wearing my worked-on-p3p-for-years hat, jurisdiction matters.
how this translates into operational issues is:
whois nonsense
sld namespaces
deresolution (upon local rule) process
pricing and non-cash predicate and post-conditions
moronic (or not) primary ge
> >I don't know if it is the repeated "ICANN can't be trusted / is corrupt"
> >messaging, or the sensitivity of the .NET "rebid" (aka VGRS deregulation)
> >that got the prompt action --
>
> It's more that ICANN has figured out that registrars are where all
> their revenue comes from, and if they
FWIW, we did a "Major Protest" at the Rome meeting about Sitefinder and it
took Vint months to come to the conclusion that it (interposition on the
lookup error semantics) was not just a business decision.
I don't know if it is the repeated "ICANN can't be trusted / is corrupt"
messaging, or the
ICANN's announcement is at:
http://www.icann.org/announcements/announcement-08jun05.htm
See also:
http://icann.org/tlds/dotnet-reassignment/net-rfp-process-summary-08jun05.pdf
And so much for that.
Eric
Apparently DENIC is more qualified than Afilias to not run the .net
registry.
http://www.icann.org/tlds/dotnet-reassignment/net-rfp-finalreport-issue4-27may05.pdf
as i've mentioned previously, when proposing a work-around for the mess
that a blind use of iso3166 causes for territorial jurisdictions, jon and
i were talking about using x.121 _in_theory_ to aggregate what i knew then
(and i know still are) technically weak and policy incomplete states in
the a
Howdy all,
Somewhere in this thread there is the issue of description of data
collection practices, and for those mammals who care (see "Ice Age"
with someone under 10 if you need help decoding that), you can do
the following:
Review the latest working draft (4 January 2005) of the P3P Spec
http
> Supporting "IDN" is a necessary job. That's been made clear to the
> Internet community. If it "complicates" things, well, then that's
> what has to be done. If the Internet is to be global, it can't
> restrict the world to just a few convenient languages.
Not to quibble unnecessarily, bu
howdy,
if anyone from gilat (or its northamerican downstreams) is on-list,
i'd appreciate a contact.
tia,
eric
>are you -REALLY- arguing for the return of "finger" ??
If it gets the user a brown fizzy drink ... it can't be a completely bad idea.
Rodney,
Can you compare the past out-reach exercises and the present one?
You know, process and outcomes.
I'm thinking of the process and outcome of the MITF exercise of 2002/3.
It is now seven years since the issue of appropriation of tribal names
was brought to the attention of the ICANN BoD
A friend in St. Paul left me a comment:
Irritated Comcast customer from St. Paul here. I'm just glad I
didn't wait until Friday to e-file my taxes.
Eric
Howdy all,
"Because it is indisputable that the 'poor state of network
security' creates an imminent risk of irreparable injury...
plaintiffs request that this court disconnect from the Internet
and shut down each information technology system which houses
> and, instead of "polluting" the list with tech news
> snippets, post them to a blog.
...
> Can I get a Hallelujah?! :-)
not from me. makes as much sense as turning nanog into a web-access only
mail sink. i liked your news items. and sean's. i wouldn't have known to
go look at the iraqi network
Its between the CORE SRS and the NS SRS. Now if your position is
that NS is inerrant, and by assertion, the failure lies somewhere
else, fine. Who cares?
Ed,
The occasional connectivity problems with Neulevel of March 31st persist.
Eric
> But my recent post was not "against" (or "for", for that matter)
> Verisign. I am just disappointed that ICANN did not have the integrity
> to select a company that is _truly_ independent to judge the
> applicants.
In the prior round ICANN picked a company doing non-trivial business with
th
> >ICANN Opens Public Comment Forum on .NET Evaluators' Report
> >29 March 2005
/dev/null.
> Anyway, DENIC's offer didn't match that of Sentan ...
funny, the first item of work email i read today was this:
the Neulevel SRS is currently down, .biz registrations are
therefore not possible.
We will inform you as soon as the registry is online again.
your metric
That's milder than the critique offered by SWITCH in the last round.
Paul,
I worked with Houlin Zhao extensively during 2001, and met with him again
at the Rome ICANN meeting. He's a smart guy.
Eric
Oki all,
A summary of the report and a link to the full report can be found at:
http://www.icann.org/announcements/announcement-28mar05.htm
So now you know. VGRS, NS+, AF, ranked 1, 2, 3; DE and CORE ranked 4 & 5.
Eric
nuance.
> ICANN Blames Melbourne IT for Panix Domain Hijacking
ICANN's current RAA (Registrar Accreditation Agreement) lacks a profound
amount of teeth.
If it had any, that is, if "ICANN Blames " ment
anything, Domain Registry of America' (remember them) registrars (note the
plural) would be on
> 1) unenforcable old blue laws similar to how Native
> Americans need to be escorted by police in
> Massachussetts (i.e. they never got around to fixing
> old bad law, but noone cares anymore)
Actually, Indian towns were goverened by Blue Laws up the second half of
the 20th century. Not every la
Oki all,
Over the holidays I had the opportunity to pick up some pin money experting
for a case involving just this business model and the media ignored sides of
some rather well-known persons who work the church markets in the US.
> > that's EASY: there is hyperconcern for the welfare of
> > ch
Bill,
I'll be happy to contact the IT and/or policy people at any or all of the
Tribal Governments who's jurisdictions are surrounded by, or proximal to,
those of the state of Utah.
(a) They could use the business, just like anyone else, and (b) they are
not subject to Utah's state law (and befo
thanks steve. i'm distracted. just got bit by red lake.
Could someone find out what the actual mandated requirements are? At one
point it sounded a lot like just putting PICs lables on published URLs.
> | If HB260 is approved, it would require that Utah-based companies
> | begin rating their sites for [... cryptofauna].
Oh. So its just PICS.
If it was P3P I'd be more interested, but as it is (or appears to be at
a very great distance) PICS, yawn.
hinderence,
depending on perspective) drop me a line.
Eric
--- Forwarded Message
Message-Id: <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Date: Fri, 04 Mar 2005 13:05:46 -0500
From: Eric Brunner-Williams in Portland Maine <[EMAIL PROTECTED]>
X-Virus-Scanned: by amavisd-new a
> > > Former chief privacy officer of Gator has been appointed to the Data
> > > Privacy and Integrity Advisory Committee of the Department of Homeland
> > > Security.
> > >
> > > http://www.salon.com/politics/war_room/2005/02/23/gator/index.html
>
> as president bush (jr) said on tv in the days
> And infocom was shutdown by the feds for terrorism reasons.
The DOJ advanced three claims: an INS claim, an exports rule infraction
claim, and a charity-linked-to-Hammas (a/k/a "terrorism") claim. The 1st
was dismissed, the second obtained a precedent-setting convinction and
an unprecedented se
Oki all,
I suppose I should update what I have up at {nic,noc}-iq.nic-naa.net.
At the Rome meeting I spoke (open mic) to the ICANN BOD about the issue.
That was a year ago.
A week before the Asian Tsunami David Cuthbertson wrote to me and asked
about the delegation. He works for Adam Smith Inte
Howdy Paul,
rgid:id:domain
ENOM:048:SAFE-KEYNET.com
YESN:100:CITIFINANCUPDATE.com
YESN:100:WAMU4U.com
YESN:100:WAMUCORP
>From prior experience I don't see anything novel. Yup. Real domains, and
possibly real certs.
>From my last go around with Vint, if I were of a mind
to, I could sell bulk to
Oki all,
I wasn't going to discuss this because it is potentially confusing,
but as we're ratholing on registrar lock ...
---
Some 60 plus days after a party acquired a domain, s/he initiated an
"UNLOCK" at the user interface of the operator that had arrainged to
acquire this particular domain.
> The problem that got us here was that registrars have
> historically been not flexible enough at releasing
> domains when the owners *did* want to transfer them.
George,
The point I tried to make in my prior note was that not all domains have
the same temporal property of non-functional change
Sorry about the subject line. I switched horses in mid-stream.
Bruce,
> I am interested to hear what members of the NANOG list believe would be
> a better transfers process.
Non-functional changes of operationally significant configuration data
is avoided. My thumbs are as thick as the next person's.
I'm quite happy to buy a decade's worth of name, even
Paul,
I ment to refer to the registry operator who operates the constellation of
nameservers for the .com zone, and wrote something else. I'm going to press
my red ears (both) to the copious available ice.
Eric
> Netblazers were fine except the Telebit lied about the SYN35 card
> being usable with a T-1.
uh, the test lab used T-0 (56kb) for the syn interface, so integers
greater than 0 would be ... creative on someone's part, and TB mktg
could be just as creative as the rest of the XX mktg golf pros.
> My recollection of that show was "T-1 to BARRnet", not
> bonded-Netblazer-dialout, but I didn't "work the show" until the
> following spring, so my recollection could be at fault.
Hey Robert,
Correct, but we stuck in the NB because the funtional principle (demand
dial and route) was distinct.
> There seems to be a general lack of IETF design and review of protocols
> in this crucial area.
