icann.org · Domains · Slashdot Mirror

Re:Well... by Dahan · 2015-06-25 06:01 · Score: 1 · on ICANN Seeks Comment On Limiting Anonymized Domain Registration

Actually, this happens all the time.

I have purchased ads from Google, and I have never been given their address. Google goes out of their way to make sure there is no way to find a human for technical support. Same goes for Steam, eBay, PayPal. Today companies give you a forum and expect the community to support themselves. It's almost impossible to find them unless they sell a physical product.

Well, maybe you weren't given their address, but Google certainly doesn't try to hide their address or make it difficult for people to find. You can even Google for "Google Headquarters". But more on the subject of what ICANN's doing, their contact info is listed in their whois record.

As for getting a human for technical support on ads: Start at www.google.com -> Advertising at the lower-left -> AdWords Help Center under Learning & Support at the bottom -> CONTACT US at the upper-right, followed by See local phone number. In the US, their number is 866-2GOOGLE, representatives available Monday to Friday, 9am to 8pm Eastern Time, in English and Spanish. Doesn't seem like they're "[going] out of their way to make sure there is no way to find a human for technical support"

Is MojoKid shilling for HotHardware allowed by /. by Aryeh+Goretsky · 2015-05-15 12:52 · Score: 5, Interesting · on A Look At GTA V PC Performance and Image Quality At 4K

Hello,

If one looks at MojoKid's submissions to Slashdot, one notes they exist exclusively of links to articles at HotHardware.Com, which according to the whois data, is registered to a Dave Altavilla of Mendon, MA.

Never to ActiveWin, Ars Technica, HardOCP, Neowin, TechReport, WinBeta or the scores of other web sites which discuss, review or "engage in coordinate PR disclosure" of technology news, but always to HotHardware, never anywhere else.

Are MojoKid and Mr. Altavilla the same person? And why is he (are they?) only posting links to Slashdot to HotHardware,a site which, coincidentally, seems to rely on links to partner.googleadservices.com, www.google-analytics.com/, cdn.taboola.com, tru.am and other advertising and privacy-invasive sites in order to monetize its page views. All these hostnames should be blocked in your hosts file before visiting any links to hothardware.com to ensure you are not being advertised to or tracked (which seem to be very similar, these days).

If MojoKid/Altavilla are going to use Slashdot to generate revenue for themselves, they should at least let Slashdot's management know and note in their submissions that they are sending Slashdotters to a site which they generate revenue from; to not do so is unethical and abusive of Slashdot.

And in case anyone wants to throw a stone at my glass house, I've submitted a grand total of one articles to Slashdot, and it mentioned a free service being offered through the auspices of the IEEE which not just my employer but dozens of our competitors were involved in. Not a single banner ad or privacy-invasive script to be had there at all.

Regards.

Aryeh Goretsky

Re:Seems fair by dissy · 2015-04-10 05:37 · Score: 1 · on ICANN Asks FTC To Rule On .sucks gTLD Rollout

I just keep adding these low-value (as in, user content) TLDs to blacklists, particularly for email. I'm sure I'm not the only sysadmin doing that

You are not the only one taking such a stance, however a couple years ago it became clear that a whitelist method will be far easier, quicker, and softer/fuzzier to your sanity.

There are currently 1300 active english gTLDs added and active in the past 16 months alone.
There are over 7000 unicode gTLDs for other languages and alphabets.
There is no end in sight for those numbers to stop rising.

http://newgtlds.icann.org/en/program-status/delegated-strings
http://money.cnn.com/infographic/technology/new-gtld-list/

Here at work I whitelist the following: .?? (aka two letter ccTLDs - though not really a safe assumption any longer) .com .net .org .edu .gov .mil .int .arpa - and for now .info

Be aware that along with .info were a few other restricted gTLDs in the initial batch that may be safe: .info .biz .name
(and I think .pro was restricted too, but I've never seen it used nor been asked to whitelist it here)

Ones I do not allow here, but others should be aware were in the same second-gen gTLD batch are: .pro .bank .aero .museum .mobi .post

Anything else came in the third-generation batch and should be blocked/ignored if you don't do international business (and in most cases, even if you do)

YMMV

Re:Seperate Domain Registrar from Hoster! by braindrainbahrain · 2015-03-18 05:06 · Score: 1 · on Ask Slashdot: Advice For Domain Name Registration?

