For those still interested in the BREXIT, eco Association of the Internet Industry published a BREXIT paper based on the telephone conference in July. See https://numbers.eco.de/international.html
Link | Posted on Sep 26, 2016 7:46 AM PDT by Lars Steffen
An additional question: Does your company have a plan for dealing with a failure on the cloud provider side? Even Amazon has failures that take out entire data centers, ones where the normal failover process doesn't work leaving everything dead in the water. SLAs can't prevent those failures, and when they happen getting your services back up may not be the provider's first priority. Does your company have a plan for dealing with this some way or another? And can your company absorb the financial hit you'll be taking? Your SLA may cover refunding what you would've paid for your services for the duration of the downtime, but it's unlikely to cover lost sales and other indirect costs of your not being able to do business and those will far outweigh the bill for cloud services for the duration.
Link | Posted on Sep 24, 2016 3:25 PM PDT by Todd Knarr
"RegisterFly Scandal Culminates in Class Action Lawsuit"
"More than 75,000 individuals have already lost their Internet domain names registered through RegisterFly.com - New class action lawsuit seeks to protect up to a million more from the same fate"
"Yesterday, a U.S. District Court judge unsealed a class action lawsuit (case #07cv00188) against Internet domain registrar RegisterFly along with [...] ("ICANN"), among others."
"ICANN mulls registrar changes after RegisterFly debacle"
"That way, in the event of a registrar meltdown, ICANN, which manages and oversees the Internet's domain name system, could access the customer data and help customers switch to another registrar."
Never underestimate the power of ICANN and those three contracts it drives between itself, the registry and the registrar.
Link | Posted on Sep 23, 2016 11:47 AM PDT by Charles Christopher
>RO pays the escrow provider, not ICANN.
If a registrar uses ICANN's escrow agent, Iron Mountain, then ICANN pays.
We looked at what it would take to use someone else. For all intents and purposes there is no choice for a small registrar like ourselves. If we don't use Iron Mountain then we must pay.
Academically speaking, registrants and registrars pay the bill though the "ICANN taxes" we all pay. However to the point you are making, ICANN receives the bill from Iron Mountain and cuts the check to them not us ... ICANN moves the money from our pockets to Iron Mountains.
Which brings up the obvious issue that as bureaucracies grow so to do the taxes they demand .. Despite having the better part of a billion dollars in cash in the bank right now.
>ICANN does not say "this website belongs to x and not y", right?
This is the very purpose of the ICANN escrow. This is why I said the history of the ICANN Escrow system came from RegisterFly STEALING ITS REGISTRANTS DOMAIN NAMES.
To be fair and tease this out a bit, the registrar is managing ownership in the real time sense, but ICANN sets up the safety net to stand in for the Registrar. ICANN states this as the Escrow data "only" being for the purpose of Contract termination, but one needs to look back to history of what "termination" meant that lead up to the creation of the requirement. Contract Termination includes nefarious behavior, such as in the case of RegisterFly ... A registrar STOLE its registrants domain names. As one of the people affected (They tried to steal 2 of my domain names) RegisterFly did this by changing the Whois data to a .EDU email address and also change the physical contact info.
Thus "ownership" data was the very tool used to steal the domains, and thus ICANN came in with what they considered "authoritative ownership" data, which we call the ICANN Escrow.
Lets step back to the view from 30,000 feet and let you know I have been involved with domains since 1999 both as a registrant, registrar, and I also provide some consulting services in the domain industry. We in the domain / internet industry have our own language, just like any other industry. Yes, when folks like Cruz and lay folks *TRY* to communicate their concerns they will misuse our language and we can be pedantic about it and reject them entirely for their language misuse. But that does not change the fact that underlying that which they are trying to express are real concerns. And those concerns are shared by people who have been in this industry for a very long time.
From the beginning was the transition intended to occur during this years election? I doubt it.
"this little thing called the Internet ... makes it much harder to govern."