The IETF does not design and review propriatary protocols. VGRS published
the RRP specifications.
I'm always interested in EPP technical minutia.
Eric
> For what it is worth, some consider the .de whois server broken; see
> below. Let's note that the new RFC (3912) doesn't mention the "help
> methodology" anymore.
In the high stakes game of registry redelegation, with .org as a data point
and the new gTLD competition (winners: [info,biz,name,
Bill,
> The Registry is the party that must revert the data to the previous
> state. For the stability of the Internet, it must be done as quickly
> as possible before old correct caches time out. Therefore, that's
> where the penalties should apply.
Agree. This is a solution to the publicatio
> (And I was serious, not sarcastic, about the 'blazer. YMMV,)
Martin,
That's OK, I never got work for a router vendor after that, a solution
that I've now completeley generalized, having discovered a trivial but
obscure and beautiful technique, as any good mathematician must.
However, since I
> You may or may not think Verisign as registry is blameless / disreputable
> and to blame for this incident.
There is causation for incoherence between the authoritative and
non-authoritative nameservers for a particular data set.
> You may or may not think the gaining/losing registrars are bl
Gadi,
> The question that comes to mind is - what do you do to be prepared?
Well, for a start you can put a comment into the ICANN comments on
the new xfr policy. I did earler today. Next, you can, as some today
did, decide that cache trumps authority under some conditions, and
ensure that cache
Chris,
CORE was neither the losing nor the gaining registrar. Please acquire
context.
Eric
IANA-439, and CORE-124
The outcome I expected when Bruce got involved.
--- Forwarded Message
From: "Bruce Tonkin" <[EMAIL PROTECTED]>
To: "Eric Brunner-Williams in Portland Maine" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconve
It isn't just that the root operators are silent.
On the registrar's list there has been only five items on the subject.
1 Mark Jeftovic (easydns) who is on NANOG, copying the RC list.
2 Ross Rader (tucows) who is not, blowing it off,
no delta between authoritative and cachi
Oki all,
I was interested in a policy I came across recently at a cctld registry.
If a domain has no (or few for some value of few) hits over some period
of time post-registration, the registry will recover the string and let
another user acquire it, and presumably actually use it. So if t = 3m,
Gentlemen and Ladies,
I concur with the view expressed by Bob Fox (IANA-134), that the
"current method only favours Verisign and crooks."
The hijacking of panix.com, and the post-hijacking response of VGRS,
which could unilaterally act, but choses not to, for its own reasons,
and MelburneIT, wh
Oki all,
Delivery of RC mail to me is fairly desultory. Apparently there is an
earlier thread. Post-Rome the very purpose of the RC seems to me to be
doubtful (advocacy for registrars other than NetSol+4), and post-Elana
the process of the RC left me disinterested.
I'm particularly enamored by R
Oki all,
Its dawn in Maine, the caffine delivery system has only just started,
but I'll comment on the overnight.
You're welcome [EMAIL PROTECTED] If you'll send me the cell phone number
for the MIT managment I will call wearing my registrar hat and inform
whoever I end up speaking with that Bru
Howdy Perry,
> Alexis Rosen of Panix was on the phone earlier today with the company
> attorney for melbourneit -- reputedly he was informed that even if the
> police called, they would not do anything about the problem until
> Monday their time.
(a) I don't know MIT's attorney, and (b) I wouldn
> If I were Panix ...
Free advice. Bruce, Cliff and Chuck are people. Yes, even Chuck is a people.
You want prompt service, you ask nice and you ask the right people and you
don't assume there are facts not in evidence, like errors or malfeasence,
when you could be solving the problem, before th
I've forwared to Bruce Tonkin, who I know personally, at MIT,
and Cliff Page, who I don't know as well, at Dotster, Steve's
note. These are the RC reps for each registrar.
> The current pretense of "privacy" is nothing more than a convenient
> mechanism for registrars to pad their wallets and evade responsible
> for facilitating abuse.
As an aside, I used a (wicked big) competitor's "privacy" service to
regsiter a domain for a political worker who wanted to whistle
> Because there is no data protection on many databases (such as ".com"
> registrars who are forced to sell the data if requested), people lie
> when registering, because it is the only tool they have to protect
> their privacy.
Yup. Our ICANN contracts both require us to sell bulk registrant dat
> Of course, I know that. I just mentioned Africa because, in many
> countries in Africa, it is simply impossible to get a PTR
> record. That's a fact, there are many reasons behind.
Howdy Stephane,
It is also an area where many cctld operators maintain their registration
data using spreadsheets
Taking your comment in reverse order.