Agreed! Domain Registration != Domain Hosting. If you ever wondered who owns the domain you have hosted somewhere, do a who is and find out who the domain is really registered to.

Re:Greedy bastards. by Solandri · 2015-02-28 09:36 · Score: 1 · on Google Taking Over New TLDs

Anyone know a good petition site we could place a petition on? Maybe try and collect some opposition signatures, get some tech media coverage and -gulp- resist?

You already missed your chance to give your opinion on generic TLDs. If you were opposed to them, you should've said something 3 years ago. Not that ICANN bothered listening with the prospect of millions of dollars of free revenue weighing down the other side of the scale.

Re:Why register amazonsucks.buy if its exclusive? by NotInHere · 2014-09-19 10:41 · Score: 1 · on Amazon Purchases .buy TLD For $4.6 Million

"BUY" seems to be a generic term to me.

http://newgtlds.icann.org/en/a...

http://en.wikipedia.org/wiki/....

Re:"Gave" by xdor · 2014-09-12 04:55 · Score: 1 · on U.S. Threatened Massive Fine To Force Yahoo To Release Data

I think this had to do with all traffic getting routed through the NSA servers. There was a minor indication of their co-opting of the the system back in 2012: http://blog.icann.org/2012/12/...

Actual ICANN document by Animats · 2014-08-17 15:56 · Score: 5, Informative · on ICANN Offers Fix For Domain Name Collisions

As usual, we have to go through two levels of blogs to get to the actual ICANN document. Which document you may find incomprehensible even if you know how DNS works.

Re:For those that don't know: by mysidia · 2014-07-20 08:10 · Score: 3, Informative · on Domain Registry of America Suspended By ICANN

Is that not disclosed in their Terms of Service or is it more like, "big boobs on TV so I didn't bother to read the agreement"?

Hi. Compliance with the accredited registrar policy is not optional; it is part of a signed agreement between the registrar and ICANN. ICANN posted an advisory clearly alerting registrars to their obligations: 1. Registrars are prohibited from denying a domain name transfer request based on non-payment of fees for pending or future registration periods during the Auto-Renew Grace Period; and 2. A registrant change to Whois information is not a valid basis for denying a transfer request.

GoDaddy adopted practices that were directly contrary to the ICANN policy.

It doesn't matter if GoDaddy disclosed it in the terms of service, the ICANN terms have priority: the practice was a violation of policies that accredited registrars have promised to adhere to, before being allowed to be accredited registrars, and before being able to maintain that status and any access to the registry database or the ability to be in the business of transferring or creating domain registrations.

Re:Black hole? by Anonymous Coward · 2014-07-17 00:44 · Score: 0 · on Sony Forgets To Pay For Domain, Hilarity Ensues

There's no law per se, but there is a recent ICANN requirement called "Whois Accuracy Data Specification". It requires registrars to contact the registrant and click an emailed link as validation that their whois info is correct. The domain can be suspended if the validation isn't done within 15 days.

The intent is good but the implementation is pretty mindboggling. They're expecting every owner of a domain name to check that the email sent to them is not a phishing attempt...how that's supposed to work reliably is anyone's guess.

WDRP has been in place since 2003. Hardly recent by internet time lines

Re:Black hole? by Narcocide · 2014-07-16 13:15 · Score: 1 · on Sony Forgets To Pay For Domain, Hilarity Ensues

1) Uh. No, there is no such law.
2) If there was such a law, it would not require the email address listed to be read by a human being.

REFUTED on both counts.

Re: Black hole? by Narcocide · 2014-07-16 13:13 · Score: 0 · on Sony Forgets To Pay For Domain, Hilarity Ensues

There is no law. Stop saying things to sound smart.

REFUTED
Stop contradicting things I say just to try to astro-turf over your own misbehavior.

Re:News? by Anonymous Coward · 2014-07-01 23:54 · Score: 0 · on Russia Moves From Summer Time To Standard Time

I'm a software developer, and dealing with unpredictable timezone changes is not fun. [...]

