Don't forget to check out http://auda.org.au/domain-news/ for today's edition of the complete domain news, including an RSS feed - already online!Headlines from the 16 August edition of the news include:
Web TV demands high-power broadband | Major attack hits internet's 'root' servers | Major website blackout blamed on massive attack | IT security: Too big for government | Making money out of typos - Icann must act | PICISOC returns to its origin: Honiara, Solomon Islands | PM opens PacINET 2007 | Nominet registrant satisfaction survey 2007 | Turkish newspaper Hurriyet wins right to domain name, UN panel rules | Does Success Hinge on a Domain Name?
And see my website - http://technewsreview.com.au/ - for daily updates in between postings.**********************************************************
Sponsored by the Singapore Internet Research Centre
http://www.ntu.edu.sg/sci/sirc/Sponsored by EuroDNS and AsiaDNS - for your domain name registration
http://www.eurodns.com/**********************************************************
ICANN Request for Information on Domain Tasting
http://icann.org/announcements/announcement-2-10aug07.htmICANN Launches Latest Consultation on New TLDs
http://icann.org/announcements/announcement-10aug07.htmEditorial: ICANN's WHOIS Policy Shift Would Be Criminal Negligence
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=300493Opinion: The Return of the IPv4 Shortage by Larry Seltzer
http://www.eweek.com/article2/0,1895,2168465,00.asp2,500,000 .nl domain names registered
http://technewsreview.com.au/article.php?article=2307nz: Third consultation on RMC Policy Review
http://dnc.org.nz/story/30287-29-1.html
**********************
RESEARCH PAPERS
**********************
Protecting Browsers from DNS Rebinding Attacks by Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao & Dan Boneh [Stanford University]
ABSTRACT: DNS rebinding attacks subvert the same-origin policy of browsers and convert them into open network proxies. We survey new DNS rebinding attacks that exploit the interaction between the browser and browser plug-ins such as Flash and Java LiveConnect. These attacks can be used to circumvent firewalls and are highly cost-effective for sending spam e-mail and defrauding pay-per-click advertisers, requiring less than $100 to temporarily hijack 100,000 IP addresses. We show that a well-known, existing defense against these attacks, called ?DNS pinning,? is ineffective in modern browsers. The primary focus of
this work, however, is the design of strong defenses against DNS rebinding attacks that protect modern browsers. For the near-term, we suggest easy-to-deploy defenses that prevent large-scale exploitation by patching individual plug-ins and improving the robustness of browser DNS pinning strategies. For the longterm, we propose two solutions, circumvention-resistant firewalls and host name authorization, that fix the root cause of DNS rebinding vulnerabilities by preventing the attacker from naming a target server.
http://crypto.stanford.edu/dns/dns-rebinding.pdfhttp://www.circleid.com/posts/070809_defending_networks_dns_rebinding_attacks/**********************
DOMAIN
NAMES
**********************
**********************
- ICANN
**********************
ICANN Request for Information on Domain Tasting
In view of the increase in domain tasting (definitions below), the GNSO Council recently considered an Issues Report on Domain Tasting and resolved to form an ad hoc group for further fact-finding on the effects of this practice.
http://icann.org/announcements/announcement-2-10aug07.htmICANN Launches Latest Consultation on New TLDs
ICANN is taking another step towards its goal of bringing new gTLDs online with today?s launch of a public consultation on a key report from ICANN?s GNSO.
http://icann.org/announcements/announcement-10aug07.htmEditorial: ICANN's WHOIS Policy
Shift Would Be Criminal Negligence
There?s a move afoot to help criminals obscure their illegal online activities. ICANN is considering making it possible for anyone to avoid putting Web site ownership and contact information into the Internet?s WHOIS database. This seemingly minor change to the already loose requirements for Web site registration is being advocated by an unholy alliance of privacy ideologues, primarily in the European Union, and greedy ISPs. The former group argues that the less that is known about a Web site owner, the better that person?s rights are protected. The ISPs supporting the change see it as a way to generate more business, though most of it is likely to be from crooks who, ironically, rip off Internet users by violating their privacy.
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=300493ICANN Investigating Domain Tasting by Michele Neylon
ICANN has announced that it is seeking input and feedback on the topic of domain tasting.
http://www.isquattedyour.eu/2007/08/11/icann-investigating-domain-tasting/http://www.circleid.com/posts/070811_icann_investigating_domain_tasting/Introduction of new gTLDs
Pages 31 to 37 of ICANN GNSO Final Report on Introduction of New GTLDs are like an inventory of national trademark laws and international texts regarding protection of distinctive
signs.
http://domaine.blogspot.com/2007/08/introduction-of-new-gtlds.htmlPublic Input Made Easier With One-Stop Comment Page
ICANN is making it easier for the community to review all of the issues in the consultation phase and to provide their comments with a new public comment page on the ICANN website.