> Or, alternately, you're simply saying that those who care about net
> abuse are shackled by ICANN's bylaws and therefore we can do nothing.
I don't think you have a monopoly on "care" (or clue) about net abuse,
but it is pretty clear that you're not tall e
> Why is it considered such a crazy proposition that domains should have
> valid and correct whois data associated with them?
There is no relationship between data and funcion. The data is not
necessary to implement function-based policy.
> Bah. You're saying that you're uninterested in discussi
> I suppose it depends on how you define 'unpublished'; and how you define
> 'non-resolving'.
Your opening remark was that policy foo must be applied to all domains.
This doesn't accomplish anything for the set of domains that will never
be published (registry reserved strings), nor those that a
> Numerous (as in "at least hundreds, probably more") of spam gangs are
> purchasing domains and "burning through" them in spam runs. In many
> cases, there's a pattern to them; in others, if there's a pattern,
> it's not clear to me what it might be.
>From my point of view, "pattern" is which r
> Why would it matter if you deactivated an unpublished/non-resolving domain?
How do "you deactivate an unpublished/non-resolving domain"? You may borrow
a registrar or registry hat if that is useful to answer the question.
> If you care about the domain, keep the whois data up to date and accur
> 4) all domains with invalid whois data MUST be deactivated (not
>confiscated, just temporarily removed ...
All? Even those unpublished and therefore non-resolving? Sensible for the
scoped-to-totality trademarks weenies who argue that the stringspace is a
venue for dilution, whether the regi
I first read their report on blogs ... We're holding the Koufax Awards _now_
for lefty blogs, so we're about as root on the left hand side of the radio
dial as one could hope for. It wasn't worth reading twice.
Turning to the Pew vetted punditocracy, I went to the questionaire. Q9a got
the belly
Off list please.
A user issue. Sensetive.
Got (soy) milk?
The WaPo writer's take on cookies is ... not mine. Then again, I wrote the
cookie portions of the P3P spec and was "inside" the meetings between M$'s
IE team circa IE5.5 pre-fcs and the (other) IAB (the word is "Advertizers")
and the P3P tech and policy teams.
I worked for Engag
Agreed. Both Copps and Adelstein are worth reading.
http://wampum.wabanaki.net/archives/001512.html
a related problem is having N ip addrs bound to M nics on a host, where N > M.
if an ssl connection fails and debug is needed between the M:N:host and some
other ssl-speaking box, then it makes a difference if the ssl connection is
associated with the primary, or some aliased (set N-1) ip addr. c
Oki all,
FYI
Eric
--- Forwarded Message
Return-Path: [EMAIL PROTECTED]
Delivery-Date: Tue Dec 14 15:07:09 2004
Return-Path: <[EMAIL PROTECTED]>
Received: from TheWorld.com (pcls3.std.com [192.74.137.143])
by nic-naa.net (8.13.1/8.13.1) with ESMTP id iBEF78Cm009901
for <[EMA
Rich,
You have an opinion, but I'm unable to detect a basis for that
opinion.
Allocations of string-space do not give rise to control over any
resource other than (conditionally) the string.
Publication of association(s) between strings and addr
In an earlier episode I pointed out to the list-resident VGRS person that
the dynamic properties introduced for one marketing purpose would have a
consequence in another problem domain, but no point revisiting that issue.
[EMAIL PROTECTED] (Peter Corlett) wrote:
> There's some awful tinpot domai
Oki all,
A month ago today Gadi was looking for a contact at US .mil, this morning
I had the same need, as a node in the nipr.mil playpen was a major player
in a 100+ node ddos directed at a web blog customer we host -- it had a
high rate of fire, accounting for over 20% of the total POST methods
Oki all,
Anyone know what the story is for this morning's multi-hour unscheduled
down-time for blogspot? Backhoe's surround building 5? (oops, showing my
age).
TiA,
Eric
This just made reuters:
http://www.reuters.co.uk/newsArticle.jhtml?type=internetNews&storyID=6281153§ion=news
I'm looking for operational status information from Grenada, Jamaica,
Grand Caymen, and Cuba. Anyone with clue drop me a note off-list, I
will post a summary.
> It would only be useful if those people were also in a position to
> vigorously defend said patents when (and if) they were infringed.
assign the patents to icann, to the eff, to the registrar constituency ...
> ... Reston is Hell, but with better visuals.
I'm not certain of the truth of this comparison, having only half the data
at hand. However, it has to be just about the least interesting place on
the whole Eastern seabord to travel to.
so ... mark lottor's your-machine-room-is-melting thermo+modem circa 1990
is what? prior art?
