Security vendor Blue Coat apparently doesn’t check whether domains are actually domains before it advises customers to block them.
Unrepentant, Blue Coat continued to insist that businesses should consider blocking .zip domains, while acknowledging there aren’t any.
It said that its censorware treats anything entered into a browser’s address bar as a URL, so it has been treating file names that end in .zip — the common format for compressed archive files — as if they are .zip domain names. The blog states:
when one of those URLs shows up out on the public Internet, as a real Web request, we in turn treat it as a URL. Funny-looking URLs that don’t resolve tend to get treated as Suspicious — after all, we don’t see any counter-balancing legitimate traffic there.
Further, if a legal domain name gets enough shady-looking traffic — with no counter-evidence of legitimate Web traffic — it’s possible for one of our AI systems to conclude that the behavior isn’t changing, and that it deserves a Suspicious rating in the database. So it gets one.
In other words, Blue Coat has been categorizing Zip file names that somehow find their way into a browser address bar as .zip domain names.
That may sound like a software bug that Blue Coat needs to fix, but it’s still telling people to block Google’s gTLD anyway, writing:
In conclusion, none of the .zip “domains” we see in our traffic logs are requests to registered sites. Nevertheless, we recommend that people block these requests, until valid .zip domains start showing up.
That’s a slight change of position from its original “Businesses should consider blocking traffic that leads to the riskiest TLDs”, but it still strikes me as irresponsible.
The company has still not disclosed the real numbers behind any of the percentages in its report, so we still have no idea whether it was fair to label, for example, Famous Four’s .review as “100% shady”.
ICANN’s board of directors came to blows with its key accountability working group this week, over proposals that would give ICANN the community the right to sue ICANN the organization.
An extraordinary three-hour teleconference between the board and the Cross Community Working Group on Enhancing Accountability (CCWG) Wednesday night came across like some kind of weird, Orwellian, passive-aggressive piece of emotional domestic abuse.
The CCWG, a group of volunteers coming from all parts of the ICANN community, has created a set of proposals for improving ICANN’s accountability to the community as part of its transition process away from US government oversight.
The idea is to create sufficient accountability mechanisms so that if in future the entire ICANN board grows goatee beards and turns Eeevil, the community will still be able to hold them to their bylaws commitments.
The CCWG, following the advice of an independent law firm, decided that the best way to do this was to turn ICANN into a membership organization with a “Sole Member”.
This member would be a legal entity run by community members that would have the right under California law to sue ICANN if it ever failed to live up to its bylaws.
For example, if ICANN refused to implement the decisions of an Independent Review Panel, the member could seek to have the ruling enforced by a court.
This is just one of many proposals made by the CCWG currently open for public comment.
Highly unusually for a public comment period, the ICANN board is going to be a commenter in this case. While its comments have not been published yet, it has taken advice from its lawyers at Jones Day that may give an indication of how it is leaning.
Wednesday night’s call was designed to give the board the chance to bring its initial thinking to the CCWG.
Instead, it wound up being almost entirely about the proposed membership model and the board’s statements that while it supported the CCWG’s proposals 100% it also wanted them fundamentally rewritten.
The board wants the idea of a Sole Member model thrown out and replaced with a new arbitration process that would be legally enforceable in California courts.
So, instead of a legal-entity “member” suing ICANN, some as-yet unidentified community entity would take ICANN to arbitration. The decision of the arbitration panel could then be enforced by the courts if ICANN failed to abide by it.
When CCWG members asked who, in the absence of a legal entity, would take ICANN to arbitration and then sue it, the board had no answer. Instead, directors said the CCWG’s legal advisers should talk to Jones Day to hammer out the “technical” details.
Some members claimed that it would be “impossible” to give the community legal standing to sue ICANN without a membership model. Others said that the board’s 11th hour suggested rewrites would make it “impossible” to hit the deadline for a final proposal by the Dublin meeting next month.
At least a third of the 2-hour 47-minute call was wasted as the CCWG struggled to understand the doublespeak the board had brought into the discussion.
Directors continually insisted that they “completely supported” CCWG’s proposals on enforcement “without reservation”, while simultaneously saying the Sole Member model should be thrown out.
Half way through the call, CCWG co-chair Thomas Rickert reflected exasperation among members: “There is obviously difficulty to understand by many on this call how you fully support what we are doing while proposing something which appears like a complete rewrite.”
Shortly thereafter, Chehade responded:
Why don’t we just agree that we are agreeing with you that the community must be able to get enforcement in California courts, that we will ensure that they have the standing to do it without question. And if we are all in agreement that we are in agreement with each other let’s then let the technical people go solve this. If they call come back and tell us that frankly that advice was flawed, then let’s deal with it then in good faith. But that’s what we’re sharing with you.
Directors said that the proposed member model might have unintended consequences, and that the US government may not approve a proposal that overly complicates ICANN’s legal structure.
An hour later, the CCWG was still scratching its head, nerves were beginning to wear, and the tone was getting increasingly testy as the CCWG repeatedly asked the board to explain how it could express support and simultaneously propose an alternative solution.