?This new webpage aims to provide a quick and simple entry point for people to read up and comment on ICANN?s ongoing processes, and thereby enhance and increase participation from the Internet community,? said Paul Levins, ICANN?s Executive Officer and Vice President, Corporate Affairs. ?Like the recent launch of the ICANN Monthly Magazine, the page should also help people understand what issues are being discussed at ICANN, and how interested stakeholders can contribute.?
http://icann.org/announcements/announcement-09aug07.htmWhat Zittrain Doesn't Get by Milton Mueller
Dawn Nunziato has developed a strong paper on the connection between Internet governance and freedom of _expression_. Her law review article, published on SSRN and freely available here, argues that the Internet governance regime centered around ICANN "has failed to implement substantive norms of democratic governance, most importantly, protection for freedom of _expression_." In her article, she challenges "the prevailing idea that ICANN's governance of the Internet's infrastructure does not threaten free speech."
http://blog.internetgovernance.org/blog/_archives/2007/8/6/3142881.htmlResponse to Professor Zittrain by Milton Mueller
If I may
summarize your rejoinder, you make the following points: 1) Too much time is spent on ICANN, diverting scarce time and attention from more important venues; 2) Censorship of public labels would have "near zero effect" on access to content; 3) We are guarding the wrong door, the strongest threats to freedom of _expression_ come from private firms, such as Google or Myspace or ISPs.
http://blog.internetgovernance.org/blog/_archives/2007/8/7/3145104.htmlPacINET 2007 To Tackle Key ICT Issues [news release]
Delegates at PacINET 2007 are expected to tackle a wide range of Information and Communications Technology development issues affecting the Pacific when they meet in Honiara, Solomon Islands, this week.
http://scoop.co.nz/stories/WO0708/S00424.htmPacific Islands Chapter of the Internet Society (PICISOC) [news release]
Some 200 local, regional and international delegates are expected in the Solomon Islands this week for PacIN 2007. PacINET is the annual gathering of ICT experts organised by the Pacific Islands Chapter of the Internet Society (PICISOC).
http://www.tonga-now.to/Article.aspx?ID=3845&Mode=1**********************
- IPv4/IPv6
**********************
The Return of the IPv4 Shortage by Larry Seltzer
Opinion: Do you think that the address shortage is an urban legend? It may not be. Most people have long considered it a myth. Many years ago I was told dismissively, by smart people, that "we'll never run out of IP addresses!" But now people who
really should know not only see it happening, they see the pool of IPv4 addresses exhausting in "late 2009 / early 2010." Yikes! That's just around the corner!
http://www.eweek.com/article2/0,1895,2168465,00.asp**********************
- (cc)TLD NEWS
**********************
IT & Media - new Registrar for .gw TLD: Global Web [news release]
IT & Media, Corp. a US Company with headquarter in Lisbon, Portugal has acquired the rights of Guinea-Bissau´s ccTLD .gw, after negotiations with their Government. IT & Media is the sole agent to market and sell .gw domain names worldwide. IT & Media is going to turn the ccTLD .gw into a Global Web Domain. ... In October 2007, a Sunrise Period for .gw - global web Domain names - will commence. During this period only companies and trademarks can register their names.
http://www.pr.com/press-release/479802,500,000 .nl domain names registered
On 8 August, the 2,500,000th .nl domain name was registered. Since 2003 SIDN say there has been a strong increase in the number of .nl domain names registered. In December 2003 the one millionth domain name was registered and the two millionth in August 2006. SIDN note that despite the introduction of the .eu ccTLD, the .nl ccTLD registrations have increased by 25%.
http://www.sidn.nl/ace.php/c,727,5314,,,,2_500_000ste_nl-domeinnaam_geregistreerd.html [in Dutch]nz: Third consultation on RMC Policy Review
InternetNZ, through the Domain Name Commission, is currently reviewing the Registering, Managing and Cancelling Domain Names policy. An initial call
for comments on the policy review resulted in four submissions being received. These can be seen at http://dnc.org.nz/rmc-review. A second call for comments on some of the proposals raised as a result of the initial consultation was undertaken.http://dnc.org.nz/story/30287-29-1.html.ru approaches 1 million registrations
The .ru ccTLD has passed 950,000 registrations and should reach one million registrations in September according to a recent article from CNews. By passing one million registrations, the .ru ccTLD will be the eighth largest, behind .de, .uk, .cn, .eu, .nl, .it and .us with .ca and .dk close behind.
