auDA Domain Name News - Nov 13
13/Nov/2008
auDA Domain Name News is compiled by David Goldstein on auDA's behalf. The views expressed in the news items linked from auDA's website (Linked Documents), do not necessarily reflect the views of auDA. auDA does not warrant the accuracy or reliability of the information contained in the Linked Documents, and assumes no liability to any person for any reliance placed upon any information contained in the Linked Documents.
**********************
GOVERNANCE
**********************
East Africa prepares for global Internet Governance Forum
Representatives from Kenya, Rwanda, Tanzania and Uganda gathered in Nairobi to discuss common issues regarding Internet governance in preparation for next month's global Internet Governance Forum.
www.networkworld.com/news/2008/111008-east-africa-prepares-for-global.html
Q&A: Jonathan Zittrain
Internationally renowned cyberlaw scholar Jonathan Zittrain’s new book carries the provocative title, The Future of the Internet and How to Stop It. Oliver Lindberg asks him exactly what he means
www.netmag.co.uk/zine/discover-interview/q-a-jonathan-zittrain
**********************
DOMAIN NAMES
**********************
**********************
- ICANN
**********************
Termination of Registrar EstDomains to Go Ahead
The termination of ICANN-accredited registrar EstDomains is to go ahead, effective 24 November 2008. On 28 October 2008, ICANN sent a notice of termination to EstDomains, Inc. (EstDomains) based on an Estonian Court record reflecting the conviction of EstDomains' then president, Vladimir Tsastsin, of credit card fraud, money laundering and document forgery.
icann.org/en/announcements/announcement-12nov08-en.htm
Why the DNS is broken, in plain language by Kim Davies
At ICANN’s meeting in Egypt last week, I had the opportunity to try and explain to various non-technical audiences why the Domain Name System (DNS) is vulnerable to attack, and why that is important, without needing a computer science degree to understand it. Here is the summary.
blog.icann.org/?p=395
Compliance with IDN technical requirements by Tina Dam
One of the main IDN related topics from the just-finished ICANN meeting in Cairo that I think deserves some additional attention was: "Why Compliance with IDN technical requirements are a necessity on a global scale". Overall compliance with technical standards are important for TLD registry operators in order to keep their TLD stable and secure and in that way function and work well for their consumers and communities. Per ICANN Bylaws, interoperability of the Internet is a core value, which requires that technical standards are complied with. In some instances failure to comply with technical standards will only affects the corresponding TLD in isolation and does not interfere with other TLDs - when moving to the topic of IDN TLDs however this fact changes very quickly.
blog.icann.org/?p=408
ICANN to terminate notorious registrar's credentials after all
After a brief delay, the non-profit group that oversees the internet's address system has decided to proceed with plans to revoke the credentials of EstDomains, a domain name registrar with a reputation for catering to cyber criminals.
www.theregister.co.uk/2008/11/13/estdomains_loses_icann_appeal/
Obama to make call on ICANN
US president-elect Barack Obama has already pitched himself as tech-savvy about broadband speed and the like, so he looks well-placed to deal with possibly the biggest technology challenges of his first year in office: the future of ICANN, the domain names organisation that helps run the internet.
www.australianit.news.com.au/story/0,24897,24632209-5013641,00.html
ICANN: The Importance of IDN Compliance
ICANN Director of the IDN Program Tina Dam wrote about the importance of compliance with IDN technical requirements on the ICANN blog today. It’s a must read for anyone who has invested in international domain names (domains that use non-roman/latin characters) or considering them as new IDN TLDs are introduced.
domainnamewire.com/2008/11/12/icann-the-importance-of-idn-compliance/
The Lowdown on tiered pricing
The specter of tiered domain pricing has reared its ugly head again. Most will remember a major battle two years ago when the prospect of ICANN allowing Verisign to charge varying prices for domain name registrations and renewals (based on how much they alone thought the individual domains were worth) caused an uproar in the domain community. Verisign already uses that model with the .tv registry (which they administer under an agreement with the island of Tuvalu). Many blame that pricing scheme for stunting the potential growth of .tv, so when the possibility of variable pricing was raised when the .biz/.info/.org contracts came up for renewal two years ago the domain community rose up in arms and stopped it.
