Slashdot Mirror

An anonymous reader shares: MIT no longer owns 18.0.0.0/8. That's a very big block of scarce IPv4 addresses that have become available again. One block inside this /8, more specifically 18.145.0.0/16, was transferred to Amazon.

An anonymous reader writes: BGPMon reports on a recent route hijacking event by Syria. These events continue, despite the ability to detect and prevent improper route origination: Resource Public Key Infrastructure. RPKI is technology that allows an operator to validate the proper relationship between an IP prefix and an Autonomous System. That is, assuming you can collect the certificates. ARIN requires operators accept something called the Relying Party Agreement. But the provider community seems unhappy with the agreement, and is choosing not to implement it, just to avoid the RPA, leaving the the Internet as a whole less secure.

An anonymous reader writes "On 3 February 2011, the Internet Assigned Numbers Authority (IANA) issued the remaining five /8 address blocks, each containing 16.7 million addresses, in the global free pool equally to the five RIRs, and as such ARIN is no longer able to receive additional IPv4 resources from the IANA. After yesterday's large allocation (104.64.0.0/10) to Akamai, the address pool remaining to be assigned by ARIN is now down to the last /8. This triggers stricter allocation rules and marks the end of general availability of new IPv4 addresses in North America. ARIN thus follows the RIRs of Asia, Europe and South America into the final phase of IPv4 depletion."

An anonymous reader writes "On 3 February 2011, the Internet Assigned Numbers Authority (IANA) issued the remaining five /8 address blocks, each containing 16.7 million addresses, in the global free pool equally to the five RIRs, and as such ARIN is no longer able to receive additional IPv4 resources from the IANA. After yesterday's large allocation (104.64.0.0/10) to Akamai, the address pool remaining to be assigned by ARIN is now down to the last /8. This triggers stricter allocation rules and marks the end of general availability of new IPv4 addresses in North America. ARIN thus follows the RIRs of Asia, Europe and South America into the final phase of IPv4 depletion."

wmbetts writes with this quote from an announcement by the American Registry for Internet Numbers: "On 27 April, ARIN placed Delegation Signer (DS) records into in-addr.arpa and ip6.arpa. Now DNSSEC validation will occur from the root down if you properly set up your DNSSEC-aware recursive resolver. For most DNSSEC-aware recursive resolver operators, nothing needs to be done for this change to be in effect as long as you have configured your DNSSEC-aware server to use ICANN's trust anchor for the root zone."

wmbetts writes with this quote from an announcement by the American Registry for Internet Numbers: "On 27 April, ARIN placed Delegation Signer (DS) records into in-addr.arpa and ip6.arpa. Now DNSSEC validation will occur from the root down if you properly set up your DNSSEC-aware recursive resolver. For most DNSSEC-aware recursive resolver operators, nothing needs to be done for this change to be in effect as long as you have configured your DNSSEC-aware server to use ICANN's trust anchor for the root zone."

klapaucjusz writes "Every discussion about IPv4 address exhaustion prompts comments about whether Apple (or MIT, or UCB, or whoever) needs all of those addresses. Interop has set the example by returning 16 million IPv4 addresses to the ARIN pool, extending the IPv4 address exhaustion deadline by a whole month."

darthcamaro writes 'We all know that IPv4 address space is almost all gone — but how will we know when the exact date is? And what will happen that day? In a new report, ARIN's CIO explains exactly what will happen on that last day of IPv4 address availability: '"We will run out of IPv4 address space and the real difficult part is that there is no flag date. It's a real moving date based on demand and the amount of address space we can reclaim from organizations," Jimmerson told InternetNews.com. "If things continue they way they have, ARIN will for the very first time, sometime between the middle and end of next year, receive a request for IPv4 address space that is justified and meets the policy. However, ARIN won't have the address space. So we'll have to say no for the very first time."'

dew4au writes "A reader over at SANS Internet Storm Center pointed out a certified letter his organization received from ARIN. The letter notes that all IPv4 space will be depleted within two years and outlines new requirements for address applications. New submissions will require an attestation of accuracy from an organizational officer. It also advises organizations to start addressing publicly accessible assets with IPv6. Is ARIN hoping to scare companies into action with the specter of scarce resources? This may be what's needed to spur adoption since there appears to be no business case for IPv6 deployment."

Frequent Slashdot contributor Bennett Haselton writes "The Virginia Supreme Court has ruled that the state's anti-spam law, which prohibits the sending of bulk e-mail using falsified or forged headers, violates the First Amendment because it also applies to non-commercial political or religious speech. I agree that an anti-spam law should not outlaw anonymous non-commercial speech. But the decision contains statements about IP addresses, domain names, and anonymity that are rather basically wrong, and which may enable the state to win on appeal. The two basic errors are: concluding that anonymous speech on the Internet requires forged headers or other falsified information (and therefore that a ban on forged headers is an unconstitutional ban on anonymous speech), and assuming that use of forged headers actually does conceal the IP address that the message was sent from, which it does not." Click that magical little link below to read the rest of his story.
The first 20 pages of the decision, which are all about legal standing, jurisdiction, and overbreadth, made my eyes glaze over. I'm not analyzing those at all except to point out that on most of those issues, the lower court came to exactly the opposite conclusion from that of the Virginia Supreme Court, and there is no reason to think that the higher court is any more likely to be "correct" than the lower court (even granting the assumption that there is an objectively "correct" answer to these questions). Any time you feel intimidated by "experts," it's helpful to step back and ask whether the alleged experts even agree with each other.

Page 21 is where the technical stuff starts that we can tear apart directly. The decision says, in talking about the transmission of e-mail:

The IP address and domain name do not directly identify the sender, but if the IP address or domain name is acquired from a registering organization, a database search of the address or domain name can eventually lead to the contact information on file with the registration organizations. A sender's IP address or domain name which is not registered will not prevent the transmission of the e-mail; however, the identity of the sender may not be discoverable through a database search and use of registration contact information.

These are statements that are only true if you play some kind of parlor game to find a way to read them as "true," not statements that indicate the court knew what was going on. To review: IP addresses in the U.S. are generally allocated by ARIN in blocks to Internet service providers and Web hosting companies; these companies then lease the IP addresses to their customers. You can look up an IP address with ARIN to determine which ISP or hosting company has been assigned that particular block, but the ISP or hosting company generally won't tell you the identity of their customer who has leased it from them. And anybody can register a domain, but most domain registrars give you the option of registering the domain anonymously, so that only the registrar knows the owner's true identity. So the court's statement that a database search "can eventually lead" to contact information is correct only if you clarify that it "can" lead there, but it usually won't. As a finding of fact, this is 100% true, and about as useful as "Obama might win in November. Or he might not."

But it's impossible to defend what the court says next:

As shown by the record, because e-mail transmission protocol requires entry of an IP address and domain name for the sender, the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name. Therefore ... registered IP addresses and domain names discoverable through searchable data bases and registration documents "necessarily result[] in a surrender of [the speaker's] anonymity."

Now, there are two possible definitions of "anonymity" to consider: (1) you can be anonymous to the extent that ordinary citizens reading your content cannot determine your identity without a subpoena; or (2) you can be anonymous to the extent that even the government, armed with subpoenas and wiretaps, can never find out who you are. But under either interpretation of the word, the court's statement that "the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name," is wrong.

By default, almost all Internet users are already anonymous in the first sense, even without using forged headers or other tricks in their e-mails. When you send e-mail through your own Internet service provider's mail server, or when you log on to Hotmail and send messages from a Hotmail account, or when you lease a dedicated server from a Web hosting company and use it to send mails, the messages don't contain any more information about your true identity than you decide to put in them. Only the government could ordinarily discover your identity in those cases, by looking at the IP address that the message was sent from, and subpoenaing the Internet service provider or hosting company for the identity of the person using that IP address at that time.

But there are even ways to be anonymous in the second sense -- such that not even the government could identify you -- without resorting to forged e-mail headers. You can create Hotmail and Gmail accounts without giving the providers any of your true information. When you send messages through those services, they pass along the IP address that you used to connect to their Web sites, but you can obscure your IP address as well, by using an anonymizing proxy or a service like Tor.

