A Bad Time for the Net?

Seems like we’re living in bad times for the open, end-to-end Internet. First, Verisign believes it is a smart idea to move error handling away from the network’s edges towards its center, and to limit it to a single application-level protocol. No…

Seems like we’re living in bad times for the open, end-to-end Internet.First, Verisign believes it is a smart idea to move error handling away from the network’s edges towards its center, and to limit it to a single application-level protocol. Now David Isenberg and Cory Doctorow point to a company named CloudShield. This company believes that the notion that the network should remain “dumb” and simply perform transport is outdated, and develops the tools to make that notion enforceable.

New .au WHOIS Policy

The new .au WHOIS policy (background materials) in a nutshell: The names and e-mail addresses of the registrant and the technical contact are the only personal data disclosed. There are restrictions on the number of queries that a user can send to…

The new .au WHOIS policy (background materials) in a nutshell: The names and e-mail addresses of the registrant and the technical contact are the only personal data disclosed. There are restrictions on the number of queries that a user can send to the WHOIS service. Law enforcement requests are dealt with on a case-by-case basis.

PIR: No wildcards in TLDs, please.

In a letter to ICANN, the Public Interest Registry supports a suspension of VeriSign DNS wildcard service, and commits not to implement such a service for .org. Some rather interesting remarks come close to the end of the letter: We are informed t…

In a letter to ICANN, the Public Interest Registry supports a suspension of VeriSign DNS wildcard service, and commits not to implement such a service for .org.Some rather interesting remarks come close to the end of the letter: We are informed that other domain registries may be exploring services similar to the VeriSign Site Finder. … If this is the case, our comments concerning Site Finder apply with equal force to those other services. … Therefore, we urge ICANN to take whatever remedial action is needed to remove all “wildcard” DNS systems, including VeriSign’s Site Finder, from the DNS. Such action, emphasizing the central responsibility of all service providers, would be an important step in preserving the openness and accessibility of the Internet.It will be interesting to see what position the gTLD registry constituency’s representatives on the GNSO Council will take tomorrow.

SECSAC to Verisign: Stop this.

ICANN’s Security and Stability Advisory Committee has issued some recommendations on sitefinder: Recognizing the concerns about the wildcard service, we call on VeriSign to voluntarily suspend the service and participate in the various review proc…

ICANN’s Security and Stability Advisory Committee has issued some recommendations on sitefinder: Recognizing the concerns about the wildcard service, we call on VeriSign to voluntarily suspend the service and participate in the various review processes now underway. We call on ICANN to examine the procedures for changes in service, including provisions to protect users from abrupt changes in service.Also, the committee is soliciting input on practical security and stability implications, to be sent to secsac-comments@icann.org.

Verisign to ask outside experts.

Reuters reports that Verisign will ask outside experts for advice about Sitefinder: They are going to create a committee of “Internet leaders” to advise it on technical matters. Recommendations on what to do, though, are apparently not welcome. Of…

Reuters reports that Verisign will ask outside experts for advice about Sitefinder: They are going to create a committee of “Internet leaders” to advise it on technical matters. Recommendations on what to do, though, are apparently not welcome.Of course, the necessary expert advice has been readily available for several days now. It’s telling that Verisign convenes a committee (and wastes more time) instead of listening to what’s out there.I’d respectfully suggest that whoever is asked to join this group decline the invitation.

It’s “Verisign v. Users.”

From an anonymous comment in response to the ALAC’s statement on sitefinder: In a recent Cnet article, Verisign is quoted as saying, “We’re fully compliant with every RFC”. … If that’s true, it just kills the argument against Verisign as it then…

From an anonymous comment in response to the ALAC’s statement on sitefinder:

In a recent Cnet article, Verisign is quoted as saying, “We’re fully compliant with every RFC”. … If that’s true, it just kills the argument against Verisign as it then becomes “geeks v. users” with Verisign on the side of the users.

That’s a dangerous misconception, in several ways.

Verisign fires Snubby.

In a somewhat ironic move, Verisign has retired its “snubby mail rejector daemon” and has replaced it by postfix. In related news, there’s now an updated BIND patch for dealing with Sitefinder.

In a somewhat ironic move, Verisign has retired its “snubby mail rejector daemon” and has replaced it by postfix.In related news, there’s now an updated BIND patch for dealing with Sitefinder.

IAB: Wildcards Considered Harmful.

The Internet Architecture Board has released a commentary entitled Architectural Concerns on the use of DNS Wildcards. The commentary gives both an explanation of some fundamental design issues that are created by the use of DNS wildcards, and an …

The Internet Architecture Board has released a commentary entitled Architectural Concerns on the use of DNS Wildcards. The commentary gives both an explanation of some fundamental design issues that are created by the use of DNS wildcards, and an account of problems encountered in a recent experiment with wildcards.Besides recommending strongly against the use of wildcards in TLDs (and most other situations), the IAB suggests a simple, but powerful guideline: If you want to use wildcards in your zone and understand the risks, go ahead, but only do so with the informed consent of the entities that are delegate within your zone.The document concludes with the recommendation that any and all TLDs which use wildcards in a manner inconsistent with this guideline remove such wildcards at the earliest opportunity.

ICANN Advisory on Sitefinder.

ICANN has published an advisory about sitefinder. In a nutshell, ICANN is examining the situation (including the contractual questions that arise with respect to the registry agreement), and has requested input from the IAB and from the security a…

ICANN has published an advisory about sitefinder.In a nutshell, ICANN is examining the situation (including the contractual questions that arise with respect to the registry agreement), and has requested input from the IAB and from the security and stability advisory committee. The latter committee is expected to deliver advice later today.ICANN also has asked Verisign to voluntarily suspend the service until review is completed.

%d bloggers like this: