Posts Tagged ‘dns’
The Internet and the Web are continuing to expand at exponential rates. When the board of the Internet Corporation for Assigned Names and Numbers opened up a whole new world of names for Internet addresses with its historic vote in June 2011, new gTLDs and their implications for users became extremely important. This session explored the Internet users’ experiences that might be expected as the Domain Name System (DNS) is prepared to under a massive expansion, adding hundreds or even a thousand new gTLDs to “allow for a greater degree of innovation and choice.”
Details of the session:
Every time an individual pulls up a webpage the Domain Name System is used. Moderators and industry leaders who met at an IGF-USA 2011 workshop say changes announced by ICANN this summer will bring new challenges and opportunities. Generic top-level domains, also known as gTLDs were previously quite limited. They included .com, .info, .net and .org. On June 20, 2011, the board of the Internet Corporation for Assigned Names and Numbers (ICANN) voted to allow companies and organizations to choose any fitting suffix for their domain names. The new gTLDs will be operational in 2013. Among the likely names are .sport, .bank and .app.
The moderator of the event was Frederick Felman, chief marketing officer for Mark Monitor, a major domain management company based in the United States. Panelists included:
- Suzanne Radell, senior policy adviser in the office of international affairs at the U.S. National Telecommunications and Information Administration
- Amber Sterling, senior intellectual property specialist for the Association of American Medical Colleges
- Pat Kane, senior vice president for naming services for Verisign
- Jon Nevett, co-founder and executive vice president of Donuts Inc. and president of Domain Dimensions, LLC, a consultancy on domain name issues
- Brian Winterfeldt, partner at the Washington, D.C., law firm Steptoe & Johnson, where he is a member of the intellectual property group
- Ron Andruff, president and CEO of DotSport, managing the new top-level domain .sport – http://www.dotsportllc.com/about
Details of the Session
The panelists speculated that as few as 500 and as many as 2,000 domain names could be added in the near future as ICANN opens its application pool up in January 2012. These new names can range from generic names like .pizza, brand names like .apple or geographic names like .London.
“Sports is one of those unique things,” he said. “Like music, [it] transcends borders, transcends languages, transcends cultures. It is relevant.”
It is important that we allow multiscript applications so we can reach all people of all languages, he said.
ICANN’s decision to open up the applicant pool is still relevantly new to the general public, which could lead to confusion, said Felman.
But the general population is beginning to join in the conversations, Kane explained. But Radell cautioned that the government is very concerned about the potential for fraud and general user confusion. When something goes wrong, people are going to turn to their government to ask why this was allowed to happen, she said.
Members of the Governmental Advisory Committee (GAC) worked very closely with ICANN to make sure safeguards were put into place to protect the users, Radell added.
One audience member asked how something like .bank would affect his ability to access his bank’s website. He questioned how the URL would be structured, and how Google Chrome users, who don’t use a URL at all, only a search bar, would access the sites. The panelists agreed that expectations for end users are still being developed.
Non-profits are another group that could have some trouble with the new domain names, said Sterling. In the past 15 years, non-profits have seen more donations through the use of the Internet, but it has also seen the Internet abused in the process.
Brand owners are concerned about the fraud that could occur in the future with increased domain names and if multiple groups apply for the same domain name, said Winterfeldt. There is mediation through ICANN and brand owners will be notified if their domain is being sought by another company.
Another concern is whether the increase in domain names would lead to another .com bubble and fizzle out. “In essence, whether they survived was not the point, said Hedlund. “It’s about adding competition and how the market responds.”
– Anna Johnson
Internet Governance Forum-USA 2011 Potential-future scenario discussion: Regionalization of the Internet
IGF participants broke into three different rooms to discuss three different, possible potential-future scenarios for the Internet in 2025. In this session, the brief description given to the discussants asked them to respond to the idea of the “Regionalization of the Internet”- a future in which the mostly global Internet we know today becomes more divided, with certain aspects isolated from others based on their geographic or economic similarities. The description noted that, “natural and man-made disasters could easily accelerate this process, leading to an alternate future where the differences between these islands is more pronounced and e-conflict between regions becomes a significant national security and economic development issue.”