Elsewhere in their decision, the court indicated that what they really wanted to protect was the right to send anonymous bulk e-mails that were political or otherwise non-commercial. But even by that standard, it's still possible to use Hotmail and Gmail together with an anonymizing proxy (the mail services do impose limits on how many messages each account can send in a day, but if you want to send bulk mails badly enough, you can always sign up for multiple accounts). And if you only care about staying beyond the reach of U.S. subpoena power, you can always sign up for a dedicated host overseas and send the bulk mails from there.

Apart from the court's misstatement that forged headers are the only way to publish anonymously in e-mail, there is the incorrect presumption that forged headers actually do afford anonymity in either of the senses given above. The court wrote, "[T]he only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name." But while it is possible to enter any domain you want in your return e-mail address when you send an e-mail, the court apparently didn't know what it was talking about when it referred to "entering a false IP address." You can't just "enter" any arbitrary IP address when sending an e-mail. If user@domain name.com receives an e-mail, the mail server at domain name.com has to receive the message over a connection made from some other machine, and the domain name.com mail server can always see the IP address of the machine on the other end of the connection. Normally, this machine on the other end would be the mail server of the sender's Internet service provider. Or if the sender has leased a dedicated machine at a hosting company, that dedicated machine would be the one connecting to the domain name.com mail server. Some desktop spamming programs let you turn your home computer into the sending mail server, so that it connects directly with the remote mail server to send the message. In all of these cases, the receiving mail server can see the IP address of the sending machine, so a government subpoena would usually be enough to determine the sender's identity. (I know you all know this, but I have delusions that some helpful clerk will print out this article and explain this to the judge.)

When spammers "enter" false IP addresses in sending mails, that usually means entering made-up IP addresses in headers that are sent along with the contents of the message. However, these would normally only have the effect of throwing someone off the trail who opened the message sent to user@domain name.com and was reading the headers manually. Perhaps they would see some random IP addresses scattered in the headers, would go to ARIN and look up the hosting company or ISP that those IP addresses were assigned to, and would mistakenly file a complaint with that company. But the domain name.com server can always see the true IP address that the message was received from, and for people who know how to read the headers properly, that IP address will be indicated in the headers as the address that connected to the domain name.com mail server to send the mail.

So the court's statement that "the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name" is doubly wrong: because it's easy to send e-mails anonymously without using forged headers, and because forged headers do not in fact provide the level of anonymity that the court said should be protected anyway. The only way to truly obscure your identity by hijacking a third-party IP address without permission, would be to hack into a third party's computer, by infecting a user's home computer with a Trojan horse for example, and using it to send mail. Presumably the court was not contemplating that such an activity should be considered legal, even as a means of sending political speech.

It would presumably be unconstitutional for an anti-spam law to prohibit anonymous political e-mails which attempted to hide the sender's identity -- that is after all what "anonymous" means! You couldn't pass a law outlawing Tor, for example. But the Virginia law doesn't apply to senders merely trying to hide their identity, it applies only to the use of computers "to falsify or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of unsolicited bulk electronic mail" (emphasis added). There is a difference between obscuring one's identity (which Tor and anonymous remailers allow you to do), and actively trying to frame an existing third party by using forged headers to make the mail appear that it came from somewhere else, especially when sending bulk mail, which is likely to generate complaints whether it's commercial or not.

By contrast, the Washington anti-spam law prohibits any mail which "misrepresents or obscures" the origin of the message (emphasis added). This is broader and could be construed to include a wider range of things, such as the use of overseas IP addresses to send bulk mail on behalf of a U.S. company, or the use of anonymously registered domains to hide the sender's identity. It would probably be unconstitutional to prohibit these obscuring techniques for non-commercial anonymous e-mail, which is why the Washington law specifically applies only to commercial messages.

But here I'm getting into issues like constitutional law where different experts might disagree. The clear-cut technical fact is that, contrary to the court's ruling, forged e-mail headers do not provide true anonymity when sending mail, whereas there are other, legal, ways of sending mail that do make the sender truly anonymous.

What is frustrating about the court's misstatements about IP addresses, domain names, and anonymity, is that the judge is obviously intelligent and could have understood the concepts if they had been explained correctly to him. I held some misconceptions for a long time myself about domain names and IP addresses, because the first explanations I read were incomplete or wrong, or I didn't understand them. But the mistakes in the ruling would have been caught if the judge had just showed a draft to an Internet guru and said, "Hey, can you check if there's anything wrong here?" I know, I know, that's "just not done" (and there are probably formal rules in most states against showing a draft of a ruling to a third party before publishing it, even if the third party reviewer is sworn to secrecy, as they should be). But there's nothing stopping the judge from asking a technical expert during the trial, "It seems to me that the only way to publish anonymously on the Internet would be to use forged headers in e-mail. Can you tell me if that's right before I go too far down that line of reasoning?"

I've appeared before judges in Small Claims court who did ask questions about any part of the technical issues that they wanted to understand, and were even willing to revise some prior misconceptions. But all of them, even the open-minded ones, proceed by gathering information during the trial, and then in the conclusion, spell out their argument and their ruling (during which time you're not allowed to interrupt), which is then set in stone unless you appeal. I've never seen a judge say, "Here's the line of reasoning in my head right now, and my tentative conclusion. Is there anything in that chain of reasoning that you want to dispute, before I make it final? I am not promising to change my mind just because you disagree with something. But I will take it into account." This is essentially what scientists do when they submit their papers for peer review before publishing them, to minimize the chance of making an error. Judges could do the same thing -- if not formally, because they're not allowed to show opinions to third parties, then at least informally, by running their ideas past the experts assembled in their courtroom -- to reduce the chance of making a mistake. But have you ever heard of a judge doing that?

The Virginia judges probably did about as well as one could be expected to do, having learned all these technical terms only recently, and then withdrawing to their chambers to form an argument without any feedback from any technical experts. So, given the technical howlers that ended up in the ruling, the moral is that forming an argument in isolation from experts is probably not the right way to go about it.

Frequent Slashdot contributor Bennett Haselton writes "The Virginia Supreme Court has ruled that the state's anti-spam law, which prohibits the sending of bulk e-mail using falsified or forged headers, violates the First Amendment because it also applies to non-commercial political or religious speech. I agree that an anti-spam law should not outlaw anonymous non-commercial speech. But the decision contains statements about IP addresses, domain names, and anonymity that are rather basically wrong, and which may enable the state to win on appeal. The two basic errors are: concluding that anonymous speech on the Internet requires forged headers or other falsified information (and therefore that a ban on forged headers is an unconstitutional ban on anonymous speech), and assuming that use of forged headers actually does conceal the IP address that the message was sent from, which it does not." Click that magical little link below to read the rest of his story.
The first 20 pages of the decision, which are all about legal standing, jurisdiction, and overbreadth, made my eyes glaze over. I'm not analyzing those at all except to point out that on most of those issues, the lower court came to exactly the opposite conclusion from that of the Virginia Supreme Court, and there is no reason to think that the higher court is any more likely to be "correct" than the lower court (even granting the assumption that there is an objectively "correct" answer to these questions). Any time you feel intimidated by "experts," it's helpful to step back and ask whether the alleged experts even agree with each other.

Page 21 is where the technical stuff starts that we can tear apart directly. The decision says, in talking about the transmission of e-mail:

The IP address and domain name do not directly identify the sender, but if the IP address or domain name is acquired from a registering organization, a database search of the address or domain name can eventually lead to the contact information on file with the registration organizations. A sender's IP address or domain name which is not registered will not prevent the transmission of the e-mail; however, the identity of the sender may not be discoverable through a database search and use of registration contact information.

These are statements that are only true if you play some kind of parlor game to find a way to read them as "true," not statements that indicate the court knew what was going on. To review: IP addresses in the U.S. are generally allocated by ARIN in blocks to Internet service providers and Web hosting companies; these companies then lease the IP addresses to their customers. You can look up an IP address with ARIN to determine which ISP or hosting company has been assigned that particular block, but the ISP or hosting company generally won't tell you the identity of their customer who has leased it from them. And anybody can register a domain, but most domain registrars give you the option of registering the domain anonymously, so that only the registrar knows the owner's true identity. So the court's statement that a database search "can eventually lead" to contact information is correct only if you clarify that it "can" lead there, but it usually won't. As a finding of fact, this is 100% true, and about as useful as "Obama might win in November. Or he might not."