- Secretary of State John Kerry
"...in early times, it was easier to control a million people"
- Zbigniew Brzezinski
Could the transition have an effect on the elections process this year? With nefarious folks like George Soros pushing hard on Nationwide Internet Voting right now, I am open to the possibility that this could happen even though I can't present to you how it might happen .... But unlike Kerry, Brzezinski, and Soros, my mind is free from planning how to control others ....
And I also feel that paper ballot should NEVER have been taken out of the voting process (see BlackBoxVoting.org), as wonderful as the internet is there are situations where it should never be applied.
Link | Posted on Sep 23, 2016 8:25 AM PDT by Charles Christopher
As former staff of a Registry Operator, I was fortunate never to have to dig into escrowed data, BUT the RO pays the escrow provider, not ICANN. ICANN does not say "this website belongs to x and not y", right? It would be a wholly different organization if it did that sort of thing. This is the role of Registrars and ROs (as needed).
There are a number of ICANN contracts that require certain behaviour and limit other behaviour. This is not at all the same thing as Ms Payton suggests that you would "go through ICANN" to reassert ownership. I have helped folk "re-assert ownership" and nowhere was ICANN directly involved.
Link | Posted on Sep 23, 2016 12:33 AM PDT by McTim
As an ICANN registrar, I would point out that there is a triangle of contracts; ICANN/Registry, ICANN/Registrar, and Registrar/Registry. Those contracts are directly driven by ICANN. Thus is some sense you can make some of the arguments you are, but only because ICANN's influence it not obvious to the masses. That is in addition to those three contract we also must require a contract with the registrant that came from requirements of those three contracts ... ICANN's influence is more significant than your comments suggests.
>ICANN plays NO role in ascertaining rightful "ownership".
Incorrect. The incident with RegisterFly long ago resulted in the creation of the ICANN escrow system who's very purpose is ICANN's ascertaining rightful "ownership" when the need arrises. As one of the registrants that RegisterFly tried to steal 2 domain from, I have in depth understanding of what actually happened and how ICANN reacted and why. In fact this very incident played a role in my becoming a registrar as it became obvious that I wanted to in effect remove the registrar/registrant contract from my domain names and be able to hold ICANN and the registry directly accountable for all contractual issues that come up.
The downside of the ICANN escrow system is that its illusion is to protect the registrants from nefarious registrars. But in fact the ICANN escrow system only protect registrants from honest registrars. Basically nefarious registrars may submit privacy whois rendering the ICANN escrow system useless.
>At the moment, the United States cannot be sure that responsible parties will
>be held to account for hacking today.
I think the word "hacking" means one thing to you and me and something else to the masses. I think this is more of a catchall term to the masses. Proceeding on that assumption, certain nefarious uses of domains do lead to components of the contracts I mentioned above. For example on the one hand ICANN's contracts with registries require "equal treatment" of the domains and registrars. Yet this denies appropriate action when one does something very bad. Thus ICANN's contracts allow actions that would be required in some cases, such as removing a domain from the zone file because of nefarious use; bot, malware, etc.
In the broader scope, it is true that tech always leads regulation and so regulation will never be a successful tool to deal with technical issues such as hacking. The best it can ever do is make the cost of being caught so high that nobody does it. But to suggest there is no contract influence is not correct.
For example we just received notice of the new whois service that we are required to implement by February of next year. This system will standardize the whois interface making it easier to harvest data, which means its easier to hold registrants accountable ... Except those using privacy whois ... Thus again we have a generally ineffective response, but the issues mentioned where motives for the changes even if not as direct as the OP suggests it is.
Link | Posted on Sep 21, 2016 6:49 PM PDT by Charles Christopher
>In other words, the unintended side effects of a failed IANA transition, could be the
>emergence of new borders in the global cyberspace with national Internet segments,
>and alternative Internet roots.
You mean like this, that has been going on for over a decade:
Fact is ICANN's expansion of nTLDs creates less chance of root splitting since there is less chance to be sure who would win the contention. In fact ICANN's entries would require a user to change their DNS servers to access the contention, it would be easier and cheaper to submit to the ICANN nTLD process than get users to change those settings.