“There is absolutely no new proposal,” Chehade said, eventually. “We are embracing your proposal and the objectives of the community. Please hear me on this. There is no new proposal.”
Take your work and break it down: board removal, standing reconsideration, enhancing – getting the IRP back on the track we set, you know, fundamental bylaw, binding arbitration or mechanisms of enforceability. All of the things you have come up with, we are accepting. So when your reaction to our two last hours is that we’re refusing to add any accountability, I don’t know how you come to that frankly…
you yourself in the proposal say that this proposal is not finished, it needs a lot of work. So what we’re saying to you is let’s take this proposal which is not finished and let’s figure out ways to make it real, and real in the next few weeks so we can move forward…
The only area where we are telling you we would like to propose a different mechanism to achieve the same goal is the enforceability.
The whole three hours reminded me of a nightmare-scenario interview where the interviewee has been media-trained up the wazoo and refuses to sway from a set of vaguely scripted talking points.
But which proposal is the right one for ICANN?
Beats me. What does seem quite clear to me is that the board and CCWG are at odds now, despite what ICANN says, and that the expected delivery of a final accountability proposal by Dublin is in serious doubt.
Following the call, ICANN chair Steve Crocker posted a blog post that sought to clarify the board’s position, characterizing it as agreement in principle but disagreement on implementation. He wrote:
We have suggestions on how these [CCWG proposals] could be operationalized. With regards to the mechanisms for community enforceability, where the current proposal still warrants much detail that may not be achievable we have a suggestion on how to deliver on it in a stable way, as increased enforceability must not open up questions of, for example, capture or diminishing of checks and balances.
The Wednesday meeting’s audio, transcript and other notes can all be found here.
Rightside’s application for .cam will be un-rejected after the company beat Verisign in an appeal against a 2013 String Confusion Objection decision.
That’s right, .cam is officially no longer too confusingly similar to .com.
The new panel wrote:
Based on the average, reasonable Internet’s user’s experience, and the importance of search engines, in the [Final Review Panel]’s view, confusion, if any, between .COM and .CAM is highly likely to be fleeting. While a fleeting association may create some “possibility of confusion” or evoke an “association in the sense that the string brings another string to mind,” both such reactions are insufficient under the ICANN SCO standard to support a finding that confusion is probable.
It’s not quite as clear-cut a ruling as the .shop versus .通販 ruling last week, relying on the appeals panel essentially just disagreeing with some of the finer points of the original panel’s interpretation of the evidence.
Relating to one piece of evidence, the appeals panel found that the original panelist “improperly shifted the burden of proof” to Rightside to show that .cam was intended for camera-related uses.
Rightside was one of two applicants given the opportunity to appeal its SCO decision by ICANN last year, largely because two other .cam applicants managed to pass their Verisign objections with flying colors, creating obvious inconsistency.
Taryn Naidu, Rightside’s CEO, said in a statement:
We always felt strongly that the first panel’s decision was seriously flawed. How can .CAM in one application be different from the .CAM in another application when evaluated on the basis of string similarity? The fact is, it can’t.
It’s always struck me as unfair that Verisign did not get the chance to appeal the two SCOs it lost, given that the panelist in both cases was the same guy using the same thought processes.
The question now is: is the appeals panel correct?
I suppose we’ll find out after .cam goes on sale and unscrupulous domainers attempt to sell .cam names for inflated prices, hoping their would-be buyers don’t notice the difference.
The other two .cam applicants are AC Webconnecting and Famous Four Media. All three will now go to auction.
Dish DBS has won the contention set for the .data gTLD, even though its proposed business model has been banned by ICANN.
Competing applicants Donuts and Minds + Machines have both withdrawn their competing applications.
It’s the second string this week to go to a “closed generic” applicant, that wants to keep all the domains in the TLD to itself even though it’s not a dot-brand.
Earlier this week, the company behind the Food Network TV show won .food.
Most companies that applied for closed generics changed their minds after the Governmental Advisory Committee issued advice against the model, but Dish was one of the ones that stuck to its original plans.
In June, ICANN ruled that .data, .food and a few others could either withdraw their bids, drop their exclusivity plans, or have their applications frozen until the next new gTLD round.
As withdrawal now seems to be off the cards, it seem that .data will not see the light of day for some time to come.
If we’ve learned one thing about new gTLD sunrise periods, it’s that adult-oriented TLDs sell quite well.
ICM Registry started its third such period yesterday, as .sex went into its “TMCH Sunrise” phase.
Until October 1, any company with a trademark in the Trademark Clearinghouse will be able to buy a matching .sex domain on a first-come, first-served basis.
From October 5 to October 30, anyone with a .xxx domain name or current .xxx “Sunrise B” block will be able to buy the matching .sex during the Domain Matching phase.
Anyone who buys a .xxx before October 1 will be able to participate in this second sunrise.
ICM reported in May that .porn received 3,995 sunrise registrations while .adult sold 3,902 — both via a combination of TMCH Sunrise sales and blocks.
At ICM’s prices, that’s enough to comfortably cover its ICANN application fees.
Every other new gTLD with the exception of .sucks has sold fewer than 1,000 sunrise names.
General availability for .sex starts November 4.