But it's impossible to defend what the court says next:

As shown by the record, because e-mail transmission protocol requires entry of an IP address and domain name for the sender, the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name. Therefore ... registered IP addresses and domain names discoverable through searchable data bases and registration documents "necessarily result[] in a surrender of [the speaker's] anonymity."

Now, there are two possible definitions of "anonymity" to consider: (1) you can be anonymous to the extent that ordinary citizens reading your content cannot determine your identity without a subpoena; or (2) you can be anonymous to the extent that even the government, armed with subpoenas and wiretaps, can never find out who you are. But under either interpretation of the word, the court's statement that "the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name," is wrong.

By default, almost all Internet users are already anonymous in the first sense, even without using forged headers or other tricks in their e-mails. When you send e-mail through your own Internet service provider's mail server, or when you log on to Hotmail and send messages from a Hotmail account, or when you lease a dedicated server from a Web hosting company and use it to send mails, the messages don't contain any more information about your true identity than you decide to put in them. Only the government could ordinarily discover your identity in those cases, by looking at the IP address that the message was sent from, and subpoenaing the Internet service provider or hosting company for the identity of the person using that IP address at that time.

But there are even ways to be anonymous in the second sense -- such that not even the government could identify you -- without resorting to forged e-mail headers. You can create Hotmail and Gmail accounts without giving the providers any of your true information. When you send messages through those services, they pass along the IP address that you used to connect to their Web sites, but you can obscure your IP address as well, by using an anonymizing proxy or a service like Tor.

Elsewhere in their decision, the court indicated that what they really wanted to protect was the right to send anonymous bulk e-mails that were political or otherwise non-commercial. But even by that standard, it's still possible to use Hotmail and Gmail together with an anonymizing proxy (the mail services do impose limits on how many messages each account can send in a day, but if you want to send bulk mails badly enough, you can always sign up for multiple accounts). And if you only care about staying beyond the reach of U.S. subpoena power, you can always sign up for a dedicated host overseas and send the bulk mails from there.

Apart from the court's misstatement that forged headers are the only way to publish anonymously in e-mail, there is the incorrect presumption that forged headers actually do afford anonymity in either of the senses given above. The court wrote, "[T]he only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name." But while it is possible to enter any domain you want in your return e-mail address when you send an e-mail, the court apparently didn't know what it was talking about when it referred to "entering a false IP address." You can't just "enter" any arbitrary IP address when sending an e-mail. If user@domain name.com receives an e-mail, the mail server at domain name.com has to receive the message over a connection made from some other machine, and the domain name.com mail server can always see the IP address of the machine on the other end of the connection. Normally, this machine on the other end would be the mail server of the sender's Internet service provider. Or if the sender has leased a dedicated machine at a hosting company, that dedicated machine would be the one connecting to the domain name.com mail server. Some desktop spamming programs let you turn your home computer into the sending mail server, so that it connects directly with the remote mail server to send the message. In all of these cases, the receiving mail server can see the IP address of the sending machine, so a government subpoena would usually be enough to determine the sender's identity. (I know you all know this, but I have delusions that some helpful clerk will print out this article and explain this to the judge.)

When spammers "enter" false IP addresses in sending mails, that usually means entering made-up IP addresses in headers that are sent along with the contents of the message. However, these would normally only have the effect of throwing someone off the trail who opened the message sent to user@domain name.com and was reading the headers manually. Perhaps they would see some random IP addresses scattered in the headers, would go to ARIN and look up the hosting company or ISP that those IP addresses were assigned to, and would mistakenly file a complaint with that company. But the domain name.com server can always see the true IP address that the message was received from, and for people who know how to read the headers properly, that IP address will be indicated in the headers as the address that connected to the domain name.com mail server to send the mail.

So the court's statement that "the only way such a speaker can publish an anonymous e-mail is to enter a false IP address or domain name" is doubly wrong: because it's easy to send e-mails anonymously without using forged headers, and because forged headers do not in fact provide the level of anonymity that the court said should be protected anyway. The only way to truly obscure your identity by hijacking a third-party IP address without permission, would be to hack into a third party's computer, by infecting a user's home computer with a Trojan horse for example, and using it to send mail. Presumably the court was not contemplating that such an activity should be considered legal, even as a means of sending political speech.

It would presumably be unconstitutional for an anti-spam law to prohibit anonymous political e-mails which attempted to hide the sender's identity -- that is after all what "anonymous" means! You couldn't pass a law outlawing Tor, for example. But the Virginia law doesn't apply to senders merely trying to hide their identity, it applies only to the use of computers "to falsify or forge electronic mail transmission information or other routing information in any manner in connection with the transmission of unsolicited bulk electronic mail" (emphasis added). There is a difference between obscuring one's identity (which Tor and anonymous remailers allow you to do), and actively trying to frame an existing third party by using forged headers to make the mail appear that it came from somewhere else, especially when sending bulk mail, which is likely to generate complaints whether it's commercial or not.

By contrast, the Washington anti-spam law prohibits any mail which "misrepresents or obscures" the origin of the message (emphasis added). This is broader and could be construed to include a wider range of things, such as the use of overseas IP addresses to send bulk mail on behalf of a U.S. company, or the use of anonymously registered domains to hide the sender's identity. It would probably be unconstitutional to prohibit these obscuring techniques for non-commercial anonymous e-mail, which is why the Washington law specifically applies only to commercial messages.

But here I'm getting into issues like constitutional law where different experts might disagree. The clear-cut technical fact is that, contrary to the court's ruling, forged e-mail headers do not provide true anonymity when sending mail, whereas there are other, legal, ways of sending mail that do make the sender truly anonymous.

What is frustrating about the court's misstatements about IP addresses, domain names, and anonymity, is that the judge is obviously intelligent and could have understood the concepts if they had been explained correctly to him. I held some misconceptions for a long time myself about domain names and IP addresses, because the first explanations I read were incomplete or wrong, or I didn't understand them. But the mistakes in the ruling would have been caught if the judge had just showed a draft to an Internet guru and said, "Hey, can you check if there's anything wrong here?" I know, I know, that's "just not done" (and there are probably formal rules in most states against showing a draft of a ruling to a third party before publishing it, even if the third party reviewer is sworn to secrecy, as they should be). But there's nothing stopping the judge from asking a technical expert during the trial, "It seems to me that the only way to publish anonymously on the Internet would be to use forged headers in e-mail. Can you tell me if that's right before I go too far down that line of reasoning?"

I've appeared before judges in Small Claims court who did ask questions about any part of the technical issues that they wanted to understand, and were even willing to revise some prior misconceptions. But all of them, even the open-minded ones, proceed by gathering information during the trial, and then in the conclusion, spell out their argument and their ruling (during which time you're not allowed to interrupt), which is then set in stone unless you appeal. I've never seen a judge say, "Here's the line of reasoning in my head right now, and my tentative conclusion. Is there anything in that chain of reasoning that you want to dispute, before I make it final? I am not promising to change my mind just because you disagree with something. But I will take it into account." This is essentially what scientists do when they submit their papers for peer review before publishing them, to minimize the chance of making an error. Judges could do the same thing -- if not formally, because they're not allowed to show opinions to third parties, then at least informally, by running their ideas past the experts assembled in their courtroom -- to reduce the chance of making a mistake. But have you ever heard of a judge doing that?

The Virginia judges probably did about as well as one could be expected to do, having learned all these technical terms only recently, and then withdrawing to their chambers to form an argument without any feedback from any technical experts. So, given the technical howlers that ended up in the ruling, the moral is that forming an argument in isolation from experts is probably not the right way to go about it.

goombah99 writes "Netcraft is showing that an event happened in the Ohio 2004 election that is difficult to explain. The Secretary of State's website, which handles election reporting, normally is directed to an Ohio-based IP address hosted by the Ohio Supercomputer Center. On Nov. 3 2004, Netcraft shows the website pointing out of state to a server owned by Smartech Corp. According to the American Registry on Internet Numbers, Smartech's block of IP addresses 64.203.96.0 – 64.203.111.255 encompasses the entire range of addresses owned by the Republican National Committee. Smartech hosted the recently notorious gbw43.com domain used from the White House in apparent violation of the Presidential Records Act, from which thousands of White House emails vanished." Update: 04/25 01:24 GMT by KD : ePluribus Media published a piece called Ken Blackwell Outsources Ohio Election Results to GOP Internet Operatives, Again on election eve 2006, when a similar DNS switch to Smartech occurred. They have been investigating the larger story of IT on Capitol Hill and elsewhere for two years.