dnjournal.com/archive/lowdown/2008/dailyposts/11-12-08.htm
$185,000 to apply for your own gTLD
The internet authority ICANN has set out how applicants will be able to apply to register new top-level domains, as part of plans that could see up to 500 new TLDs launched in the next two years
managingip.com/Article.aspx?ArticleID=2043507
Hundreds Of New TLDS Expected In Draft "Streamlined" Internet Naming Policy
ICANN has released a draft of policies intended to ease the process for parties seeking to create new top-level Internet domains (TLDs). New TLD examples might be .SHOES or .SUMMER or a dot followed by a trademark, as in .FOLEY. ICANN is receiving comments on these new policies until December 8, 2008. The final policies should be in place in early 2009, and new TLDs could start appearing online under the "streamlined" procedure by the end of 2009.
mondaq.com/article.asp?articleid=69510
New gTLD Application
ICANN has formulated a plan for allocating new top-level domain names.
www.sedo.com/links/showhtml.php3?Id=2216
**********************
- ccTLD & gTLD NEWS
**********************
Gov't to permit Japanese suffix for domain names
The communications ministry has begun to study the possibility of allowing the use of Kanji and other Japanese characters for Japan as a country code in Internet domain names, ministry officials said Monday. Currently, ‘‘.jp’’ is the code assigned to Japan by the Internet Corporation for Assigned Names and Numbers which manages domain names or addresses on the Internet.
www.japantoday.com/category/technology/view/govt-to-permit-japanese-suffix-for-domain-names
CO.NL Operator unveils opening steps [news release]
The .CO.NL Operator announces today its official Launch dates for the Grandfather period, Trademark Sunrise, Landrush and Go Live. Anyone willing to secure a .CO.NL domain name will be able to submit their requests through the numerous Registrars that have already partnered with the Operator to allow their customers to benefit from this new alternative.
www.domainpulse.com/2008/11/12/conl-operator-unveils-opening-steps/
sg: Launch of Single Character Domain Names [news release]
On 12 November 2008, SGNIC announced the launch of single character domain names ("Allocation Exercise"). The Allocation Exercise will commence on 1 December 2008 and end on 27 March 2009.
nic.net.sg/newsroom/20081111175020.html
Single character domain names possible from next year in Singapore
Single character domain names such as www.a.sg and www.b.sg will be possible in Singapore come next year.
www.channelnewsasia.com/stories/singaporelocalnews/view/389419/1/.html
Single Letter Domain Names Coming — To Singapore
SGNIC – the Singapore Network Information Centre – has announced it will release single-character domain names (SCDN) for each of the 26 letters of the English alphabet.
www.telecomasia.net/article.php?type=article&id_article=11295
Single Letter Domain Names Coming — To Singapore
Single letter domain names to be allocated for .sg country code domain name.
domainnamewire.com/2008/11/12/single-letter-domain-names-coming-to-singapore/
dotMobi and .tel Are Complementary Domains: There is No Overlap by dotMobi
When the .mobi domain launched in September 2006, people quickly understood it was a Top-Level Domain (TLD) designed to locate mobile content in the same way—for example—that .se locates Swedish content or .museum helps users recognize genuine museum activity. In short, think "mobile phone" when you think ".mobi".
www.circleid.com/posts/20081110_dotmobi_and_tel_domain_names_no_overlap/
Telnic: A $35 Million Investment Gone Awry
A new top level domain, .tel, is getting ready to rollout in the first part of next year. The registry behind the domain — Telnic — has raised a stunning $35 million in outside capital before even launching the domain name.
domainnamewire.com/2008/11/10/telnic-a-35-million-investment-gone-awry/
Rebel Nominet director calls for the heads of Chairman and CEO
A bitter boardroom battle at Nominet, the not-for-profit company in charge of the .uk domain registry, has escalated, with non-executive director Jim Davies calling for the resignation of its Chairman and CEO.