http://eng.cnews.ru/news/top/indexEn.shtml?2007/08/09/262125http://globedomains.com/2007/08/10/ru-is-closing-in-on-1-million-registrations/Enhancing Quality and Value for usTLD [news release]
With the .us TLD bids being reviewed by the U.S. Department of Commerce, the public needs a clear and accurate description of what "quality" registry stewardship really means for a TLD like the usTLD.
http://dnalliance.us/archives/000042.htmlSecurity and Stability for the usTLD
The DNS has come under progressively sophisticated and frequent attacks in the past few years. Increasingly, capable criminals are constantly developing advanced cyber-attacks that both harm users and allow attackers to profit from such activity. As the Internet continues to scale, more users rely on DNS for the exchange of
information and day-to-day online transactions and expect 24x7 access and availability. Domains that host government sites, like usTLD, are natural targets for bad actors that launch distributed denial of service (DDoS) and other attacks. Attacks generating interruptions or degradation of service for these critical assets can inflict significant economic damage and weaken security.
http://dnalliance.us/archives/000045.html**********************
- DOMAIN DISPUTES
**********************
Leftist sets up fake KKK site to smear Fred?
... There?s no deception, really, unless you?re a halfwit MSNBC producer; they?re simply trying to capitalize on the domain name confusion to goof on any supporters of their hate object who might stumble onto their site instead. The fact that the domain was obviously deliberately chosen to resemble the domain
of the official campaign site is actually the biggest giveaway, and probably what raised Ed?s suspicion in the first place.
http://hotair.com/archives/2007/08/09/leftist-sets-up-fake-kkk-site-to-smear-fred/ru: Cybersquatters register domain name similar to that of Uralsvyazinform
Most users who peruse Russian web-pages were sent out a letter that stated a new domain name uralsvyazinform.com (an almost identical copy of uralsvyazinform.ru, the name of the Urals? major telecommunication provider) had been registered recently. Uralsvyazinform.com is currently hosting a dating site and a link offering to buy this domain name.
http://en.urbc.ru/daynews.asp?ida=166383New York Domain Name Bill to Become Law
On the surface
this isn?t a big deal. After all, registering a famous person?s name will likely land you on the losing end of a UDRP. Also, the bill hasn?t kept up with the times. It has a penalty for registering a person?s name with the intent to sell the domain to that person. It mentions nothing of registering someone?s name and profiting off of pay-per-click revenue. Furthermore, other states have laws similar to this one. But there are three things the author has previously pointed out about this bill that are worrisome, these being The law can be twisted to violate free speech; It flies in the face of established internet governance and The bill is was championed as a way to protect identity theft.
http://domainnamewire.com/2007/08/09/new-york-domain-name-bill-to-become-law/http://domainnamenews.com/legal-issues/new-york-state-makes-their-own-domain-laws/814Domain Law Takes Effect
A measure sponsored by Senator Betty Little (R,C,I-Queensbury) aimed at preventing a person from registering a domain name that is similar to or the same as another living person or business with the specific intent to profit from selling the domain name to that person or business has been signed into law.
http://northcountrygazette.org/news/2007/08/10/domain_law/http://www.csccorporatedomains.com/industry-news.asp?ItemID=18240333http://www.csccorporatedomains.com/industry-news.asp?ItemID=18241549http://domaine.blogspot.com/2007/08/ny-it-is-now-crime-to-register-name-of.html**********************
- MISCELLANEOUS
**********************
Evesham ex-employee registers Geemore.com
Disillusioned ex-Evesham Technology workers now have a new website where the 150 or so redundant staff can vent their spleens, look for new jobs and talk about the good old days at the firm. Geemore.com has been setup with a forum for staff to stay in touch on all things Evesham-related. Surprisingly, despite the fact that Evesham is now a trading name for Geemore Ltd, nobody at the firm appeared to have had the foresight to register the domain names Geemore.com and
Geemore.co.uk.
http://www.channelregister.co.uk/2007/08/09/evesham_geemore_forum_website_dte/Greater Transparency in Domain Name Pricing
Tucows issued a press release today wherein they announced lower domain name pricing and enhanced services.
