The IETF is in the midst of a vigorous debate about DNS over HTTP or DNS over HTTPS, abbreviated as DoH. How did we get there, and where do we go from here? (This is somewhat simplified, but I think the essential chronology is right.) Javascript code running in a web browser can't do DNS lookups, other than with browser.dns.resolv() to fetch an A record, or implicitly by fetching a URL which looks up a DNS A or AAAA record for the domain in the URL. more
Because the speed of DNS is so important to the performance of any connection on the 'net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the 'net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries. more
With the latest "DNSpionage" attack, ICANN astutely prompted domain name holders to fully deploy DNSSEC on their names. Afilias absolutely supports this and encourages the same. In this post, I remind you of why DNSSEC is important and our continued role. Afilias has a long history in the development and advocacy of DNSSEC. In 2007, we partnered with Public Interest Registry to help found dnssec-deployment.org. more
Recently, the DNS has come under an extensive attack. The so-called "DNSpionage" campaigns have brought to light the myriad methods used to infiltrate networks. These attacks employed phishing, system hopping via key exfiltration, and software zero day exploits, illustrating that many secure networks may not be fully protected. more
Recent events have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted, there are many security controls that registrants can utilize to help strengthen their security posture. Verisign would like to reiterate this advice within the context of the recent domain hijacking reports. Domains are an important element of internet infrastructure; their functionality and security rely upon many factors such as their delegated name servers. more
Soon it'll be time again for some of us to pack our bags and head for the ICANN64 meeting in Kobe, Japan. Even if you plan to stay at home, it still will be helpful to understand the national and global context in which the meeting is taking place. One way to do that is by looking at Japan's Prime Minister's Shinzo Abe recent Keynote Speech at the World Economic Forum Annual Meeting, (Jan 23rd, 2019) entitled: "Toward a New Era of "Hope-Driven Economy" more
Will you be at the ICANN 64 meeting in March 2019 in Kobe, Japan? If so (or if you can get to Kobe), would you be interested in speaking about any work you have done (or are doing) with DNSSEC, DANE or other DNS security and privacy technologies? If you are interested, please send a brief (1-2 sentence) description of your proposed presentation before 07 February 2019. more
The idea behind my recent book "Managing Mission Critical Domains & DNS" is to provide a unifying overview around the area of domains and naming where I think there exists an artificial divide, and that divide exists between domain policy, and managing ones' domain portfolio; and the DNS ops side of things: running your nameservers or outsourcing to a vendor, or both. I've been doing this for over 20 years, I've seen almost every failure condition that can happen to your domain or DNS... more
It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2018 participants for sharing their thoughts and making a difference in the industry. more
Do you know someone who has played a major role in the development and advancement of the Internet? Now is the time to recognize their contribution. Nominate them for the 2019 Internet Hall of Fame. With more than 100 inductees, the Internet Hall of Fame celebrates Internet pioneers and innovators who have pushed the boundaries to bring the Internet to life and make it an essential resource for billions of people today. more
It is not often that you read a book where afterward nothing seems the same again. Like Adam Smith's The Wealth of Nations, Shoshana Zuboff's book: The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power,, puts what we do in these times into a context and gives a focus to ongoing issues of privacy and governance with regard to the Domain Name System. This is even more astonishing as the book does not even mention the DNS, the Internet ecosystem or even Internet Governance directly. more
From the perspective of the domain name industry, 2018 was strongly influenced by, among other things, the EU General Data Protection Regulation (GDPR), the Temporary Specification and especially the Expedited Policy Development Process (EPDP). For the Contracted Parties House (CPH) TechOps Group, one year after its foundation, it was a very exciting and intensive time. This initiative was created to tackle technical and operational needs and challenges plus ideally to create best practices. more
The short history of Internet Governance is full of errors, failures, and - mainly - omissions. Despite the shortcomings, we also must acknowledge the achievements of past and present internet governance efforts. In particular, ICANN and its stakeholder constituencies have delivered on the mandate of a stable, secure and resilient Internet. Working with the IANA, IAB and IETF, the operational functions of IP addresses, and the Protocol Assignment and DNS must be seen as an unqualified success. more
Macron has declared the Internet to be under threat. Without stepping back to question and explore the underlying causes of those threats, he uses them as a justification to propose a different approach to, albeit limited, current Internet Governance processes. Here we explore his proposals and some of the issues they generate. He acknowledges that Civil Society and the private sector have been core drivers in the creation of the Internet. He argues that its benefits and existence are endangered by predatory practices. more
My story begins in ancient times when dinosaurs ruled the earth. It was a time when you could download a movie onto your desktop computer through your 56k dial-up connection if you had a few days. It was a time when more people were on the Minitel in France than on the Internet globally and when the Republic of Korea could fit all of its internet users into one small hotel room. I know because I met them all in that room. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