That's why you should never deal with dates/timezones yourself; use libraries and avoid lethal headaches. For instance, the good people taking care of tzdata are already working on it.

As someone who's been caught out let me tell you libraries are not bug free - even commercial ones in expensive enterprise operating systems. Governments update timezones arbitrarily. It's ridiculous. Change business hours in summer vs winter, not the fucking time of day. FUCK!

Re:News? by ptaff · 2014-07-01 15:16 · Score: 2 · on Russia Moves From Summer Time To Standard Time

I'm a software developer, and dealing with unpredictable timezone changes is not fun. [...]

That's why you should never deal with dates/timezones yourself; use libraries and avoid lethal headaches. For instance, the good people taking care of tzdata are already working on it.

Just refuse to pay the fee. by mysidia · 2014-04-05 05:16 · Score: 5, Informative · on British Domain Registrar Offers 'No Transfer Fees,' Charges Transfer Fee

It wasn't agreed to... so just transfer your domains out and refuse to pay.

A registrar cannot decline to transfer your domain due to refusal to pay or due to a dispute over payment.

The Registrar of Record must not refuse to release an "AuthInfo Code" to the Registered Name Holder solely because there is a dispute between the Registered Name Holder and the Registrar over payment. ....

Instances when the requested change of Registrar may not be denied include, but are not limited to: Nonpayment for a pending or future registration period
....
General payment defaults between Registrar and business partners / affiliates in cases where the Registered Name Holder for the domain in question has paid for the registration.
...

The Registrar of Record has other mechanisms available to collect payment from the Registered Name Holder that are independent from the Transfer process. Hence, in the event of a dispute over payment, the Registrar of Record must not employ transfer processes as a mechanism to secure payment for services from a Registered Name Holder.

Re:Misleading article. by RR · 2014-04-04 10:47 · Score: 1 · on TCP/IP Might Have Been Secure From the Start If Not For the NSA

Believe it or not, there are also some instances where cryptography is not needed, such as for purely publicly accessible information that can benefit from being cached, etc.

I don't think there is any instance where cryptography would not be useful, as long as privacy is an option. Most Internet communications are point-to-point, so caching should not be done in between. From an opsec point of view, it's less risky to use encryption for confidential information if you also use encryption for everything else, too.

Even for publicly cached data, you could use cryptography for authenticity instead of confidentiality. For example, DNSSEC is about proving the authenticity of DNS information, so your name resolver doesn't get fooled by DNS hijacking. Authenticity turns out to be useful even for completely mundane stuff.

Re:Internet should go where it should go by f()rK()_Bomb · 2014-03-14 22:33 · Score: 1 · on U.S. Aims To Give Up Control Over Internet Administration

The servers are already distributed all over the world. http://blog.icann.org/2007/11/...

Isnt it about time for reserved internal lan TLDs? by intangible · 2014-02-27 12:15 · Score: 1 · on ICANN Considers Using '127.0.53.53' To Tackle DNS Namespace Collisions

I wish ICANN would finally give us some real "reserved" internal TLDs, but we do have a few we can work with:
RFC 2606 https://tools.ietf.org/html/rf...
test, example, invalid, localhost
"gTLD Applicant Guidebook", Section 2.2.1.2.1 "Reserved Names" http://newgtlds.icann.org/en/a...
afrinic, iana-servers, nro, alac, icann,
rfc-editor, apnic, iesg, ripe, arin, ietf,
root-servers, aso, internic, rssac, ccnso,
invalid, ssac, example*, irtf, test*, gac,
istf, tld, gnso, lacnic, whois, gtld-servers,
local, www, iab, localhost, iana, nic

Most of those aren't really suitable for internal network names except perhaps "tld" and "local" but we can't use "local" because of multicast dns... but that RFC does reference some other names we're PROBABLY safe to use:
RFC 6762 http://tools.ietf.org/html/rfc...
intranet, internal, private, corp, home, lan

It'd be great if we could just get the alternate example domains from RFC 6762 explicitly reserved.