http://www.zunmi.com/html/news/6/20070808/2681.htmlSex.com (The Book) Is Worth the Wait
Kieren McCarthy?s entertaining chronicle about the Sex.com theft is an engaging read.
http://domainnamewire.com/2007/08/11/sexcom-the-book-is-worth-the-wait/Austin company files for public stock offering for creditcards.com
In a little more than three years,
CreditCards.com Inc. has gone from an expensive piece of Web real estate to filing for an initial public offering that could raise $115 million.
http://www.statesman.com/business/content/business/stories/other/08/11/0811creditcards.htmlhttp://www.247wallst.com/2007/08/ipo-filing-cred.htmlhttp://domainnamewire.com/2007/08/10/creditcardscom-files-for-ipo/**********************
- DOMAINING
**********************
Domain Roundtable Conference to Kick Off 12 August in Seattle, Washington [news release]
Name Intelligence presents its 3rd Annual Domain Roundtable Conference from August 12
- 15, 2007, in Seattle, Washington. The event, being held at the newly-renovated Seattle Sheraton Hotel, boasts the largest ever live domain auction, nTag wireless networking devices, and parties every night hosted by top sponsors at some of Seattle hottest clubs. An event not to be missed by veterans of the industry and professionals new to the domaining scene.
http://www.prweb.com/releases/2007/08/prweb545625.htmhttp://emediawire.com/releases/2007/8/emw545625.htmhttp://thewhir.com/marketwatch/081007_Domain_Roundtable_Starts_Monday.cfmWhy domain tasting is great!
In the light that there has been an enormous amount of press on
how bad domain tasting is I'm going to propose a contrary view and argue that it's healthy for the industry. Domain tasting is great, I love it!! Let's get some healthy debate happening here therefore I'll throw down the gauntlet to the other side and invite them to argue their case why domain tasting is bad in the forum.
http://whizzbangsblog.com/content/view/240/86/**********************
- DOMAIN SALES
**********************
Sedo to Hold Live .UK Auction [news release]
Sedo will assist the world's first live auction for .co.uk domain names. The event will take place at the Domain Focus conference in London on September 6 to 7. Sedo's event at Domain Focus marks the first time that an auction will be focused on a particular regional TLD.
http://thewhir.com/marketwatch/080907_Sedo_to_Hold_Live_.UK_Auction.cfm"No to Hillary for President" Domain to be Auctioned
New Dimensions Media Group announced it will sell the Internet domain No to Hillary for President.com (www.notohillaryforpresident.com) via E-Bay auction at 2pm (PST) on August 15th.http://emediawire.com/releases/2007/8/emw545968.htmhttp://www.prweb.com/releases/2007/8/prweb545968.htmPharmacy.com Finally in Play, FairWinds Partners to Broker [news release]
FairWinds Partners, an Internet strategy consulting firm headquartered in Washington, D.C.,
has been hired as the exclusive broker for the sale of Pharmacy.com.
http://sev.prnewswire.com/electronic-commerce/20070810/NEF01810082007-1.htmlhttp://prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/08-10-2007/0004643413**********************
- NON-ENGLISH NEWS
**********************
IP-Adressregistry RIPE mit Beraterstatus bei den Vereinten Nationen
Die IP-Adressvergabestelle für Nutzer in Europa, Réseaux IP Européen (RIPE), wurde vom Wirtschafts- und Sozialrat der Vereinten Nationen (UN ECOSOC) in die Liste akkreditierter Organisationen aufgenommen.
http://www.heise.de/newsticker/meldung/94207Domain .test in 11 Zeichensystemen in die DNS-Rootzone aufgenommen
Ende September wird die IANA die TLD .test in elf verschiedenen Zeichensystemen beziehungsweise Schriftsprachen in die Rootzone eintragen. Das gab die private Netzverwaltung ICANN Anfang der Woche bekannt.
http://www.heise.de/netze/news/meldung/94060Exploit für Schwachstelle in Nameserver BIND9 veröffentlicht
Auf dem Exploit-Portal Milw0rm ist ein Programm erschienen, das in der Lage ist, die kürzlich im Nameserver BIND9 gemeldete Schwachstelle auszunutzen.
http://www.heise.de/newsticker/meldung/94180Virenschreibern gehen die Ideen aus
Virenautoren gehen zunehmend die
Ideen aus, was das Entwickeln neuer Malware betrifft. Zu diesem Schluss kommt der Sicherheitsexperte Alexander Gostev in seinem aktuellen Quartalsbericht IT-Bedrohungen für Kaspersky Lab. Gostev zufolge konnte im Beobachtungszeitraum April bis Juni 2007 von den Sicherheitsspezialisten keine einzige Malware mit einer neuartigen intelligenten Schadroutine entdeckt werden. Gleichzeitig griffen die Virenschreiber wieder vermehrt auf jahrelang erprobte Methoden wie Distributed-Denial-of-Service-Angriffe (DDoS) und das Ausnützen von Browserschwachstellen zurück.
