| | At Large Membership and Civil Society Participation in ICANN |
|
| |
|
|
|
 ICANN Struggles With Transparency
posted by michael on Thursday July 24 2008, @06:40AM
Milton Mueller at IGP in Does ICANN Still Keep Some Things Hidden?:
ICANN has made major strides towards increasing its transparency, but the point about openness and transparency is that you do it all the time, not just when its convenient or when the results won't challenge you. In that regard we find it interesting that ICM Registry's precedent-setting call for an Independent Review Panel has not seen the light anywhere on ICANN's website. ICM Registry, you will recall, was the applicant for the .xxx TLD, and due to interference by governments and some spinelessness by ICANN management ICANN's approval was reversed. ICM has chosen to become the first entity in history to attempt to use ICANN's Independent Review Process, something that ICANN touts as being a safeguard of its accountability but which some independent experts see as somewhat biased against the challenger. Sure, we don't expect ICANN to make a big deal about the challenge but we do think that its correspondence section, which contains virtually everyting sent to ICANN now, should post the notice of the IRP from the ICM Registry and that its ongoing front page news section should mention it.
(
Read More... | 3 comments
|   )
 |
|
LACTLD New General Manager
posted by michael on Friday July 11 2008, @06:38AM
Anonymous writes "LACTLD (Latin American and Caribbean Association of ccTLDs) has elected their First General Manager: Erick Iriarte Ahon."
(
Read More...
| )
|
|
Russian Fed wants multilingual ccTLD
posted by tbyfield on Thursday June 12 2008, @06:24AM
Guy Faulconbridge of The Washington Post reports:
Russian President Dmitry Medvedev called for Russia to be assigned an Internet domain name in the Cyrillic script on Wednesday as part of a Kremlin drive to promote Russian as a global language. [...]
"We must do everything we can to make sure that we achieve in the future a Cyrillic Internet domain name—it is a pretty serious thing," Medvedev told the International Congress of Russian Press in Moscow.
"It is a symbol of the importance of the Russian language and Cyrillic and it is not a bad sphere of cooperation. And I think we have a rather high chance of achieving such a decision in the Internet world." [...]
Industry experts say Russia wants its domain name to be .rf—for Russian Federation—but written in the Cyrillic script.
Nothing .nu under the sun. Well, that’s not true: when Toys '[backwards R]' Us goes to the mat with ‘multilingual’ phishermen from the ex-East, it could be a bit more exciting than etoy v. Etoys—which was pretty good.
(
Read More...
| )
|
|
The Registry double standard
posted by tbyfield on Sunday May 25 2008, @09:16PM
Anonymous writes: "ICANN is maintaining two standards, one for its customers and one for itself. First off, we will clarify the two types of TLDS that exist, those with specific use constraints and those that are generic. In the first category, we find TLDs like; .GOV, .EDU, .SB, .BR, .ARPA, .INT and others. These TLDS have specific rules; e.g. only treaty organizations, only infrastructure, only institutions approved by GAO, EDUCAUSE, etc. The second category of TLDS are the generics, such as .COM, .ORG, and others, where the rule is essentially, you pay your money and you get your domain.
In this second category, there was serious concern about market capture and dominant position where the registry had direct business relationships with the registrants. The USG forced ICANN to develop a method to decouple the monopoly position of the registry by creating the construct of a registrar to act as the intermediary between the registrant and the registry. This was hailed as a solution to fostering growth and competition in the domain marketplace. Indeed ICANN insists that this “thick” registry model be adopted for generic TLDS and includes such stipulations in the contracts the registry operator must sign before being approved to run the delegation.
So in what category does one place the root zone?
