In the coming weeks another Regional Internet Registry will reach into its inventory of available IPv4 addresses to hand out and it will find that there is nothing left. This is by no means a surprise, and the depletion of IPv4 addresses in the Internet could be seen as one of the longest slow motion train wrecks in history. The IANA exhausted its remaining pool of unallocated IPv4 addresses over four years ago in early 2011, and since then we've seen the exhaustion of the address pools in the Asia Pacific region in April 2011, in the European and the Middle Eastern region in September 2012, in Latin America and the Caribbean in May 2014 and now it's ARIN's turn... more
The ICANN Registrar Stakeholder Group (RrSG) is one of several stakeholder groups within the ICANN community and is the representative body of ICANN accredited domain name registrars. It is a diverse and active group that works to ensure the interests of registrars and their customers are effectively advanced. The leadership team (ExCom) consists of five officers who manage the Registrar Stakeholder Group. more
With the IGF underway, there's a lot of discussion surrounding Internationalized Domain Names (IDN). There has been lots of great progress in IDN technology with IE7 and Firefox browsers now fully IDN-Aware, strong IDN registrations and websites behind them. Now that many of the hurdles to implementation have been addressed to where the technology is either currently available to most internet users, or shall be soon, we now focus to the other aspects of IDN... more
Mark Jeftovic of easyDNS Technologies Inc. has posted an item on ICANN's "GNSO" registrars' mailing list titled "unsanctioned Whois concepts". In that item he suggests that the control and actual publication of contact information about a domain be put into the zone file itself, a file maintained by the registrant (purchasor) of the domain name. more
A recent report released by Forrester Research last week has put the .travel sponsored top-level domain under the microscope -- calling the sTLD "Nice, But Not Necessary". Although this 4-page report (sold for US$49.00) has singled out the .travel domain, its critical arguments might very well apply to the nature of most sponsored top-level domains currently in existence -- or under review: '.mobi', '.jobs', '.museum', '.coop', '.xxx' and others. CircleID has invited Ron Andruff, President and CEO of Tralliance, the registry for .travel, to respond to arguments made in this report. more
A group led by former Pirate Bay co-founder Peter Sunde is forming to develop a peer-to-peer-based alternative to today's ICANN-controlled DNS system, according to a blog posted on Tuesday. A tweet on Sunde's account dated Nov 28 said: "Alternative dns root is step 1. Step 2 is the new DNS system that is in the making. It's not advanced, it's p2p and more secure." The tweet has generated a fair amount of interest according to Sunde who has written a follow up post on a blog called "P2P DNS". more
A student at a well-known US university wrote me and asked whether, given the huge national interest in getting the industry to unite behind (at least) one format, did I think that the FTC should've played a stronger role in pushing the industry to adopt an authentication format? I said: Nope. Part of the reason it's taking so long to agree on a standard is that the process is infested with academic theoreticians who are more interested in arguing about hypotheticals and pushing their pet spam solutions than in doing something useful... more
Like measuring COVID's impact, so too measuring the impact of COVID-related abuse on the Internet is difficult, there are those that would foolishly dismiss the danger entirely, others over-state the problem, perhaps to prompt sales of tools and services. The amount and type of abuse varies from network to network, and to declare everything is fine based on one world-view you believe to be ubiquitous, or that the sky is falling based upon another, extrapolated to 'everybody else' is simply poor analysis. more
This is the first part of a 2-part series article arguing that the decentralization of the Internet will allow the DNS to recede to its earlier, uncontroversial role, before all the lawsuits and screaming matches at ICANN board meetings.
Is it just me, or are we paying less attention to the Domain Name System than we used to? Seems like only a few years ago that the tech-culture world was attuned to every new angle in the ongoing struggle over the DNS' management. You couldn't read the front page of Slashdot without catching one heavily commented-upon story on alternate registries, trademark disputes, or the latest ICANN board meeting. more
A sophisticated cybercrime group that has maintained an especially devious Trojan horse for nearly three years has stolen login credentials of close to 300,000 online bank accounts and almost as many credit cards during that time, according to reports released today by RSA FraudAction Research Lab. The spyware is called Sinowal Trojan, also known as Torpig and Mebroot. RSA reports that their findings are based on data collected on this Trojan over the course of almost three years -- including information regarding its design and its infrastructure. Findings indicate that this may be one of the most pervasive and advanced pieces of crimeware ever created by fraudsters, say RSA experts. more
The Irish domain registry (IEDR) is to come under the control of the Commission for Communications Regulation ComReg. At present the registry is managed by a "not-for-profit" company, however it has come under increasing criticism with regard to both its management and policies. Although there are approximately 40,000 IE domains currently registered, it is still one of the strictest and most expensive ccTLDs in the world. more
The IETF MARID working group has been slogging away all summer trying to produce a draft standard about e-mail sender verification. They started with Meng Wong's SPF and Microsoft's Caller ID for E-mail, which got stirred together into a hybrid called Sender ID. One of the issues hanging over the MARID process has been Microsoft's Intellectual Property Rights (IPR) in Caller ID and Sender ID. The IETF has a process described in RFC 3668 that requires contributors to disclose IPR claims related to their contributions. more
The approval on 13 May by the European Council and Parliament of a near-final draft Directive on European Cybersecurity (NIS2) brings the world's most far-reaching cyber regime closer to realization. What is generally unknown, however, is the broad scope and global extraterritorial jurisdiction reach of the Directive. It applies to almost every online service and network capability that exists as infrastructure or "offered" anywhere in Europe. more
There's a great fight going on right now in Philadelphia...The case is about a Pennsylvania statute [PDF] that mandates that Pennsylvania ISPs remove access to sites that the AG believes contain child pornography. Now, child pornography is abhorrent and any ISP will cooperate in taking down such sites that it is hosting. But the problem is that in complying with the statute with respect to sites the ISPs don't themselves host, ISPs are (rationally) using either IP blocking ("null routing") or "domain poisoning" techniques, both of which (particularly the IP number blocking) result in rendering inaccessible millions of perfectly legal sites. more
The European Union's .eu Top-Level Domain (TLD) sunrise and landrush has probably been discussed to death, but what is the landscape like over a year later? A lot of industry insiders were right to express their doubts about the stability of .eu following on from the high profile squats that have been discussed here at length. Of course any discussion on a new TLD would have to wait until after the first wave of renewals. That happened in April, so now, in July, it's a good as time to take stock of the situation... more
A World-Renowned Source for Internet Developments. Serving Since 2002.