http://derstandard.at/?id=2990422Institutionalisierte Ungleichheit
Zwei disparate Entwicklungen prägen die heutige Weltordnung: Die unipolare Dominanz der USA einerseits, die wachsende Bedeutung globaler Normen andererseits. Zusammen betrachtet, ergibt sich das Bild eines rechtlich stratifizierten
Mehrebenensystems, in dem das Grundprinzip des Rule of Law ? souveräne Gleichheit ? unterminiert wird.
http://www.internationalepolitik.de/archiv/jahrgang2007/mai-2007/institutionalisierte-ungleichheit.htmlUn .LAC pour l?Amérique latine
Dans un entretien avec Latinoamericann, organisation dédiée à l?Internet en Amérique latine, Oscar Robles, CEO du Nic MX, revient sur ce projet de création d'une extension latino américaine.
http://domainesinfo.fr/extension/1279/un-lac-pour-l-amerique-latine.phpPrivé de sex(.eu)!
Pendant la phase d'enregistrement prioritaire des noms en .eu, il fallait être un organisme public, ou disposer d'une marque, pour obtenir un
nom de domaine. On sait que l'existence de cette seconde option a entraîné un ensemble de dépôts "d'opportunité", des personnes ayant déposé des marques dans l'optique d'obtenir ensuite les noms correspondants.
http://domaine.blogspot.com/2007/08/priv-de-sexeu.htmlNieuwe domeinextensie tegen internetfraude
Een speciale domeinextensie moet internetbankieren en andere online financiële zaken beter beschermen tegen internetfraude. Deze zouden bijvoorbeeld een extensie moeten krijgen als .bank of .safe, aldus Mikko Hypponen, directeur van F-Secure.
http://www.techzine.nl/nieuws/13185/Nieuwe-domeinextensie-tegen-internetfraude.html2.500.000ste .nl-domeinnaam geregistreerd [news release]
Vandaag is de
2.500.000ste .nl-domeinnaam geregistreerd! Sinds 2003 is er een sterke groei van het aantal .nl-domeinnamen.
http://www.sidn.nl/ace.php/c,727,5314,,,,2_500_000ste_nl-domeinnaam_geregistreerd.htmlICANN en SIDN tekenen Accountability Framework [news release]
Tijdens de 29de ICANN bijeenkomst te San Juan, Puerto Rico, zijn SIDN en ICANN gisteren, donderdag 28 juni 2007, een zogenaamd Accountability Framework overeengekomen.
http://www.sidn.nl/ace.php/c,727,5288,,,,ICANN_en_SIDN_tekenen_Accountability_Framework.html?ACE_Id=6e6dc8cfa8418d040a684d2e0097a4a9Story on DNS in Chinese
http://www.zunmi.com/html/study/1/20070808/2683.htmlStories on .mobi in Chinese
http://cbinews.com/ecommerce/showcontent.jsp?articleid=56551http://it.com.cn/f/server/078/8/458815.htmhttp://it.nmas.cn/f/server/078/8/458815.htmStory in Korean mentioning ICANN and VeriSign
http://kmobile.co.kr/k_mnews/news/news_view.asp?idx=131549+++++++++++++++++++++++++++++++
Check out http://auda.org.au/domain-news/
for the most recent edition of the domain news, including an RSS feed - already online!The domain name news is supported by auDA.
For information on subscriptions to the domain name and/or general internet news please contact me. For archives of postings to the list, see http://lists.technewsreview.com.au/pipermail/technewsreview/. Also see http://technewsreview.com.au/ for recent updates.Sources include Quicklinks <http://qlinks.net/> and BNA Internet Law News <http://www.bna.com/ilaw/>.+++++++++++++++++++++++++++++++
(c) David Goldstein 2007
---------
David Goldstein
address: 4/3 Abbott Street
COOGEE NSW 2034
AUSTRALIA
email: Goldstein_David @yahoo.com.au
phone: +61 418 228 605 (mobile); +61 2 9665 5773 (home)
"Every time you use fossil fuels, you're adding to the problem. Every time you forgo fossil fuels, you're being part of the solution" - Dr Tim Flannery