www.theregister.co.uk/2008/11/10/nominet_resignation_call/
**********************
- DNS SECURITY
**********************
DNS inventor decries security in-fighting
Years of in-fighting over the DNSSEC standard have left Internet users unnecessarily exposed to malware. That's according to DNS (Domain Name System Security Extension) inventor, Paul Mockapetris, who said that the 15 years in which the DNSSEC standard was debated by the IETF was far too long-winded a process and meant that security issues in the standard DNS infrastructure had not been addressed. He added that the Kaminsky flaw identified earlier this year was an example of the vulnerabilities in the infrastructure.
www.techworld.com/news/index.cfm?NewsID=106900
www.infoworld.com/article/08/11/11/DNS_inventor_decries_security_infighting_1.html
www.pcworld.com/article/153667/security_dns.html
DNS creator says flaws in protocol put firms at risk
Businesses will face ever greater threats to their security unless flaws in some of the building blocks of the internet are rectified, security experts have warned.
www.computing.co.uk/computing/news/2230433/dns-creator-flaws-protocol-put-4343055
www.vnunet.com/computing/news/2230433/dns-creator-flaws-protocol-put-4343055
DNS inventor blames wrangling for insecure interweb
The inventor of the domain name system has blamed technical and political wrangling for delays in improving internet infrastructure security.
www.theregister.co.uk/2008/11/12/mockapetris_interview/
DNSSEC moves forward a little
VeriSign intends to DNSSEC-sign the internet’s root zone and then the .edu, .com and .net zones – which are operated by the former domain monopolist – said VeriSign's Pat Kane, Vice-president of Naming Services, at the 33rd meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) in Cairo last week. Microsoft executive Shyam Seshadri explained at the meeting how Vista’s successor Windows 7 and Windows 2008 R2's DNS server will support DNSSEC signatures and their validation.
www.heise-online.co.uk/networks/DNSSEC-moves-forward-a-little--/news/111944
One in four public DNS servers insecure
One in four public-facing domain name system (DNS) servers on the internet are still vulnerable to the Kaminsky flaw, according to the fourth annual survey of DNS servers by network services vendor Infoblox.
www.vnunet.com/vnunet/news/2230170/four-public-dns-servers
www.infomaticsonline.co.uk/vnunet/news/2230170/four-public-dns-servers
Survey: One DNS Server in 10 Is 'trivially Vulnerable' [IDG]
More than 10 percent of the Internet's DNS (Domain Name System) servers are still vulnerable to cache-poisoning attacks, according to a worldwide survey of public-facing Internet nameservers.
www.pcworld.com/article/153576/dns_servers_vulnerable.html
computerworld.com/action/article.do?command=viewArticleBasic&articleId=9119724
www.networkworld.com/news/2008/111008-dns-server-kaminsky.html
Survey: 1 in 4 DNS servers still vulnerable to Kaminsky flaw
Despite industry efforts to lock down DNS servers, one in four remain vulnerable to cache poisoning due to the well-documented Kaminsky flaw identified earlier this year and another 40% could be considered a danger to themselves and others, recent research shows.
computerworld.co.nz/news.nsf/scrt/BAD70BF8685A3142CC2574FE0014D465
Distributed DoS attacks surging in scale, ISPs report
Massive distributed denial-of-service attacks against ISPs and their customers doubled in intensity over the past year, according to a new survey.
computerworld.com.au/article/266970/
25% Of DNS Servers Still Vulnerable To Kaminsky Flaw
Security researchers say that DNS will remain a primary exploit target because many people don't understand the Internet's domain name system.
www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=212001825
One in ten DNS servers still vulnerable to poisoning
Four months after researchers warned of a nasty design flaw in the net's address lookup system, more than 10 per cent of the servers used to resolve domain names on the internet remain "trivially vulnerable" to attack, a new study concludes.