Details of the session:
Garland McCoy of the Technology Education Institute and Andrew Mack and Alessandra Carozza of AMGlobal were at the front of the room to facilitate a wide-ranging discussion of the Regionalization of the Internet potential-future scenario at the Internet Governance Forum-USA 2011 at Georgetown University Law Center July 18.
This scenario sets up a divisive future for the Internet. You can read the full description used to launch this discussion in PDF format at the following link: http://www.elon.edu/docs/e-web/predictions/igf_usa/Regionalization_Internet_Scenario.pdf
The key drivers were to consider as causes for regionalization of the Internet:
- National and corporate security concerns and increased pressure from non-state actors based in “failed state” regions of the world.
- Global economic weakness, budget crises and significant, systemic unemployment.
- Shortages of food and raw materials leading to rises in the prices for commodities, food and energy and supply chain/trade disruptions.
- A rising “black market” dominated by narco/political/religious groups with increasing technical sophistication.
- Expansion of IPv6 and the “Internet of things” creates an environment where citizens can be easily tracked within a region and where a market in false identities flourishes.
While it was considered a “bleak scenario” by its participants and moderators, the majority of the discussants in this possible potential-future scenario session indicated that the majority of the outcomes that were outlined are not only plausible, but that some are already occurring, and occurring at a faster rate than maybe previously anticipated.
Scenario facilitator Andrew Mack described the regionalization scenario as unique among the other scenarios presented today in that it is “the only scenario that is actually coming to pass.”
“A good chunk is plausible, said Leslie Martinkovics, an IGF participant from Verizon Communications. “When we’re looking at what’s happening today, there are a series of pressures, some economic, some security related. These are all real. There is a growing feeling that change is coming.”
Security is seen as the paramount concern for many areas of the world, prompting some regions to block certain domains, like the “Great Firewall of China.” The problem is that this blocking process is easily circumvented. George Ou of Digital Society maintained that the “Great Wall” is often considered “porous.” China was mentioned as a key player in the rising challenges facing the argument against regionalization. Other country governments listed as key “players” in the conversation included Brazil, Iran and India.
“Any attempts to isolate, to protect, fail,” said Bill Smith, a participant from PayPal. Attempts at blocking, he said, “are doomed to fail as well.”
The proliferation of the hacking group Anonymous in the Arab Spring was a catalyst for discussion surrounding the viability of regulating such isolated Webs, or “islands,” or whether a more unitary Internet is more desirable.
“In order to dissuade users from building up isolated Webs, it’s important to build up the single, unitary net and make it better,” Smith said.
“The Internet,” said Sally Wentworth of the Internet Society, “is a tool. It is not the cause, it’s an enabler. People want to communicate, people want to create. It’s very difficult to put that genie back in the bottle and carve it up.”
Because there is a fundamental need for communication across islands, it was asserted by a number of participants that regionalization may not even be possible. The Arab Spring, Wentworth and others explained, is an example of an inability to maintain separate communities within the greater Web.
The existence of dark nets was referenced as a refutation of the inherent nature of a unitary Web. Scott McCormick explained that dark nets, which are essentially intranets, have existed for quite some time. North Korea, he contended, is a dark net and has been for a while, with very few people who have access to it. Governments like North Korea’s have opted out of a global, unitary Web, but the moderators and panelists questioned whether that action is truly possible.
“Can you really opt out?” Mack asked. He noted that existing within the metaphorical “castle,” or within the isolated intranet, does not necessarily mean that there is still isolation within the castle itself. And living in the castle does not necessarily guarantee protection.
“If all your people don’t live in the castle, you can’t protect them,” Mack said.
There are technical hindrances to fragmenting the Web. When countries try, they are doing so at the DNS level, not at the IP level, according to McCormick. This is what makes it easy for users with means and motivation to work around the blockages. The introduction of IPv6 will greatly affect the nature of users to navigate those blockades because it will make it much harder to memorize IP addresses, which is the way most users avoid the blockages, McCormick said.
