Latest news of the domain name industry

Recent Posts

Root DNSSEC push delayed two weeks

Kevin Murphy, May 18, 2010, Domain Tech

The final rollout of DNSSEC to the internet’s root servers, a major security upgrade for the domain name system, has been pushed back two weeks to July 15.

ICANN’s DNS director Joe Abley said in an update on root-dnssec.org and in email to the dns-ops mailing list:

The schedule change is intended to allow ICANN and VeriSign an additional two weeks for further analysis of the DURZ rollout, to finalise testing and best ensure the secure, stable and resilient implementation of the root DNSSEC production processes and systems.

The Deliberately-Unvalidatable Root Zone is a way for the root operators to test how normal DNS resolution copes with fatter DNSSEC responses coming from the root, before worrying about issues concerning DNSSEC validation itself.

The DURZ has been cautiously rolled out over the last few months and has been operational across all 13 root servers since May 5.

The original plan called for the roots to become validatable following a key signing ceremony on July 1

The schedule change from ICANN also comes with a notice that the US government will be asking for public comment before the decision is made to properly sign the root.

Prior to 2010-07-15 the U.S. Department of Commerce (DoC) will issue a public notice announcing the publication of the joint ICANN-VeriSign testing and evaluation report as well as the intent to proceed with the final stage of DNSSEC deployment. As part of this notice the DoC will include a public review and comment period prior to taking any action.

I may be just a little forgetful, but I can’t remember hearing about this Commerce involvement before.

Still, DNSSEC is a big change, so there’s nothing wrong with more of the softly-softly approach.

ICANN switches off .mobi land-rush flipper

ICANN has terminated a domain name registrar that seems to have been made its business flipping land-rush domains, especially in .mobi.

Mobiline, doing business as DomainBonus.com, is an Israeli outfit that received its registrar accreditations about five years ago.

While it seems to have registered a very small number of domains, domainbonus.com did provide DNS for a few thousand dictionary .mobi domains, registered during the September 2006 land-rush.

A lot of these domains appeared to have been originally registered in the name of Mobiline’s owner, Alex Tesler.

Many have been since been flipped and archives of the DomainBonus front page show the firm was mainly preoccupied with aftermarket sales rather than fresh registrations.

ICANN has revoked its accreditation (pdf) for failure to pay its dues and escrow Whois data with Iron Mountain, as all registrars must.

ICANN is also switching off Western United Domains, a Spanish outfit that appears to have no web presence whatsoever, for the same reasons.

Crypto legend Diffie joins ICANN

Kevin Murphy, May 16, 2010, Domain Tech

Whitfield Diffie, one of the fathers of modern cryptography, has been hired by ICANN as its new vice president for information security and cryptography.

ICANN said Diffie, who was Sun Microsystems’ chief security officer until last November, will advise ICANN “in the design, development and implementation of security methods” for its networks.

Diffie, along with his colleague Martin Hellman, basically invented the first method of securely exchanging cryptographic keys over insecure networks, in the 1970s.

The coup comes at an appropriate time for ICANN, which intends to start signing the internet’s DNS root servers with DNSSEC security keys on July 1.

Diffie will no doubt be pushed front-and-center for the photo ops during the first signing ceremony.

Registrars responsible for proxy cybersquatters

Domain name registrars can be liable when their customers break the law, if those customers use a privacy service, according to new ICANN guidance.

The ICANN advisory clarifies the most recent Registrar Accreditation Agreement, and seems primarily pertinent to UDRP cases where the registrar refuses to cooperate with the arbitrator’s request for proper Whois records.

The advisory says:

a Registered Name Holder licensing the use of a domain is liable for harm caused by the wrongful use of the domain unless the Registered Name Holder promptly identifies the licensee to a party providing the Registered Name Holder with reasonable evidence of actionable harm

In other words, if a domain gets hit with a UDRP claim or trademark infringement lawsuit, as far as the RAA is concerned the proxy service is the legal registrant unless the registrar quickly hands over its customer’s details.

Law enforcement and intellectual property interests have been complaining about registrars refusing to do so for years, most recently in comments on ICANN’s Whois accuracy study.

ICANN offers a definition of the word “promptly” as “within five business days” and “reasonable evidence” as trademark ownership and evidence of infringement.

I don’t think this ICANN guidance will have much of an impact on privacy services offered by the big registrars, which generally seem quite happy to hand over customer identities on demand.

Instead, this looks like it could be the start of a broader ICANN crackdown on certain non-US registrars offering “bulletproof” registrations to cybersquatters and other ne’er-do-wells.

I wouldn’t be surprised to find the number of ICANN de-accreditations citing refusal to cooperate with UDRP claims increasing in future.

The new ICANN document is a draft, and you can comment on it here.

ICANN closes .xxx forum after 14,000 comments

Kevin Murphy, May 13, 2010, Domain Policy

ICANN has finally shut down the latest public comment period on the proposed .xxx TLD, and now faces the task of finding the few dozen grains of wheat in about 14,000 pieces of chaff.

It’s general counsel John Jeffrey’s task to provide the round-up on this, possibly record-breaking, public comment period, although I understand ICM Registry may also provide its own, alternative, summary document.

I had a quick chat with Jeffrey yesterday. He told me comments were kept open beyond the advertized Monday shutdown because ICANN staffers are allowed to use their discretion when forums are seeing a lot of activity.

He also noted that the comment period was not a referendum on the merits of .xxx; ICANN had solicited feedback on a specific set of process options on how to handle .xxx.

It’s my impression that the 10,000+ identical form emails from the American Family Association may, rightly, wind up being considered as a single comment.