www.theregister.co.uk/2008/11/10/dns_server_survey/
Systems for critical industries wide open to cyberattacks
The networks used to manage the industries that the nation relies on, such as energy, transportation and chemicals, are vulnerable to cyberattacks, according to a survey of executives that operate critical infrastructure.
www.nextgov.com/nextgov/ng_20081111_2143.php
ISPs under strain from barrage of DDoS attacks
Internet service providers now spend most of their IT security resources detecting and mitigating distributed denial-of-service attacks, according to a report from Arbor Networks.
news.zdnet.co.uk/security/0,1000000189,39549409,00.htm
www.zdnetasia.com/news/security/0,39044215,62048177,00.htm
ISPs Raise Concerns over SPAM Attacks and IPv6 Security
Arbor Networks has just released its latest annual worldwide Infrastructure Security Report. The study reveals that almost half of ISPs now consider their DNS services vulnerable, while others have expressed concern about "emerging threats" from IPv6 and VoIP.
www.ispreview.co.uk/news/EkkyulFEZkpdBSzIvm.html
ISPs fear IPv6 security threats
The survey polled around 70 IP network operators across the globe, reporting a continued rise in smaller scale and more sophisticated attacks, including service-level and application targeted attacks, DNS poisoning and route hijacking.
www.securecomputing.net.au/News/128114,isps-fear-ipv6-security-threats.aspx
Study: Internet service providers facing more, larger threats
Internet service providers (ISPs) are facing more security threats, while attacks are becoming larger and more sophisticated.
www.securecomputing.net.au/News/128163,study-internet-service-providers-facing-more-larger-threats.aspx
DDoS Attacks Getting More Powerful, ISPs Report Concern Over New Threats and Budget Pressures
Massive distributed denial of service (DDoS) attacks against ISPs and their customers have almost doubled over the past year, according to a new security report.
www.circleid.com/posts/20081111_ddos_attacks_more_powerful_isp_report/
Don't Blame TCP/IP: Recently disclosed threats to the Internet's IP infrastructure turn spotlight on the protocols -- but protection hinges more on politics and business than technology
A potentially lethal DNS cache-poisoning flaw. A man-in-the-middle Internet routing attack. And a mysterious denial-of-service attack using the Transmission Control Protocol (TCP): These recently exposed threats to the Internet are potentially lethal, but do they signal a security meltdown of the underlying Transmission Control Protocol/Internet Protocol (TCP/IP) protocols?
www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=212001576
Study: Critical Infrastructure Often Under Cyberattack [IDG]
Computer systems that run the world's critical infrastructure are not as secure as they should be and insiders are mad. That's according to a new survey released Monday that asked management, network engineers and administrators in nine infrastructure industries about the state of cyber security in the U.S., Canada, and Europe.
www.pcworld.com/businesscenter/article/153645/study_critical_infrastructure_often_under_cyberattack.html
www.infoworld.com/article/08/11/11/Critical_infrastructure_often_under_cyberattack_1.html
Study: Critical infrastructure often under cyberattack [IDG]
Computer systems that run the world's critical infrastructure are not as secure as they should be, according to a new survey.
computerworld.com/action/article.do?command=viewArticleBasic&articleId=9119838
Study: DDoS attacks threaten ISP infrastructure
Internet service providers now spend most of their IT security resources detecting and mitigating distributed denial-of-service attacks, concludes a report from Arbor Networks.
news.cnet.com/8301-1009_3-10093699-83.html
Survey: Energy industry at risk of cyberattack
Critical infrastructure insiders from Europe and North America say energy industry is the worst prepared for cyberattacks while financial services industry is best prepared.
www.zdnetasia.com/news/security/0,39044215,62048184,00.htm
**********************
- DOMAIN DISPUTES
**********************
Kentucky's Legal Bet: A Case of Pushing the States' Rights Envelope
A Kentucky court case that seeks to regulate access to online gambling could have a dramatic impact on the conduct of e-commerce that would go far beyond whether Americans get to indulge in games of chance on the Web. Can a state court seize a domain name if a Web site is found in violation of local laws?