(
Read More... | 2381 bytes more
| )
|
|
The Rise of a malicious resolution authority
posted by tbyfield on Tuesday May 13 2008, @08:34PM
Jart writes "With an interest in Internet Security the recent research paper recently by David Dagon, Niels Provos, et al., suggests we take an acute interest in ICANN[:]
“291,528 hosts on the Internet performing either incorrect or malicious DNS service. With DNS resolution behavior so trivially changed, numerous malware instances in the wild, we urge the security community to consider the corruption of the resolution path as an important problem.” [See (]http://www.citi.umich.edu/u/provos/papers/ndss08_d ns.pdf[)]
If you connect this to what now is the "auto" generation and registration of new malware and rogues domains via certain registrars. [See (]http://hostexploit.com[)]
As an emerging problem must [this] be a top priority for ICANN? However, I have not seen any particular reference, perhaps I am missing this? Or rather all of us should be paying much more attention to the who, what, and actions of ICANN?"
(
Read More... | 2768 bytes more | 3 comments
| )
|
|
.br Relaxes Registration Rules
posted by michael on Tuesday May 06 2008, @04:38AM
sk8master writes "On May 1, 2008, the Brazilian government organization that controls the country's domain name system, Registro.br, finally relaxed the restriction to non-corporative customers.
Previously, you needed to have a registered company in Brazil in order to complete new domain name purchases for the .COM.BR domain.
Now anyone is free to register Brazilian(.BR) domain names!"
(
Read More...
| )
|
|
Domain Sub-Letting Raises Hackles
posted by michael on Wednesday April 30 2008, @09:01AM
A Missouri college's decision to sub-let space on its .edu domain is drawing fire:
an online college in Missouri has started renting out blog space on its .edu domain to just about anyone willing to pay $50 a month. And the practice has quickly raised objections from college officials worried that such rentals undermine the .edu designation.
The college, the Pickering Institute, calls its service the "first public EDU blog community," and it touts the marketing value of having an Internet address that appears to be part of a college. "Our blogs allow you to reach an education-minded audience that is difficult to reach with mass-market blogs such as Blogger or Blogspot," says an announcement on the institute's Web site. So far, the blogs with the new .edu addresses include such noneducational offerings as "Handbags in Our Life," "Jewelry in Our Life," and "Get the Scoop." The institute is working with an Internet company called LinkAdage to offer the service.
Educase, the folks who run the .edu domain, say that this doesn't actually violate any rules, but they clearly don't like it and say they are investigating after receiving a complaint.
(
Read More...
| )
|
|
Avast, Earthlink
posted by tbyfield on Thursday April 24 2008, @08:34PM
Ryan Singel, writing for WiReD's Threat Level weblog (can we please go back to that term?), reports on yet another dubious innovation that's part typosquatting, part phishing:
[S]tarting in August 2006, Earthlink instead intercepts that Non-Existent Domain (NXDOMAIN) response and sends the IP address of ad-partner Barefruit's server as the answer. When the browser visits that page, the user sees a list of suggestions for what site the user might have actually wanted, along with a search box and Yahoo ads.
The rub comes when a user is asking for a nonexistent subdomain of a real website, such as http://webmale.google.com, where the subdomain webmale doesn't exist.... In this case, the Earthlink/Barefruit ads appear in the browser....
It gets worse:
[S]ubdomains are only as secure as Barefruit's servers, which turned out to be not very secure at all. Barefruit neglected basic web programming techniques, making its servers vulnerable to a malicious JavaScript attack. That meant hackers could have crafted special links to unused subdomains of legitimate websites that, when visited, would serve any content the attacker wanted.
The hacker could, for example, send spam e-mails to Earthlink subscribers with a link to a webpage on money.paypal.com. Visiting that link would take the victim to the hacker's site, and it would look as though they were on a real PayPal page.
Paul Vixie politely describes this as a "problem exacerbated by inappropriate monetization of certain DNS features." And if the Pentagon distorted GPS signals to bidders on a first-come, first-served basis—say, off the Somalian coast or in the Strait of Malacca—that would be "an inappropriate monetization of certain GPS features."