Those in the group in favor of regionalization felt that isolation might make security more plausible and more manageable. Tom Lowenhaupt, who advocates for the development of a .nyc TLD, explained that top-level domains (TLDs) are the way to enable regionalization. Applying security to those TLDs enables a more private, more secure and more manageable, intuitive Internet. Those against regionalization offered that it may open doors to a host of other more problematic issues—the goal is the minimum amount of regulation for the most effectiveness, Smith said.
The future governance of the Internet will be determined by three major players: general users who may not feel a personal stake in Internet governance; the criminal element, like Anonymous, which has a major stake in Internet governance, but that may be undesirable; and a disaffected group that may not feel it has a stake until circumstances start to change. What will come to pass remains to be seen, but the timeline, everyone agreed, is moving far faster than originally anticipated.
– Bethany Swanson
This panel, moderated by Robert Guerra of Freedom House, focused on critical Internet resources and how to ensure that the underlying principles that have led to the Internet’s success persist in the face of security challenges. These principles include openness (open standards, open technologies), accessibility transparency, bottom-up decision-making, cooperation and multi-stakeholder engagement. Key to implementing these principles is also a broadened understanding of the role of the infrastructure providers, such as global and national Internet services/connectivity providers who build and operate the backbones and edge networks. The panel was also expected to address some of the implications for the implementation of DNSSEC and IPv6 on a national basis that contribute to the security and resiliency of CIR on a global basis.
Details of the session:
The Internet’s success well into the future may be largely dependent on how it responds and reacts to increasing security challenges, according to panelists in a critical Internet resources workshop at the IGF-USA conference July 21 in Washington, D.C.
The Internet continues to evolve. It is also growing, as it becomes accessible to billions more people. The major challenge of our generation is to make the Internet more secure while continuing to promote openness, accessibility, transparency, bottom-up decision-making, cooperation and multistakeholder engagement. It is important that organizations continue to retain these values as much as possible as they react to cybersecurity and cybertrust issues.
Panelists at this workshop included:
- Moderator Robert Guerra, Freedom House
- Trent Adams, outreach specialist for the Internet Society
- Matt Larson, vice president of DNS research for VeriSign
- Steve Ryan, counsel to the American Registry for Internet Numbers
- Patrick Jones, senior manager of continuity and risk management for ICANN
- Jeff Brueggeman, vice president for public policy for AT&T
Panelists all expressed a desire to continue to engage in multifaceted talks because a single governmental entity is not the solution; it takes many people working together. As Brueggeman put it, there’s no “silver bullet” for the issue of Internet security.
“What we do on a day-to-day basis is ensure that those conversations take place,” Adams said. “The (critical Internet) resource is not a thing you can touch. You have this mesh of interconnected components that is the critical resource. You can’t pull one of those components out. Everyone must be around that table.”
So what’s the solution? The answer to that question is still a little unclear because Internet service providers and other organizations are often reactive to issues. Brueggeman said it’s time to embrace a forward-thinking approach.
“Things can get complicated when you’re reacting to an attack,” he said. “The best way to deal with these things is to try to think about them up front. How do we detect and prevent rather than react after the fact? How can we have more cooperative information sharing before attacks to try to prevent them and have the best information we can?”
Ryan stressed, though, that not all government is bad. He said citizens and organizations need to think “carefully about what the role of the government is.” But still, there should be a symbiotic relationship.
“There’s become a sense in government policy circles, including in the most sophisticated, that somehow (the Internet) runs on its own and you can’t break it,” he said. “I have news for you: You can break it. We look at government as something that has an increasingly important role because the Internet has an increasingly important role in economies.”
Ryan continued by saying non-governmental organizations have a responsibility to work with governments and to educate the people who work in them. He and the other panelists agreed that an international governmental organization wouldn’t work, though, unless core Internet values are embraced and upheld. They said a set-up that would allow countries around the world to vote on how the Internet is governed would not be a favorable solution.
“Until we get it right,” Ryan said, “I think we’re muddling along rather well.”