Re:hacky by skids · 2014-02-27 03:35 · Score: 3, Informative · on ICANN Considers Using '127.0.53.53' To Tackle DNS Namespace Collisions

Good summary. FWIW, People were using e.g. ".site" for local domain
for a long time. It was in the only draft RFC that addressed the issue,
and lacking any approved RFC people tend to follow the drafts. It was
noted on Wikipedia and many forums as to be used for this
purpose and along with some other TLDs had become a de-facto standard.
Then draft-ietf-dnsind-test-tlds-08 came along and removed it. Reserved
domains names continued to disappear from this draft document until they
were nearly all gone by the time RFC2606 was certified.

Then they started accepting and seriously considering applications for .site as a TLD and it looks like they are set to approve it. Boneheads.
So yes, in addition to unqualified names, there will be lots of problems with
software and configuration written when several TLDs were presumed safe.

RFC2606/RFC6761 have proper domains to use for test setups and documentation.
Unless/until they get suddenly ammended, which at this point, I wouldn't want
to wager on.

Paul Vixie explained this... by davecb · 2014-02-11 01:57 · Score: 1 · on DDoS Larger Than the Spamhaus Attack Strikes US and Europe

See right here, at http://tech.slashdot.org/story...

Specifically, he noted that in http://archive.icann.org/en/co... that it's a simple task to check outbound packets and drop them if the return address is for someone else.

The open question is ISP motivations: I used to work for Canada's first big ISP, and my management would have freaked out if they thought they were frivolously enabling a DDOS attack. See the queue article and comments for more info.

Re:My list by psyclone · 2014-02-03 13:10 · Score: 1 · on First New Generic Top Level Domains Opening

Multiple applicants applied for .dot

Google: https://gtldresult.icann.org/a...
Dish: https://gtldresult.icann.org/a...

Re:My list by psyclone · 2014-02-03 13:10 · Score: 1 · on First New Generic Top Level Domains Opening

Multiple applicants applied for .dot

Google: https://gtldresult.icann.org/a...
Dish: https://gtldresult.icann.org/a...

Re:popcorn at 11 by dissy · 2014-02-02 01:15 · Score: 2 · on First New Generic Top Level Domains Opening

Excluding all ccTLDs, the original gTLDs are: .arpa .com .net .org .gov .edu .mil and .int
The first expansion added: .aero .asia .biz .cat .coop .info .jobs .me .mobi .museum .name .pro .tel and .travel.

Then ICANN opened this new gTLD program. The listing of new gTLDs approved are here

I had the idea to use it for pre-blacklisting each and every one in my mail and web filters, but opted instead to go with a whitelisting approach hoping for easier maintenance (Thus the easy copy/pasting of the list at the top - sorry, I don't have link references anymore)

The applicant status page makes for better comedy however, as it lists the existing company name that requested the new top-level instead of the fake company name setup to handle domain registrations. (Currently the english TLDs start at page 4)

Most make sense from the twisted world view of trademark holders, but some are true WTF moments...

Amazon for example requested some obvious ones like .amazon , .buy , and .cloud
But they also have some strange requests like .bot, .fire , .silk , and .pin

Amazon requested a whole 76 TLDs, Google requested 102, Microsoft only 11, and surprisingly Apple only requested .apple

ICANN bitched and moaned about not wanting to create .XXX for like 10 years, but they have already approved and delegated things like .dating , .sexy , and .singles

Also interesting is they already approved and delegated .democrat but have yet to even just approved .gop

Filtering on similarities shows .app has 14 requests, .art .bay .home have 10, and even 5 requests for the .tld tld :P

A whole 6 pages worth of results have objections linked to them, which sounds promising except there are 56 pages total :/

Sadly there is way too much money involved for much success of a massive grass-roots preemptive blocking and agreement to not allow such TLDs to resolve.
But I have no qualms about doing so and only white listing individual and specific domains if any of our customers or vendors go the retarded route of making their primary email or websites use one of these.

I'd give our non-english speaking friends a break, because despite the great technical problems involved at least they have a valid reason wanting a TLD in their native language.
Beyond that however, the rest so far look like money grubbing land grabs, stupid branding, or obvious scamming/spammer havens.