You for New Realities?

Unprecedented new Political and Cyber Security Threats are happening at a scale that has never been witnessed before. These threats are large and malicious enough to take down nuclear programs, render oil refineries inoperable, and take billion-dollar websites offline (not to mention smaller ones). Recent events confirm that NO ONE IS IMMUNE. Despite the obvious warning signs, Internet business stakeholders the world over continue to act as if nothing has changed, and seem unaware that global paradigms have undergone a seismic shift almost overnight. more»

Increasing DNSSEC Adoption - What if We Put DNSSEC Provision in the Hands of Registries?

There has been a lot of criticism about the worthiness of DNSSEC. Low adoption rates and resistance and reluctance by Registrars to take on the perceived burden of signing domains and passing-on cryptographic material are at the crux of the criticism. I'm a believer in DNSSEC as a unique and worthwhile security protocol and as a new platform for innovation. It's the reason I've long advocated for and continue to work toward a new model of DNSSEC provisioning. more»

Confessions of an Ex-Opponent of Whois Privacy

The following is the easyDNS response to ICANN's public comment period on GNSO Privacy & Proxy Services Accreditation Issues Working Group Initial Report. The public comment period is open until July 7, 2015. We strongly urge you to make your voice known by signing the petition over at Save Domain Privacy. I submit these comments as a CEO of an ICANN accredited registrar, a former director to CIRA and a lifelong anti spam contributor with an unblemished record of running a managed DNS provider that maintains zero tolerance for net abuse or cybercrime... more»

Diving Into the DNS

If you are at all interested in how the Internet's Domain Name System (DNS) works, then one of the most rewarding meetings that is dedicated to this topic is the DNS OARC workshops. I attended the spring workshop in Amsterdam in early May, and the following are my impressions from the presentations and discussion. What makes these meetings unique in the context of DNS is the way it combines operations and research, bringing together researchers, builders and maintainers of DNS software systems, and operators of DNS infrastructure services into a single room and a broad and insightful conversation. more»

The Internet of Stupid Things

In those circles where Internet prognostications abound and policy makers flock to hear grand visions of the future, we often hear about the boundless future represented by "The Internet of Things". This phrase encompasses some decades of the computing industry's transition from computers as esoteric piece of engineering affordable only by nations, to mainframes, desktops, laptops, handhelds, and now wrist computers. Where next? more»

The DNS Still Isn't a Directory

Back in the mid 1990s, before ICANN was invented, a lot of people assumed that the way you would find stuff on the Internet would be through the Domain Name System. It wasn't a ridiculous idea at the time. The most popular way to look for stuff was through manually managed directories like Yahoo's, but they couldn't keep up with the rapidly growing World Wide Web. Search engines had been around since 1994, but they were either underpowered and missed a lot of stuff, or else produced a blizzard of marginally relevant results. more»

M3AAWG Releases Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

Jointly published by the Internet Infrastructure Coalition (i2C) and the Messaging, Malware and Mobile Anti-Abuse Working Group, the new document outlines proven activities that can help Web hosting services improve their operations and better protect end-users. more»

ICANN's Auction Piggy Bank Just Got Twice As Big

Kieren McCarthy reports in The Register that an obscure Panamanian company paid $30 million for .BLOG in the January 21 domain auction. ICANN's web site confirms that the domain did go to the Panamanian company. It doesn't report the amount, but Kieren's sources are usually correct. If so, the auction proceeds piggy bank just doubled from $30M to $60M dollars, and ICANN still has no idea what to do with it. more»

IANA Transition Planning Proceeding in Fine Internet Style

Hundreds of individuals from across the Internet community have spent countless hours over the last several months crafting plans for the transition of the stewardship of the IANA functions from NTIA to the global multistakeholder community. The fruits of that labor have become highly evident within the past weeks, as two out of three components of the transition plan obtained the consensus of their communities while the third continued its intensive progress. more»

NTIA Reveals How It Manages the Root Zone

Kieren McCarthy reporting in the Register: "The US government has posted a step-by-step guide to how it authorizes changes to the internet's root zone -- the heart of the world's domain-name system. The 16-page slide deck published by the Department of Commerce's National Telecommunications and Information Administration (NTIA) sheds light on what has been a contentious and largely secret process for the past 15 years." more»

Call For Participation - ICANN 52 DNSSEC Workshop on 11 Feb 2015 In Singapore

If you will be at ICANN 52 in Singapore in February 2015 (or can get there) and work with DNSSEC or the DANE protocol, we are seeking proposals for talks to be featured as part of the 6-hour DNSSEC Workshop on Wednesday, February 11, 2015. The deadline to submit proposals is Wednesday, December 10, 2015... The full Call For Participation is published online and gives many examples of the kinds of talks we'd like to include. more»

Nameserver Operators Need the Ability to "Disavow" Domains

Yesterday's DDoS attack against DNSimple brought to light a longstanding need for DNS nameserver operators to have an ability to unilaterally repudiate domains from their nameservers. The domains under attack started off on DNSMadeEasy, migrated off to DNSimple and took up residence there for about 12 hours, causing a lot of grief to DNSimple and their downstream customers. more»

Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia

In Internet Draft draft-lee-dnsop-scalingroot-00.txt, I described with my coauthors a method of distributing the task of providing DNS Root Name Service both globally and universally. In this article I will explain the sense of the proposal in a voice meant to be understood by a policy-making audience who may in many cases be less technically adept than the IETF DNSOP Working Group for whom the scalingroot-00 draft was crafted. I will also apologize for a controversial observation concerning the addition of new root name servers... more»

ICANN (TBD): Why is ICANN Always to Blame and What to Do About It

With great anticipation I waited for the most recent Applicant Guidebook version 4 aka DAG4. I was looking forward to seeing gTLD program timeline. Was it possible that ICANN would give us another timeline and be firm with it? And then I saw it. Those 3 letters next to the new October 2010 launch date: tbd. So the date is October 2010 but it is "To Be Determined"? On one hand we have a set date but on the other hand it is yet to be determined. more»

Towards More Efficient Registry-Registrar Relations

On the morning of Wednesday 15th October, the The Domain Name Association (the DNA) held an important working group meeting during ICANN 51 Los Angeles. The topic was to discuss several operational issues between registries and registrars. The meeting's unofficial ongoing name is the Registry-Registrar Operations Working Group. The meeting was a continuation of an inaugural meeting that was held back in June of this year, and covered in a Industry Association: An Implementation Model circulated by the DNA from September 17, by Executive Director Kurt Pritz. more»