DNS issues and DNSSEC
Larson spoke specifically about the security of the Domain Name System because he views the DNS as an absolutely critical Internet resource. “If you don’t have the DNS, you don’t have the Internet,” he noted. He said users can’t truly trust the DNS, though, which is a bit disconcerting because of its necessity.
He supports DNSSEC—Domain Name System Security Extensions—which give users digital signatures (origin authentication) and data integrity. “Once you have that, you can validate data and have a higher level of confidence that the data you’re getting back is valid,” Larson said.
(You can read more about DNSSEC here: http://en.wikipedia.org/wiki/Dnssec.)
He also said that DNSSEC makes DNS more trustworthy and critical to users as more applications—not just host names—depend on it. “We’re going to look back and realize it enabled a whole new class of applications to put information in the DNS,” Larson said. “Now you can trust the information coming out of the DNS.”
Going from IPv4 to a combination with IPv6
Ryan emphasized the importance of Internet Protocol version 6, IPv6, a new Internet layer protocol for packet switching that will allow a “gazillion numbers” vastly expanding the address space online. There is a rapidly decreasing pool of numbers left under IPv4. Ryan said the increased flexibility of IPv6 will allow for the continued growth of the Internet, but it won’t be a free-for-all.
“The numbers we have issued are not property,” he said. “We have a legal theory that’s embodied in every contract we’ve issued. They belong to community. If you’re not using them, you have to give them back. They are in essence an intangible, non-property interest, so over the next couple of years there will be some very interesting legal issues.”
ICANN in action
Jones said ICANN, which recently passed its 10-year milestone, has continued to work collaboratively with the community to take on major initiatives, such as the introduction of internationalized domain names in the root.
“We have taken requests from countries for internationalized country codes and approved 15,” Jones said.
“There’s a huge development in those regions of the world where you can now have domain names and an Internet that reflects their own languages and scripts. That will have an impact as discussion around critical Internet resources continues, especially in the IGF space.”
Physical critical resources
Brueggeman said AT&T has a broader perspective of critical Internet resources because the company is responsible for carrying Web traffic and for the underlying infrastructure, not just involved in issues tied to the DNS. He said the transition to IPv6 is daunting because it’s not backward-compatible. His main challenge has been in outreach efforts to customers.
“We have to deal with a lot of traffic that’s generated as we’re making changes to DNSSEC and IPv6,” he said. “In some cases, you might create some new security concerns, but overall both are important essential transitions.”
Brueggeman emphasized that multistakeholder discussions will be important in the coming years.
“We really need all of the parties who have the direct stake at the table to be part of the solution,” he said. “We need to have the resources handled in a way that promotes openness and promotes interoperability. There’s a huge policy risk of not managing these resources in a multistakeholder way.”
-by Colin Donohue, http://imaginingtheinternet.org
A person walks into a bank with a gun. The town falls silent, the cops circle the bank with their own guns drawn and a silent standoff punctuated by bull-horn-augmented persuasions ensues. Once apprehended, that person subsequently faces criminal charges and most likely, imprisonment. The same consequences must be paid by criminals who carry out e-crimes like phishing and the creation of malware. That is the view of Rodney Joffe, senior vice president and chief technologist for Neustar.
Joffe was part of a 9-person panel discussing E-crimes: Fraud and Abuse in the domain name system at IGF-USA in Washington, D.C., Oct. 2, 2009.
Greg Aaron, key account management and domain security for Afilias, said malware is the most prevalent and dangerous problem on the Internet. Another problem, though it may also be a blessing, is that no one owns the Internet, which means that no one is in charge.
Criminals always seem a step ahead, said Alexa Raad, CEO of Public Interest Registry and board chair of the Registry Internet Safety Group (RISG). Everyone should stop looking after just his or her piece of the pie, Raad said, and instead focus on taking responsibility for other sections.
More inventive forms of fraud are being unleashed on the Web, particularly against social networks, Fred Felman said. Felman is the chief marketing officer for MarkMonitor.