www.ecommercetimes.com/story/65111.html
www.technewsworld.com/story/must-read/65111.html
www.crmbuyer.com/story/must-read/65111.html
Domain Names that Infringe upon Commercial Enterprises' Trademarks
The administrative panel at the WIPO Arbitration and Mediation Center has decided several cases involving trademarks of commercial enterprises and the use of those trademarks in domain names registered by third parties. Complainants in these cases argued that the use of their trademarks in third party's domain names infringes upon their commercial enterprise's trademark and that the domain names had to be transferred to the complainants. The WIPO panel has found that in these cases there is trademark infringement when it is clearly obvious that the domain name was registered in bad faith and the registrant had no legitimate rights to use the disputed domain name.
www.ibls.com/internet_law_news_portal_view.aspx?s=articles&id=C3394585-848C-447A-986C-515E365CA2C8
Rock Group Wants ThirdEyeBlind.net
Rock group Third Eye Blind has filed a UDRP claim to get the domain name ThirdEyeBlind.net. The claim was filed by lead vocalist Stephan Jenkins’ production company. Third Eye Blind’s official web site is the short and simple 3eb.com.
domainnamewire.com/2008/11/10/rock-group-wants-thirdeyeblindnet/
The UDRP and You
Actions for trademark infringement under the UDRP are quite common and are often selected by trademark owners when filing a dispute.
www.sedo.com/links/showhtml.php3?Id=2218
**********************
- IPv4/IPv6
**********************
ISPs fear IPv6 security threats
Over half of internet service providers believe that new threats could emerge with the deployment of the new Internet Protocol version 6 (IPv6), according to the latest annual worldwide Infrastructure Security Report from Arbor Networks.
www.vnunet.com/vnunet/news/2230250/isps-fear-ipv6-security-threats
www.itnews.com.au/News/NewsStory.aspx?story=88772
www.whatpc.co.uk/vnunet/news/2230250/isps-fear-ipv6-security-threats
African governments must buy IP addresses before depletion [IDG]
As they grapple to build national data backbones with the imminent arrival of fiber optics, are African governments forgetting something?
www.networkworld.com/news/2008/111108-african-governments-must-buy-ip.html
www.itworldcanada.com/a/News/c35109f4-d938-4928-833c-e7d79e2f1fde.html
**********************
- MISCELLANEOUS
**********************
The U.S.-Peru Trade Promotional Agreement and its Implication for E-commerce
... The US/Peru TPA also addressed digital age matters; the agreement contains provisions specifically related to e-commerce co-operation between these two countries. There will be no discriminatory treatment of digital products, there will be no customs duties on digital products, and both countries will continue cooperating to implement new policies regarding e-commerce. Additionally, the agreement requires Peru to implement a dispute resolution mechanism to solve trademark disputes involving domain names. The "first-in-time," "first-in-right" principle was adopted to solve trademark disputes in Peru. A very important accomplishment in this agreement was that copyright owners maintain rights over temporary copies of their works on computers. Only authors, composers, and other copyright holders have the right to publish their works online.
www.ibls.com/internet_law_news_portal_view.aspx?s=latestnews&id=2169
Do You Really Own Your Domain Name?
Just because you pay the domain name bill doesn't mean you own it. That's right. You may not be the legal owner. Whoever is the legal owner of your domain name, that person has total control over it including – what Web site it points to, what domain name registrar maintains it, changing information about your domain name account, controlling who administers it, and being able to sell it.
blog.inc.com/e-commerce/2008/11/do_you_really_own_your_domain.html
**********************
- DOMAINING & AFTERMARKET
**********************
Domain name vibrators.com sells for $1m
The domain name vibrators.com sold for US$1 million to PriveCo, a small company selling adult goods, and is set to be one of year’s biggest sales.