Decius6i5 writes "ICANN is accepting public comments on its three whois privacy and accuracy working groups until July 5th. Some of the proposals from the third working group, on improving whois accuracy, have been described as hostile to internet users. The working group proposes that if DNS Whois registration data for a domain is inaccurate, the domain should be immediately placed on hold, and cancelled if the error is not corrected within 15 days. An article on Circle ID suggests that the DNS Whois system is not the best way to share contact information for networks, and that ICANN should focus its efforts on improving IP Address Whois instead. What do you think?"

Jeremy Kister writes "According to a post on the North American Network Operators Group mailing-list, The State of New Jersey has issued a temporary restraining order, allowing a former customer of Net Access Corporation (NAC) to take non-portable IP Address space (issued from ARIN), away from NAC." The post argues: "This is a matter is of great importance to the entire Internet community. This type of precedent is very dangerous. If this ruling is upheld it has the potential to disrupt routing throughout the Internet, and change practices of business for any Internet Service Provider."

Jeremy Kister writes "According to a post on the North American Network Operators Group mailing-list, The State of New Jersey has issued a temporary restraining order, allowing a former customer of Net Access Corporation (NAC) to take non-portable IP Address space (issued from ARIN), away from NAC." The post argues: "This is a matter is of great importance to the entire Internet community. This type of precedent is very dangerous. If this ruling is upheld it has the potential to disrupt routing throughout the Internet, and change practices of business for any Internet Service Provider."

jaredmauch writes "A number of networking providers who receive address space from ARIN have been having problems with their recent IP space allocations. This is a result of outdated filters that applied a few years ago during the boom time of the net, but have not been updated to reflect the current state of the network. Here is a paper that documents some of the problems this filtering is causing providers."

nwetters writes "It seems to have slipped under everyone's radar, but today LACNIC, the fourth regional internet registry, will assume control of all IPv4 and IPv6 addresses in Latin America and the Caribbean (mostly in the 200/8 network). I doubt whether many people will even realize it's haappened, and it's unlikely that arin will effectively lose control until they republish their database on 1 December."

possible writes: "ARIN has announced the last call for public comments on its proposed IPv6 address allocation policy. This last call for public comments will expire on 23:59 EDT August 03, 2001."

possible writes: "ARIN has announced the last call for public comments on its proposed IPv6 address allocation policy. This last call for public comments will expire on 23:59 EDT August 03, 2001."

possible writes: "ARIN has announced the last call for public comments on its proposed IPv6 address allocation policy. This last call for public comments will expire on 23:59 EDT August 03, 2001."

Incongruity writes: "ZDNet, in an interactive week article examines the progress towards acceptance of the IP version 6. The Japanese government has set a deadline for its information technology sectors to run on IPv6 by 2005. Other than that deadline set by the Japanese government, acceptance and implementation has, according to the article, been less than full steam ahead. This despite the fact that IPv6 have been available for allocation since mid-1999."

RedHat Rocky writes "ARIN has suspended their 'name-based web hosting policy', see details at their site." A lot of webhosts don't like virtual hosting, and apparently complained. Still, IPv6 is coming Real Soon Now, so hopefully there won't be any number shortages.

Mike writes: "ARIN (the guys who hand out IP addresses) has a policy change where they will no longer allocate IP addresses for IP-based virtual hosting. They are expecting everyone to move to name-based hosting now. ARIN is solicting comments to their public policy mailing list: ppml@arin.net. What do you guys think? Is name based virtual hosting ready for prime time?"

Mike writes: "ARIN (the guys who hand out IP addresses) has a policy change where they will no longer allocate IP addresses for IP-based virtual hosting. They are expecting everyone to move to name-based hosting now. ARIN is solicting comments to their public policy mailing list: ppml@arin.net. What do you guys think? Is name based virtual hosting ready for prime time?"

Mike writes: "ARIN (the guys who hand out IP addresses) has a policy change where they will no longer allocate IP addresses for IP-based virtual hosting. They are expecting everyone to move to name-based hosting now. ARIN is solicting comments to their public policy mailing list: ppml@arin.net. What do you guys think? Is name based virtual hosting ready for prime time?"