ICANN's 38th get-together, in Brussels, may become known as the meeting where the dust finally began to settle. Long-standing issues were settled, compromises were reached, no-one complained too much about the latest version of the Applicant Guidebook, and the Board stood by its project plan dates, even scheduling a Board retreat to solve remaining issues. Finally, there were no surprise "gotcha!" delays that generic Top-Level Domain (gTLD) applicants have been used to seeing at ICANN meeting. With one possible exception... more
To mix metaphors, my e-mail has been ringing off the hook after my previous article and I've had to think deep and difficult thoughts about what we really mean by DNSCERT, and whether DNS-OARC really has the capability or really can grow the capability to operate such a thing. I've had some discussions with ICANN and with members of the DNS-OARC board and staff, and it's time I checkpointed the current state of my thinking about all this. more
When it comes to the problem of outbound spam, one of the experiences that I have, and this was reaffirmed at TechEd, is that the number one source of compromised accounts are educational institutions. That is to say, whenever we have an outbound spam problem and have to hunt down where it is coming from, the highest number of these accounts are phished accounts/credentials from users at an educational institution. Why is this? Why does so much spam originate from universities? more
As the shorter of the ICANN interregnums comes to a close and the ICANN faithful finalize their dinner reservation agendas for Brussels, it is time again for a preview of what will be 'on-tap' at next week's ICANN meeting. While, as always, there is a lot going on in ICANN Land, a scan of the blogosphere and ICANN list serves suggests that the four most discussed topics will be... more
In the wake of the unprecedented boom in mobile broadband, pressure is building around the world for governments and regulators to act quickly and decisively to the frantic demand for more spectrum. The telcos are leading the charge, but the broadcasters are lobbying for their case equally vigorously. The broadcasters do not necessarily need all the spectrum they currently have, but they view mobile broadband and telcos as competitors to their monopoly on video entertainment, so they will do everything to keep them out of that market for as long as possible. more
On April 16 ICANN issued a breach notice to Turkish Registrar Alantron for not consistently providing access to its WHOIS database via Port 43, a command-line query location that all Registrars are required to supply under conditions of their contract with ICANN under section 3.3.1. Four days later they issued a breach to Internet Group do Brazil for the same problem. ... The WHOIS record, as we all know, is a massive fraud with illicit parties filling records with bogus information and hiding behind anonymity. more
I took an instant dislike to The Digital Divide on IP Addresses post for some reason, well for many reasons actually. First and foremost is that the implication that the "digital divide" is somehow caused by IP address allocation policies. While it is certainly true that there are "digital divides" between developed and developing parts of the world, the historical imbalance in IP addressing is not one of them. The fact is that while we will "run out" of IPv4 addresses at some point in the not too distant future, there are an unimaginably large number of IPv6 addresses available. more
As a registrar at the front end of the DNSSEC deployment effort, our technical team has made a sustained investment in DNSSEC deployment so that our customers don't get overwhelmed by this wave of changes to the core infrastructure of the Domain Name System. Along the way, we've learnt a lot about how to implement DNSSEC which might hold useful lessons for other organizations that plan to deploy DNSSEC in their networks. more
Symantec today announced that it has signed a definitive agreement to acquire VeriSign's identity and authentication business, which includes the Secure Sockets Layer (SSL) Certificate Services, the Public Key Infrastructure (PKI) Services, the VeriSign Trust Services and the VeriSign Identity Protection (VIP) Authentication Service. more
Broadband providers are not taking the recent move by the FCC to reclassify broadband under Title II; i.e., put broadband under its regulation arm along with the likes of telephone companies, very lightly and have come out swinging to stop that effort... Seemingly at issue; an appeal brought by Comcast with the D.C. Court of Appeals and the subsequent defeat of the FCC's perceived role as a broadband regulator, ruling the communication had no authority under current legislation to sanction Comcast over a 2008 Internet throttling incident. more
Werner Vogels, CTO of Amazon, explains how web applications will be built in the future. His point is twofold. The bad news is that expectations for good web applications are sky high. It has to have rich media, available on multiple devices, very scalable, social networking and that is just the beginning. The good news is that a lot of this can be done by services that are readily available on the web, with reasonable usage based pricing. more
A new report issued by the Number Resource Organization (NRO) has found that demand for both IPv4 and IPv6 address space is continuing to grow. The Internet Number Resource Status Report for the first quarter of 2010 is based on data collected by the five Regional Internet Registries (RIRs) that oversee the allocation of all Internet number resources, and outlines RIR allocation of IP address space (IPv4 and IPv6), as well as AS number assignments. In the report, the NRO notes that allocations of IPv4 addresses in Q1 have reduced the IANA free pool of IPv4 addresses to 8.5 percent. more
As a reader of this article, you are probably familiar with the DNS cache poisoning techniques discovered a few years ago. And you have most likely heard that DNSSEC is the long term cure. But you might not know exactly what challenges are involved with DNSSEC and what experience the early adopters have gathered and documented. Perhaps you waited with our own rollout until you could gather more documentation over the operational experience when rolling out DNSSEC. This article summarizes authors' experiences and learnings from implementing the technology in production environments as well as discusses associated operational issues. more
Any vendor in the platform business knows that their primary product is programming interfaces -- the so-called APIs that developers depend upon in order to deliver applications. The API exposes features of the platform, and differentiate applications running on that platform from all others. Lose control of the API, and you will lose control of the developer. Developers are the leading indicator for platform success. Ergo, lose the developer, lose the platform. more
Big news today - Judge Tatel has written the D.C. Circuit's opinion in Comcast v. FCC, and Comcast wins. Bottom line: The FCC didn't have regulatory authority over Comcast's unreasonable network management practices because it failed to tie that authority to any express statutory delegation by Congress... more
A World-Renowned Source for Internet Developments. Serving Since 2002.