technewsreview.com.au/article.php?article=6464
www.domainpulse.com/2008/11/10/vibratorscom-sells-for-1m/
www.domainnews.com/en/general/vibrators.com-sells-for-1m.html
Vibrators.com Sells for $1 Million
Domain Name News received word today that PriveCo Inc has purchased Vibrators.com for $1 Million. The Michigan based company has been running the website at Vibrators.com since 2002.
www.domainnamenews.com/domain-sales/vibratorscom-sells-for-1-million/3144#more-3144
Kredit.de Defies Credit Squeeze Selling for €900,000
The domain name kredit.de recently sold for €892,000 (~US$1,133,000/~A$1,701,000), a remarkable sale given the state of the current financial markets. This makes it the largest reported sale for any .de domain name and, according to Domain Name Journal, the third largest sale for the year to date, outshining the $1 million sale of vibrators.com announced earlier this week.
technewsreview.com.au/article.php?article=6472
www.domainpulse.com/2008/11/12/kreditde-defies-credit-squeeze-selling-for-e900000/
www.domainnews.com/en/general/kredit.de-defies-credit-squeeze-selling-for-900-000.html
kredit.de sells for US$1.13m
Sedo just announced the highest selling .DE sale with kredit.de (”credit”) selling for 892,500 Euro (=1,134,867 USD). The new owner of the domain is Unister GmbH from Leipzig, Germany, which operates portals such as geld.de (money), auto.de (cars) and preisvergleich.de (price comparison).
www.domainnamenews.com/domain-sales/kreditde-sells-for-113-million-usd/3138
Auction Results: Games.mobi Headlines Lackluster .Mobi Auction
If you believe in .mobi, the top level domain for mobile devices, then today was a great buying opportunity for you. The Sedo .mobi auction concluded with many domains selling at discounts of 50%-90% of what they would have sold for just 6 months ago.
domainnamewire.com/2008/11/12/auction-results-gamesmobi-headlines-lackluster-mobi-auction/
What's Old Is New Again for Driving Web Site Traffic
Direct navigation -- when someone gets to a site simply by typing in a generic name -- is a reliable and inexpensive way to drive traffic to your site, suggests Jeremiah Johnston, chief operating officer for the domain name marketplace Sedo.
ecommercetimes.com/story/65095.html
Thought Convergence is Converging the Domain Ecosystem
There are lots of companies playing one or two angles of the domain name business: sales, monetization, registration, etc. Thought Convergence, however, is making a play to own the entire life of the domain from research to registration all the way through sales. That puts it in a class with another Los Angeles domain icon: Oversee.net.
domainnamewire.com/2008/11/10/thought-convergence-is-converging-the-domain-ecosystem/
Expand your Portfolio with Extensions
The .com extension remains the top seller of top-level domains (TLDs) with almost every word in the Webster’s Dictionary already registered with a .co
www.sedo.com/links/showhtml.php3?Id=2219
Rethinking Your Domain Portfolio
How to do more with the domains you own
www.sedo.com/links/showhtml.php3?Id=2215
Last Call for Sedo's .mobi Auction!
Sedo's .mobi Auction closes tomorrow at approximately 12 PM EST. Top names like bank.mobi and blackjack.mobi have already met their reserve and other premium names like software.mobi and media.mobi are just shy of their reserve and expected to end in a sale tomorrow. Don't miss your chance to own such valuable properties on the mobile web!
www.sedo.com/links/showhtml.php3?Id=2212
An "all-in.com" Beats the Rest for Top Sedo Sale of the Week
Sedo’s top sales for the week to 3 November have been released, with the top Sedo sale of the week going to all-in.com that sold for US$40,000. Other five-figure sales (in US$) were bret.com ($15,501), fliq.com ($10,100), games4u.co.uk (£9,000/~$14,000), meeting.me (€8,900/~$11,300) and shortaddress.net (€10,000/~US$12,700).
www.domainpulse.com/2008/11/11/an-all-incom-beats-the-rest-for-top-sedo-sale-of-the-week/
www.domainnews.com/en/general/an-all-in.com-beats-the-rest-for-top-sedo-sale-of-the-week.html
