Latest news of the domain name industry

Recent Posts

Two-letter .info auctions get go-ahead

Kevin Murphy, April 25, 2010, Domain Registries

ICANN has approved Afilias’ request to auction off its reserve of one and two-letter .info domain names.

The company seems to be planning to allocate the names both at auction and through a request-for-proposals process that would see registrants promise to develop and market their .info sites.

Any big partnerships could provide a welcome profile boost to .info, which has been around for a decade but still only grows about as much in a year as .com does in a month.

While auctions could also bring a nice windfall to the company, Afilias can expect to come under pressure from certain trademark holders to keep their brands off the market.

Volkswagen’s lawyers apparently “threatened every action in the book” to keep vw.biz out of Neustar’s allocation process for two-letter .biz names last year.

NeuStar files for patent on DNSSEC hack

Kevin Murphy, March 25, 2010, Domain Tech

NeuStar has applied for a US patent on a stop-gap technology for authenticating DNS queries without the need for DNSSEC.

The application, published today, describes a system of securing the DNS connection between authoritative name servers and recursive servers belonging to ISPs.

It appears to cover the technology underlying Cache Defender, a service it started offering via its UltraDNS brand last July.

It was created to prevent the kind of man-in-the-middle attacks permitted by the 2008 Kaminsky exploit, which let attackers poison recursive caches, redirecting users to phoney web sites.

The DNSSEC standard calls for DNS traffic to be digitally signed and was designed to significantly mitigate this kind of attack, but it has yet to be widely deployed.

Some ccTLDs are already signed, but gTLD users will have to wait until at least this summer. The .org zone will be signed in June and ICANN will sign the root in July but .com will not be signed until next year.

While Kaminsky’s vulnerability has been broadly patched, brute-force attacks are still possible, according an ISP’s experience cited in the patent filing.

“The patch that experts previously believed would provide enough time to get DNSSEC deployed literally provided the industry just a few extra weeks,” it reads.