I don't want to digress into a spam-l or asrg standard thread, but I do want
to point out the similarity of what I think are ad networks that manage
sets of write-engines (aka "zombies") in the blog-spam (http) problem space
with the canonical abuse-desk/xdsl swamp meta-thread on nanog.
I'm obser
Richard wrote:
> ... the return path provides ...
This was where I ended up also. As Barry and others have discussed on the
asrg, the write-side is throw-away assets. The "return path" is where the
persistence of the names used is greater and the value to the scheme is
realized.
and Randy wrote:
> In other words, Verisign is unhappy that spammers are now registering
> primarily .biz domains and Verisign is no longer getting getting share
> of their business?
Do you want me to answer that wearing my hired-by-NeuStar-to-write-.biz hat
or my fired-by-NeuStar-for-trying-to-policy-.biz hat?
Mark,
I've been looking at spam in blogs, that is paxil et al domain names that
are POSTed into blogs as comments.
An example (from http://wampum.wabanaki.net/archives/000794.html, a post
on this very subject) follows this reply to you.
Some number of URLs are presented to engines that index th
> the primary beneficiaries of this
> new functionality are spammers and other malfeasants,
I think this is a true statement. I think it is important to keep in
mind that registry operators "compete" for TLD franchises, and where
those "competitions" occur, this statement is not belived to be tru
To pick on one bulk political mailer, Kintera.Org, mail from
[EMAIL PROTECTED]
contains a tracking gif, a 1x1, within the html portion of a multipart MIME
payload. Voila:
http://www.kintera.org/omt/70069677.gif'>
Yes I've kevetched to the Kucinich campaign that putting tracking gifs in
Two weeks ago at the Rome meeting of ICANN I made a proposal informally to a
few other registrars that we look into this.
I'd not heard that AOL was going to do something similar.
Basically, something EPP-esque, so that registrars, a smaller body to define
one, or more levels of "trust", than "u
Anyone from the DOI's Educational Native American Network lurking here
please contact me off-list.
Add Haskell Indian Nations University (and all other BIA schools) to the
list.
[1] http://www.ljworld.com/section/haskellnews/story/164640
Howdy folks,
One of the hats I wear is owner of the triballaw mailing list, and with that
comes other things. The BIA's network got shut down again for profoundly bad
operational practice, which of course can't be fixed by the application of
clue, as that would imply wrongdoing, lack of clue, etc
> > > net-co-op.org. ...
> >
> > Oh come on, what was .coop for if not this? :)
>
> People in the poultry business? :-)
chicken.coop was sought for by many, myself included.
The Director, Co-op Business Development and Member Services, National
Cooperative Business Association, and I are now
Janet,
Since your note earlier today there have been just under 200 fetches of
the html.
I've written to Byron Henderson and asked him to help me with the coop
formation. He and I worked on the .coop sTLD proposal, and as I mention
I discussed member-owned colo coop with Carolyn Hoover of the NC
> > I'll take "the right customer base" for $50 please Alex.
>
> which is NOT the current dsl/cable-modem user, obviously?
Correct.
> > Rick Adams and Mike O'Dell had an idea in 1987. How is this any different?
> >
>
> mumble, mumble giant telephone company mumble mumble... In all
> seriousness
> a suitably snarky "don't hire these top network engineers to maintain
> your fleet of windows boxes" message) could be displayed on the
Is this an opt-in list? I'd like to opt-in. Now. Nu. Proto. A lifetime ago.
> Certianly the point central to your arguement is that with the right
> abuse-desk to customer ratio AND the right customer base, things could be
> kept clean for smtp/web/ftp/blah 'hosting'.
I'll take "the right customer base" for $50 please Alex.
>
Oki all,
Apropos of plaintive discussion by gTLD registries about repurposed
ccTLDs such as .{bz,cc,md,pw,tv}, I asked Paul Twomey during the 1st
open mic hour about the current status of .iq.
The net of the response was "we know less than you do" and a longish
and booring statement that got rea
http://fightwls.com/
> Verisign is really two entities wrt .com/net - it is the registry and the
> registrar.
Verisign Registrar, aka Network Solutions, was sold off to Pivotal Private
Equity last Fall.
Other lines of analysis to attempt:
o what are "registry services" and what are not.
o if a "reg
> [EMAIL PROTECTED] (Randall Pigott) writes:
>
> > I am curious what the operational impact would be to network operators
> > if, instead of Verisign using SiteFinder over all com and net, Verisign
> > or their technology partner for SiteFinder began coercing a large number
> > of independent ISP
1 - 100 of 133 matches
Mail list logo