Fact is innovation / creativity has been at war with regulation / rationalism since the first human being wanted to do something different than the rest of his clan expectations / "regulations". The internet itself is an ideal example of this dynamic at work, the "wild west" of its origins was the reason it grew so fast.
Being different is the heart and soul of innovation.
That will NEVER change, and bureaucrats will NEVER accept that reality as it does not benefit their pension checks ......
Link | Posted on Sep 21, 2016 12:27 PM PDT by Charles Christopher
When I get one of these (and they are thankfully very rare these days), I just delete it. If it is from someone to whom I really want to communicate, I may try some other messaging channel. Or not. I agree they are foolish.
Link | Posted on Sep 20, 2016 5:36 PM PDT by Dan York
I haven't seen enough altruism on the part of those state agencies to credit the idea that they're running attacks for beneficial purposes. It'd be nice to think they were, but supporting evidence is nowhere in the record.
There's another possibility: they're not probing current capacity to mitigate attacks so much as how quickly core infrastructure can respond to increases in attack strength and how fast the capacity to mitigate attacks can be expanded. That would let an attacker judge whether they were keeping ahead of the defenders in terms of attack strength and spot areas where the core infrastructure suffers from an inability to increase it's defensive strength quickly. That kind of strategic analysis is a bit too subtle for conventional criminal operations, but it's exactly the kind of thing I'd expect from military and intelligence organizations. And with the global reliance on network connectivity for financial and economic operations, I'd imagine the ability to without warning disrupt a country's economy and banking systems would be exactly what any general would love to have on tap to throw an enemy off-balance just before an attack. Or an intelligence agency would love to have to disrupt a country as part of an attempt to influence it's policies. If in the process they can force an opponent to spend resources building up defenses that can be overwhelmed, well, that's resources that opponent can't spend on offensive capability or other more effective defenses.
Link | Posted on Sep 19, 2016 10:01 PM PDT by Todd Knarr
Due to a transmission error, the confirmation of one signatory was received only on September 16th, 2016.
The list of signatories should now include:
Mr. John Danilovich (United States)
Ambassador (ret.); Secretary General of the International Chamber of Commerce
Link | Posted on Sep 17, 2016 1:17 AM PDT by Jean-Jacques Subrenat
Alliance for Safe Online Pharmacies may be a non-profit but it is funded - and is relatively open about it - by large pharmaceutical companies and U.S. pharmacy trade associations. The Internet community can certainly help protect patients without curtailing online access to affordable medication. Please read a more progressive approach on these pages: http://www.circleid.com/posts/20160912...
Link | Posted on Sep 13, 2016 6:38 AM PDT by Gabriel Levitt
Protecting patients from dangerous prescription drug-selling websites is the right thing to do but that does not mean bestowing moral credibility on "non-profit" groups that are funded almost entirely by pharmaceutical companies and U.S. pharmacy trade associations. Please read my article on these pages for a more progressive paradigm of Internet governance and online access to medication - one that recognizes high drug prices as an obstacle to patient safety.
Link | Posted on Sep 13, 2016 6:31 AM PDT by Gabriel Levitt
Are "basic obligations" an option that can be handled by Neustar in your new gTLD offer?
Link | Posted on Sep 12, 2016 11:56 PM PDT by Jean Guillon
I thought your analysis was fair and some criticisms of your viewpoint unfair. I work in the domain industry. Most of my friends and family are unaware of the new TLDs. I agree that "some" trademark lawyers are ignoring the new TLDs. I've done an analysis of several large corporations who failed to register relevant new TLDs in their line of business. On the other hand I see a good number of brands utilizing their dot brand, although they have not used them in mainstream advertising. Hoping this changes soon. Once a big brand launches a widespread ad campaign using a new TLD, public awareness will grow and other brands will join in the fun. See brandtld.news/active-brand-tlds/ for a showcase of active dot brands.
Link | Posted on Sep 12, 2016 9:29 AM PDT by Andre Forrester
Excellent question !
We asked also similar one on our new page:
Link | Posted on Sep 11, 2016 1:37 PM PDT by Guillaume Pahud