ICANN chief Rod Beckstrom may have shot himself in the foot when he claimed at the Nairobi meeting that the domain name system is “under attack” and “could stop at any given point in time”.
Beckstrom wants ICANN to create a new CERT, Computer Emergency Response Team, to coordinate DNS security, but he’s now seeing objections from country-code domain managers, apparently connected to his remarks last month.
Chris Disspain of auDA, Australia’s .au registry, has just filed comments on behalf of the ccNSO council, which he chairs, saying it’s not clear whether there’s any need for a DNS CERT, and that ICANN is moving too fast to create one.
It’s pretty clear from the ccNSO statement that Hot Rod’s fairly blunt remarks at the GAC meeting in Nairobi, which I transcribed in full here, have influenced the ccNSO’s thinking on the matter:
the comments of ICANN’s CEO and President, Rod Beckstrom, to governmental representatives in Nairobi, have the potential to undermine the productive relationships established under ICANN’s multi-stakeholder model, cause damage to the effective relationships that many ccTLD operators have developed with their national administrations and discounted the huge efforts of many in the ICANN and broader security community to ensure the ongoing security and stability of the Internet
Disspain had already strongly written to Beckstrom, during the ICANN meeting, calling his comments “inflammatory” and reiterating some of the points made in the latest ccNSO filing.
Beckstrom’s response to Disspain’s first letter is here. I would characterize it as a defense of his position.
It seems pretty crazy that something as important as the DNS has no official security coordination body but, as Disspain points out, there are already some organizations attempting to tackle the role.
DNS-OARC, for example, was set up to fulfill the functions of a DNS CERT. However, as founder Paul Vixie confessed, it has so far failed to do so. Vixie thinks energies would be better spent fixing DNS-OARC, rather than creating a new body.
ICANN’s comments period on its DNS CERT business case is open for another couple of days. It’s so far attracted only a handful of comments, mostly skeptical, mostly filed by ccTLD operators and mostly suggesting that other organizations could handle the task better.
If Beckstrom’s aim in Nairobi was to reignite the debate and Get Stuff Done by scaring stakeholders into action, he may find he’s been successful.
However, if his aim was to place ICANN at the center of the new security initiative, he may ultimately live to regret his remarks.
Either way, I expect DNS security will eventually improve as a result.
Biologist Richard Dawkins, perhaps the planet’s most famous and controversial atheist, has apparently filed a UDRP claim for richarddawkins.com.
The domain, which is down, is registered to a New Jersey address. For the last 10 years, up until at least a week ago, it has sold Dawkins’ books via Amazon’s affiliate program.
The UDRP case was filed with the National Arbitration Forum yesterday. The parties to the case are not yet listed.
Dawkins’ official web site is hosted at richarddawkins.net.
Dawkins may have a struggle on his hands. Celebrity cybersquatting cases are rarely straightforward, and he may have trouble proving both trademark rights and bad faith.
Better knock on wood, Richard.
It took a few weeks, but American Christian groups have finally noticed that ICM Registry’s .xxx domain is back under consideration at ICANN.
The number of comments on ICANN’s latest .xxx public comment forum has rocketed today, reminiscent of the first time this proposal was considered.
While the emails fail to address the issues at hand — how ICANN should process ICM’s application in light of the IRP decision — they do at least avoid using form letters.
The general sentiment is anti-pornography, rather than anti-.xxx.
Here’s a sample:
Please do not approve a .xxx domain for peddlers of pornography. Pornography is degrading to women and destructive to families.
Pornography is vile and can lead to breakdown of marriages, abuse, even murder in some cases.
Money talks, and the money this kind of sleaze (“Dot-XXX”) generates veritably screams.
History has shown that civilizations that go down this road eventually fail due to lack of moral standards. This type of internet will increase the danger of a society that has no moorings, that has no “right or wrong.” It will lead to more such atrocities such as drugs, revolting against society, even death.
I hope you’re listening, ICM Registry. You are the lead in the drinking water.
Allstate Insurance Company, a US insurer with over $30 billion in revenues, has just won a UDRP claim over AllstateInsurance.com, almost 10 years after the domain was first registered.
The company has been using the Allstate trademark for almost 80 years, and is currently the second-largest insurance company in America.
AllstateInsurance.com, the exact match of its company name as well as a combination of its trademark and its primary line of business, was registered in November 2000.
It is currently registered to a Korean individual named Seung Bum; he fought the UDRP claim unsuccessfully.
After a brief period being used by an apparently genuine insurance firm, the domain has been parked with PPC ads for other insurance companies for the best part of the last decade.
The volume of type-in traffic over than period must have been substantial, and one can only speculate how much revenue was accumulated.
All of which begs the question: why on earth did Allstate wait 10 years to file a UDRP claim?
It seems that cybersquatting, at least in this case, pays.
The number of UDRP claims a company files will help it qualify for a list of 100 brands that qualify for special protection in new gTLD launches.
Deloitte’s new brand list, expected to be published within a week, was created in response to ICANN’s call for a “globally protected marks list” or GPML, that new gTLDs can use in their sunrise periods.
The number of times a brand has been subject to a UDRP complaint is one of four criteria Deloitte is using for inclusion on the list.
.CO Internet, manager of the newly relaunched .co ccTLD, is already using the list in its sunrise period, referring to it as a “Specially Protected Marks” list.
Deloitte is more cautious, pointing out that while it was designed to fulfil some of the objectives of the ICANN GPML, it is not “the” GPML.
The company says: “the list published by Deloitte specifically intends to provide a fair view on which brands stand out in the safeguarding and enforcement of rights in the context of domain names.”
To make it onto the list, brands are assessed on these criteria: the web site’s ranking, the number of trademarks registered worldwide, whether the brand has participated in a previous sunrise, and how often the brand is cybersquatted.
For this last criterion: “Deloitte has reviewed in particular how many times a certain trademark has been invoked in the context of domain name dispute resolution proceedings, in particular in UDRP.”