DNS

Blogs

What ICANN Should Do Now to Help Future Applicants of New gTLDs

During ICANN71, the Brand Registry Group (BRG) openly asked potential future applicants what ICANN can do to help prepare them for the next gTLD round. The answer was very clear - commit to opening the next round and provide as much information as possible early on. However, in recent correspondence to the BRG from ICANN Chair, Maarten Botterman, he emphasized that "significant work lies ahead of us: the 2012 Applicant Guidebook must be updated with more than 100 outputs... more

How Does the Acceptance of All Domain Names in Open-Source Software Look in 2021?

A recent study carried out by Governance Primer on behalf of the Universal Acceptance Steering Group (UASG) identified trends in the acceptance of all domain names in software hosted at Github, the largest open-source repository globally. This research builds on top of previous efforts aimed at identifying the underlying issues that result in problems when different applications need to handle Internationalized Domain Names (IDNs) and new gTLDs, particularly when it comes to email addresses. more

The Deeper Root Cause of the Fastly and Akamai Outages

As we finished this article, the world was hit by another global outage by content delivery network (CDN) provider, Akamai, on June 17, 2021. The cause seems to be related to the lack of capacity to a certain "routing table" of their distributed denial of service (DDoS) mitigation. Although the technical analysis is not yet available, the central premise of this article also applies to this incident, and it serves as a timely testimony. more

Anticompetitive and Predatory Misconduct by ICANN and Contracted Parties Must End

On May 26, 2021, I submitted a complaint to ICANN's Complaints Officer, Krista Papac. In a nutshell, my complaint centers on ICANN's blatant violation of its Bylaws, specifically Section 2.2, named Restrictions, which expressly prohibits ICANN from acting as a registrar. However, despite the absence of any exceptions to this unambiguous prohibition, ICANN is acting improperly as a registrar for the purposes of warehousing and cybersquatting on certain domain names in the .com and .net registries. more

Online Freedoms: Safeguards Must Be Balanced With Free Expression

The ongoing COVID-19 pandemic has been a major contextual factor of global internet governance discussions over the past year, and it appears that discussions in ICANN are no exception. Threats to the integrity and security of the DNS have become a regular topic of debate within the ICANN community. In recent months, these discussions have increasingly focused on the idea of 'DNS abuse' and, more specifically, COVID-19-related DNS abuse. more

ICANN, or ICAN'T or IWON'T?

We're halfway into ICANN71, and early interactions are posing questions about ICANN Org's capability to carry out its mission to maintain an orderly domain name system (DNS). Or, if that's not the case, ICANN leadership seems bent on a hands-off approach to its oversight responsibilities to the DNS. For years now - years - the ICANN community has raised the volume level about acute issues -- a workable Whois management and access system (including clearly delineated controllership)... more

As DENIC's CEO Jörg Schweiger Prepares to Step Down, He Speaks About His Time at DENIC

In January Jörg Schweiger, DENIC's CTO from 2007 to 2014 and CEO since 2014, announced he was stepping down from his position in December. It's been quite a ride, and the domain name industry has evolved quite a lot. So we asked Jörg a few questions about his time with DENIC and the changes he's seen... he came up with some insightful views on why he thought new TLDs missed a great opportunity to do something with "innovative new business models," the importance of security to DENIC... more

Examining Real Examples of DNS Abuse: A Summary Overview of the 2nd DNS Abuse Forum

It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more

DNS Level Action to Address Abuses: New Tools for DNS Operators and Legislators

The ways in which the Internet is embedded in our daily lives are too varied and numerous to catalogue. The Internet delivers information, access to goods, services, education, banking, social interaction and, increasingly, work space. The global pandemic has only heightened our dependence on the online world, which is why efforts to ensure that the Internet remains a trusted and secure environment are more important than ever. more

Privacy, Legal vs. Natural Persons, and the Never-Ending ICANN EPDP

It has been just over 3 years since the General Data Protection Regulation (GDPR) came into effect, and the work within ICANN (type "EPDP 2a" into your acronym decoder ring) to develop a permanent Registration Data policy is progressing at a snail's pace. At issue is a proposed mandatory requirement for Contracted Parties (really just Registrars), to differentiate between "legal persons" (a fancy way of saying corporations and similar organizations) and "natural persons" (the kind that eat and breathe and schedule Zoom calls). more

Your Cybersecurity is Only as Strong as Your Weakest Vendor

Managing the risk of third parties has become a compliance focus for many large organizations. Companies even work with third-party service providers and external vendors just to manage this risk. The recent SolarWinds attack escalates the critical need for chief compliance officers to collaborate with their business counterparts to identify and mitigate potentially unknown threats that lie within third-party supply chains. Yet how can companies manage this risk when it's not if but when you're attacked? more

10th Registration Operations Workshop (ROW), June 8th, 2021, Online

The Registration Operations Workshop (ROW) was conceived as an informal industry conference that would provide a forum for discussion of the technical aspects of registration operations in the domain name system and IP addressing. The 10th ROW will be held online on Tuesday, June 8th, 2021 at 13h00-17h00 UTC. Click to learn more about the discussion topics and registration details. more

Vendor Selection Matters in the Domain Registrar Ecosystem

Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. Many of the largest companies in the world still lack basic domain security protocols, making them prime targets for bad actors. An attack on a domain can lead to the redirection of a company's website, domain spoofing, domain and domain name system (DNS) hijacking attacks, phishing attacks, network breaches, and business email compromise (BEC). more

Some Thoughts on the Recent DNS Operations, Analysis, and Research Centre Workshop, OARC-35

The DNS Operations, Analysis, and Research Centre (DNS-OARC) convened OARC-35 at the start of May. Here are some thoughts on a few presentations at that meeting that caught my attention... These days it seems that the term "the digital economy" is synonymous with "the surveillance economy." Many providers of services on the Internet spend a lot of time and effort assembling profiles of their customers. These days, it's not just data in terms of large-scale demographics but the assembling of large sets of individual profiles.  more

"It's Always DNS!" Why DNS Is the Biggest Single Point of Failure in the New Norm

Many in the network security field may be familiar with the phrase: "It's always DNS."  This is a popular meme within the industry, often making reference to the internal domain name system (DNS), the dynamic host configuration protocol (DHCP) part of a company's online network, that whenever there is a network issue, it's always an issue with DNS. more

News Briefs

InternetNZ Has Disclosed a Vulnerability That Can Be Weaponized Against Authoritative DNS Servers

Security Researcher Dan Kaminsky Has Died

PIR Launches New Institute to Combat DNS Abuse

DNSSEC Now Deployed in all Generic Top-Level Domains, Says ICANN

A New Privacy-Focused DNS Protocol Released Called Oblivious

CENTR Has Released an Animated Video on ccTLDs and Their Technical Role Concerning Content

New Digital Services Act Should Not Disrupt Internet's Technical Operations, Warn RIPE NCC, CENTR

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Firefox Starts the Roll Out of DNS Over HTTPS (DoH) by Default for US-Based Users

The Number Resource Organization (NRO) Issues Inspection Request to ICANN Concerning the .ORG Sale

Microsoft Announces Plans to Adopt DoH in Windows

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

The U.S. House Judiciary Committee Is Investigating Google's Plans to Implement DNS Over HTTPS

New Zealand’s Domain Name Commission Wins Appeal in Lawsuit Against US DomainTools

Mozilla Named "Internet Villain" for Supporting DNS-Over-HTTPS by a UK ISP Association

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

A New Project Called Handshake Wants to Decentralize DNS, Says It's Unlike Previous Attempts

State-Sponsored Attack Is Manipulating DNS Systems of National Security Organizations

Unexpected Behaviour Observed With DNS Root Servers After Cryptographic Change

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Uncovering Office 365-Related Artifacts with IP and Domain Intelligence

Zero-Trust Implementation Using WHOIS, IP, and DNS Data

Analyzing Recently Discovered Windows 11-Themed Assets

Liberty Front Press Network: An IoC Enrichment & Threat Intelligence Analysis

WhoisXML API Enriches Its DNS Database Download Capabilities

Examining Domain Name Brand Protection Strategies, Risk Management Using Arbitration Data (Report)

Industry Insights: Verisign, ICANN and Industry Partners Collaborate to Combat Botnets

Emotet Botnet Reconnaissance: What's the Latest?

SideWinder DNS Blackholes Uncovered with Threat Intelligence Platform

Verisign Q1 2021 Domain Name Industry Brief: 363.5 Million Domain Name Registrations in Q1 2021

Given a Malicious Email Address, What Can You Discover with Maltego's WhoisXML API Transforms?

Looking Into the Latest Microsoft Exchange Server Vulnerability Exploitation

Hidden Botnet C&C on Legitimate Infrastructure? The Case of 000webhostapp[.]com

A Deep Dive into Known Magecart IoCs: What Are the Connected Internet Properties?

COVID-19-Related Bulk Domain Registrations: A Possible Case of DNS Abuse?

Participants – Random Selection