Malicious behavior is an abuse of trust, said John Berryhill, intellectual property attorney. Trust in one another is not a transitive property.
-Ashley Barnas, http://www.imaginingtheinternet.org
The 2009 IGF-USA session description of this panel is: “Critical Internet Resources (CIR) and the evolution of the Internet’s technical foundations are a central theme of Internet governance debates. Three foundational technological changes – IPv6 (the ‘new’ version of the protocol for the Internet); secure DNS (domain name system security) and secure routing – will underpin the dialogue between key experts from the Internet community, business and government. The successful implementation of these technologies can expand and improve the security of the Internet’s core infrastructures, but deployment raises significant challenges for Internet infrastructure providers and policy makers, and has implications for governance arrangements.”
Brenden Kuerbis, operations director for the Internet Governance Project, based at Syracuse University, served as moderator for a panel that included Alain Durand, director and IPv6 architect, office of the CTO of Comcast; David Conrad, VP for research and IANA Strategy for the Internet Corporation for Assigned Names and Numbers (ICANN); Fiona Alexander, associate administrator, National Telecommunications and Information Administration, U.S. Department of Commerce; and Stephen Ryan, general counsel for the American Registry for Internet Numbers (ARIN).
Kuerbis noted that documents drawn up during the World Summits on the Information Society suggest that critical Internet resources should be managed through global agreements.
“In the third year of IGF, control of CIR was raised forcefully by a member of the Chinese delegation,” Kuerbis said.
Going forward, the management of critical Internet resources is likely to become more contentious. – Brenden Kuerbis
He noted the implementation of IPv6 and attempts to introduce more security will complicate the management of CIR.
David Conrad said there are critical Internet resources at all layers of the Internet infrastructure. Not all are being discussed at IGF. “You need electricity, you need IP addresses, routing infrastructure, ports,” he said. “In my experience in the IGF context the focus has only been on a select set of resources – those that are involved in what ICANN does. Electricity is more important than whether or not you can get a domain name. There is a focus on the developed world.”
He added that DNS security and routing are important topics that once again tend to have the policy dialogue centered around ICANN. “It is a place where most of the decisions are made around critical Internet resources – it is a community, just like the RIRs are communities that develop policies in a community-driven, bottom-up process. I encourage you to participate in these meetings.”
Stephen Ryan of ARIN discussed the Regional Internet Registries and their role in CIR. There are five recognized registries located in regions around the world. They were established in the 1990s. He said each “develops policies in its own regions regarding Internet numbering and associated issues.” The leaders of the five registries also meet to set common global policies. The boards are voluntary, and anyone is invited to participate in the process of governing the RIRs. These organizations provide Whois service and assign and give out numbers – IP addresses.
There was some discussion of the fact that IPv4 addresses are being depleted. This was anticipated years ago, and IPv6 is being adopted. “What’s our biggest challenge in regard to critical Internet resources?” he asked. “The numbers resources and the switch to IPv6. The fixed number of IPv4 numbers the free pool of remaining IPv4 resources is small.
Clearly we’re going to have to run IPv4 and IPv6 systems in tandem and that’s going to cause problems. Not many people in America understand IP numbers and that their modems won’t work. – Stephen Ryan
He closed by smiling and saying, “Buy Cisco stock, that’s a tip.”
Alain Durand of Comcast spoke as a panel member who could speak to the CIR concerns of large technology companies.
We are trying to actively participate. The bottom-up policy process has been successful. It has been flexible enough to meet all of our demands and we would like it to go on. – Alain Durand
The depletion of IPv4 addresses is of concern, he said. “If you are a large service provider with many customers and you are growing you are going to be impacted more than individual users,” he said. “We have been concerned about imbalances between the RIRs in the world and that is why we have been participating in RIPE discussions, LACNIC discussions and participated in this process as a member of the community.”
Fiona Alexander of NTIA agreed that too much of the discussion of the World Summit on the Information Society text is absorbed by “people’s preoccupation with the domain name system.”