(
Read More... | 4 comments
| )
|
|
How many TLDs safely fit in the DNS?
posted by michael on Wednesday April 09 2008, @11:37AM
Simon Higgs writes "I recently came across the question "How many TLDs safely fit in the DNS?". It, was, not surprisingly, in the context of ICANN doing some due diligence with their $30 million budget and actually answering the same questions that the IAB have been cowering behind for over a decade. Well, here's my answer for it's 2 cents of bandwidth:
In all fairness to ICANN, the reason why I think it hasn't answered the question is because it simply DOES NOT have a calculator that can calculate a number that big. You would think that ICANN should be able to go down to the corner store in Marina Del Ray and buy one, just like all the other high speed networking physicists in the Admiralty building. But the number's so big even the mighty Google refused to calculate it until a just few days ago.
So what are these huge numbers that ICANN is hiding from us? Using the current ASCII-based character strings used in DNS we get the following big numbers:
(
Read More... | 1248 bytes more | 6 comments
| )
|
|
GoDaddy feels the heat
posted by tbyfield on Thursday March 13 2008, @03:46AM
GoDaddy pulled (but has since "pushed"?) the hosting plug on the website RateMyCop.com. According to the site's owner, Gino Sesto, GoDaddy did so without warning then later attributed it to "suspicious activity," and still later to the site's surpassing its contracted bandwidth limit. According to WiReD, GoDaddy initially claimed it couldn't comment because of its privacy policy but later saw fit to reluctantly poke its spoon around in a bowl of verbal porridge on the subject. ArsTechnica has more. Arbiters of taste pointed out that the site's owner might have less trouble if he'd called it, say, "AmICourteousProfessionalAndRespectfulOrNot.com". ICANN wasn't involved in any way; this kerfuffle just reminded me of the shining moment in ICANN's history when former ICANN President "Cap'n" Mike Roberts—no doubt grimly—typed:
When civilization takes a step backward, as it did last week, it usually means a period in which the people with the guns make the decisions. Anyone watching the American President on tv in recent days knows that's where we're at. It may be a while before the luxury of debating what constitutes consensus in a terrorist-less society returns.
It's been a while, Cap'n Mike.
(
Read More...
| )
|
|
NAF Accused of Failure to Refund
posted by michael on Monday February 18 2008, @11:05AM
A consumer complaint has been filed with the Minnesota Attorney General's office against the a major UDRP service provider for its failure to issue a $1,300 refund check as promised for canceled arbitrations.
The full text of the complaint against the National Arbitration Forum is here. Note this line:I have also contacted the Internet Corporation for Assigned Names and Numbers (ICANN), a California non-profit which confers nominal "accreditation" of the NAF to conduct these types of internet dispute resolution services. ICANN has taken no action, as the responsible ICANN official is a former employee of the NAF in charge of the identical dispute resolution service advertised by the NAF.
Has NAF ever issued a refund?
(
Read More... | 1 comment
| )
|
|
ICANN To Allow WHOIS Privacy -- But Only When Legally Required
posted by michael on Friday December 21 2007, @06:12AM
ICANN has published a notice of implementation of the revised ICANN Procedure for Handling WHOIS Conflicts with Privacy Law.
The procedure is due to be posted for 30 days, and implemented on 17 January 2008. The new draft reflects changes sought by the Governmental Advisory Committee (GAC).
Good news: after all these many years, ICANN is revising its registry/registrar contracts to reflect the fact that the default rule violates privacy law of countries that have decent privacy law.
Bad news: ICANN's default remains the same privacy-busting low it has always been. It is long past due to revise all the contracts to comply with best practices for privacy.
(
Read More...
| )
|
|
|
|
| |
[ Don't have an account yet? Please create one. It's not required, but as a registered user you can customize the site, post comments with your name, and accumulate reputation points ("karma") that will make your comments more visible. ]
|
|
| | |
| |
If you are logged in, you can configure what appears on this page by editing your homepage preferences. The same page allows you to choose our "light" format or exclude certain types of stories (or ICANNWatch editors!). You can decide the content and order of the items in this column, choosing from several optional headline services.
The format comments page lets you set a default for how you view comments and how comments you contribute appear. Elsewhere you can review your karma and posting history, or set what information you would like other users to know about you.
You may want to change your messaging preferences. We can send you a daily email of our headlines, or perhaps you would like a message every time someone replies to one of your comments.
|
|
| | |
|