“The network is so decentralized,” she said in reference to the global Internet and the people engaged in working toward its evolution, “but the one organizing group everyone recognizes tends to be ICANN. When you read the WSIS text it explicitly says there are things beyond domain names. We should look at other things as a national priority and as we go into the global discussion of critical Internet resources.”
She said people in government are recognizing they need to understand the layers of architecture to understand its evolution and address needs.
“As the discussion is progressing in our own government about issues related to Internet or telecommunications you really have to understand the network architecture to make smart policy.
You have to more and more understand the different layers of this network. Governments are listening they are interested in these issues. – Fiona Alexander
She added that governments know the uptake of IPv6 is important. “This is on the agenda of governments,” she said. “Our own government is struggling with this. We are working closely with NIST as we look at these issues – it helps that we are both in the Department of Commerce. It’s one of the things we are looking at as we assess the transitions that are fundamental to the network.”
-Janna Anderson, http://www.imaginingtheinternet.org
UN, U.S. representatives emphasize vital need for international dialogue about the future of the Internet
At the opening of the inaugural Internet Governance Forum-USA, representatives from the United Nations and the U.S. government commended the Internet Governance Forum for its support of multistakeholder discussions and expressed optimism that the group’s annual conferences will continue well into the future at the first ever IGF-USA.
Markus Kummer, the executive coordinator of the United Nations Secretariat for the Internet Governance Forum, and Larry Strickling, assistant secretary of the U.S. Department of Commerce and administrator of the National Telecommunications and Information Agency, expressed their gratitude to organizer Marilyn Cade and other IGF stakeholders for making a U.S. conference possible Oct. 2 in Washington, D.C.
“I’m very impressed with the interest that has developed here not just in quantity but in quality,” Kummer said. “It’s an impressive gathering. This has turned into an enthusiastic endorsement of the IGF as a platform for dialogue.”
Kummer, briefly reviewed the history of the creation and execution of the UN-facilitated international IGF conferences, which have taken place previously in Athens, Rio de Janeiro and Hyderabad, India, and he said more regional IGF conventions are now taking place in cities and countries worldwide, proving the global importance of discussions regarding how the Internet is governed.
“There was a question of what kind of governance do you want?” Kummer said. “Do you want to stick to the traditional form of top-down governance or do you want a widely-distributed decision-making process? In essence it was a decision to continue the dialogue in a multistakeholder mold.”
The U.S. government is now even more accepting of allowing greater international access to the domain name system. Just this week, the Internet Corporation for Assigned Names and Numbers reached an agreement with the U.S. Department of Commerce that affords the nonprofit ICANN greater independence and gives additional emphasis to the international oversight of the organization.
“I was pleased I was able to represent the United States on Wednesday to sign the historic document,” Strickling said.
Strickling, who helped form the new agreement, titled an “Affirmation of Commitments,” said the new set-up has been well received from within President Barack Obama’s administration and members of Congress.
Strickling said the agreement ensures accountability and transparency in ICANN and establishes mechanisms to address security. He said it should continue to increase the “free and unfettered flow of information and commerce” online.
“It contains the U.S. government’s strong endorsement of the rapid introduction of internationalized country codes,” Strickling said.
The ICANN Affirmation of Commitments follows through with the IGF’s mission of creating open and honest international dialogue. Representatives will gather for the group’s fourth global conference in November in Sharm el-Sheikh, Egypt.
The initial mandate agreed upon during the World Summit on the Information Society process stipulated that the IGF would meet yearly for five years, and the meeting in Egypt will be its fourth. Both Strickling and Kummer, though, said they hoped the IGF will be extended.
“There is obviously some need for this kind of gathering,” Kummer said.
Strickling added that President Obama supports holding more IGF conferences both worldwide and domestically.
“The U.S. government supports extending IGF past five years,” Strickling said. “The hope and expectation is that today’s event will be first of many U.S. IGFs that will shape priorities in the Internet governance arena and bring stakeholders together. The Obama administration looks forward to next month’s meeting in Egypt and commends all of you for gathering at today’s U.S. meeting.”
– Colin Donohue, http://www.imaginingtheinternet.org